GET payannualset.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
302 Found 10 kB URL
payannualset.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP / ASN
104.21.80.1
#13335 CLOUDFLARENET
Requested by https://payannualset.xyz/f45rtfr54456643w3hhyt#infoyvr@slurpmail.net
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5605996
Size 10 kB (10032 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject payannualset.xyz
Fingerprint 2B:0F:55:0E:9B:0A:47:D1:81:6D:52:69:D0:A6:10:31:4C:E5:AE:3E
Validity Mon, 21 Jul 2025 11:00:55 GMT - Sun, 19 Oct 2025 11:59:27 GMT
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: payannualset.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: KAMZsHtGP4wHWhRelnp447c0UvE=6zXfbKfp24IVMX2BcyqIiQyxlQY; el8Agk4V6rUDGedxIqXQTirApUA=1753219570; 5KDdKMV0p-I72NpzXhHD1pA2J_k=1753305970; yEm6AwHnzE7j3o_0dHmyzyJN_XU=tb6KsxDMvBsSGTgIA3MfBGxkeq8; HDhPYuIhAC52UyZoYG_hZ4yFus4=lkLPZiL_UVgRTxwDers97UXe5XU; naEJurpQDJvyFqt9Jp1gsLSgME0=LwzgqdY6wFFHjwBlNyVbmCZBrVw; QHHRtAKdal_uTN551W7tRMnRliU=1753219583; 9QXP_D-Yfj34P9KkjmAxeU8RFTo=1753305983; cvUDUKRfuL3KTAMoUzQFT2twWcQ=xt7E7QG4V83SmiDcV314g80XciY; RRczXWMCWpYgMDM7M9iHemAesSw=UBaxlkhfQRW1JE15Rmfjz_WpG0c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Tue, 22 Jul 2025 21:26:28 GMT
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wjED54DGAQT%2Fhz%2Ffr2QjqLQK%2FEcPCcuLzoOrsX8%2FwudOxW8Ru%2B4QHWgmlef9qG2Suv3BBV9u7BnaQksK846Nko5zyfo8qtBdzfWzdWOpTncCYkKm5dS9e3sYiiMfib2aXpfA"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8359bcf47b68/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
cf-ray: 9636043c4dba7127-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5271&min_rtt=647&rtt_var=5827&sent=68&recv=87&lost=0&retrans=0&sent_bytes=9880&recv_bytes=7016&delivery_rate=424217&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20068&unsent_bytes=0&cid=4d01c0bf4f378e8a&ts=1013&inflight_dur=54&x=40"
GET payannualset.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/8359bcf47b68/main.js?
200 OK 10 kB URL
payannualset.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/8359bcf47b68/main.js?
IP / ASN
104.21.80.1
#13335 CLOUDFLARENET
Requested by https://payannualset.xyz/f45rtfr54456643w3hhyt#infoyvr@slurpmail.net
Resource Info
File type JavaScript source, ASCII text, with very long lines (10032), with no line terminators
First Seen 2025-07-22
Last Seen 2025-07-22
Times Seen 1
Size 10 kB (10032 bytes)
MD5 ae167001eb3de193d555952953365f36
SHA1 c65d19c8f5840a91cc637bdc30d1abedfc4ab69e
SHA256 9575c0cc500f38a1c681ab01efc5876471a229367749eef19c8f182929250c89
Certificate Info
Issuer Google Trust Services
Subject payannualset.xyz
Fingerprint 2B:0F:55:0E:9B:0A:47:D1:81:6D:52:69:D0:A6:10:31:4C:E5:AE:3E
Validity Mon, 21 Jul 2025 11:00:55 GMT - Sun, 19 Oct 2025 11:59:27 GMT
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/8359bcf47b68/main.js? HTTP/1.1
Host: payannualset.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: KAMZsHtGP4wHWhRelnp447c0UvE=6zXfbKfp24IVMX2BcyqIiQyxlQY; el8Agk4V6rUDGedxIqXQTirApUA=1753219570; 5KDdKMV0p-I72NpzXhHD1pA2J_k=1753305970; yEm6AwHnzE7j3o_0dHmyzyJN_XU=tb6KsxDMvBsSGTgIA3MfBGxkeq8; HDhPYuIhAC52UyZoYG_hZ4yFus4=lkLPZiL_UVgRTxwDers97UXe5XU; naEJurpQDJvyFqt9Jp1gsLSgME0=LwzgqdY6wFFHjwBlNyVbmCZBrVw; QHHRtAKdal_uTN551W7tRMnRliU=1753219583; 9QXP_D-Yfj34P9KkjmAxeU8RFTo=1753305983; cvUDUKRfuL3KTAMoUzQFT2twWcQ=xt7E7QG4V83SmiDcV314g80XciY; RRczXWMCWpYgMDM7M9iHemAesSw=UBaxlkhfQRW1JE15Rmfjz_WpG0c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 22 Jul 2025 21:26:28 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dsD7SaK1S937Kb%2FcPA5xtk2RF%2BeYnyI2xZpWOyekyXpPCY%2FnmBGjShpM%2BJ1C5syllGPoq6Kqriq%2BW97BpUF4HqY0eUUOCHY7VgiSZsG0U%2BRjMe7yXWYOhEPpOcX3dY9Yah45"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
content-encoding: br
cf-ray: 9636043c6dbb7127-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5271&min_rtt=647&rtt_var=5827&sent=70&recv=88&lost=0&retrans=0&sent_bytes=10607&recv_bytes=7693&delivery_rate=424217&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=20068&unsent_bytes=0&cid=4d01c0bf4f378e8a&ts=1031&inflight_dur=54&x=40"
GET payrollreceiving.ju.mp/?/aW5mb3l2ckBzbHVycG1haWwubmV0
200 OK 16 kB URL
payrollreceiving.ju.mp/?/aW5mb3l2ckBzbHVycG1haWwubmV0
IP / ASN
172.64.155.41
#13335 CLOUDFLARENET
Resource Info
File type HTML document, ASCII text, with very long lines (8127)
First Seen 2025-07-22
Last Seen 2025-07-22
Times Seen 8
Size 16 kB (16106 bytes)
MD5 b1d197e6e52519ed5cfa7eba38b5a388
SHA1 f2a657cacb30972982bacddd46a60a04f5de427b
SHA256 27104aa771e7c7215fcb86c11a724fa815afbb8d7b5c9f2e455b17038f8dad6b
Certificate Info
Issuer Google Trust Services
Subject ju.mp
Fingerprint 41:E6:37:F9:0A:ED:A9:39:A9:D1:D9:CB:46:12:54:70:13:CA:C7:4D
Validity Tue, 01 Jul 2025 12:56:08 GMT - Mon, 29 Sep 2025 13:55:45 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /?/aW5mb3l2ckBzbHVycG1haWwubmV0 HTTP/1.1
Host: payrollreceiving.ju.mp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 22 Jul 2025 21:26:26 GMT
content-type: text/html
last-modified: Tue, 22 Jul 2025 18:25:41 GMT
cache-control: max-age=0
expires: Tue, 22 Jul 2025 21:26:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9636042b0fd956ab-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
GET payannualset.xyz/f45rtfr54456643w3hhyt#infoyvr@slurpmail.net
503 Service Unavailable 34 kB URL
payannualset.xyz/f45rtfr54456643w3hhyt#infoyvr@slurpmail.net
IP / ASN
104.21.80.1
#13335 CLOUDFLARENET
Resource Info
File type HTML document, ASCII text, with very long lines (33564)
First Seen 2025-07-22
Last Seen 2025-07-22
Times Seen 1
Size 34 kB (33944 bytes)
MD5 b119b5b182112ad2e260bf83f430238f
SHA1 692eec5eb1ca406e7e69ed930cc8453061ca340f
SHA256 61e31276d1659d0d65fc756110330c75aa97a78c03ea3c2a5e464e532a8643de
Certificate Info
Issuer Google Trust Services
Subject payannualset.xyz
Fingerprint 2B:0F:55:0E:9B:0A:47:D1:81:6D:52:69:D0:A6:10:31:4C:E5:AE:3E
Validity Mon, 21 Jul 2025 11:00:55 GMT - Sun, 19 Oct 2025 11:59:27 GMT
GET /f45rtfr54456643w3hhyt HTTP/1.1
Host: payannualset.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payrollreceiving.ju.mp/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 503 Service Unavailable
date: Tue, 22 Jul 2025 21:26:26 GMT
content-type: text/html; charset=utf-8
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block, 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=sWtF3MnseLPF%2FFPzxX3nFSiiFZFWEFf1E54vI0rdHfGQyJcQNKdGhivTKzx%2F9WbZpwp6d2MLm%2Bn1c6sbH4I6y3ggRQHooPUSJMkPst0%2B"}]}
server: cloudflare
set-cookie: KAMZsHtGP4wHWhRelnp447c0UvE=6zXfbKfp24IVMX2BcyqIiQyxlQY; Path=/; Max-Age=86400; Expires=Wed, 23 Jul 2025 21:26:10 GMT
el8Agk4V6rUDGedxIqXQTirApUA=1753219570; Path=/; Max-Age=86400; Expires=Wed, 23 Jul 2025 21:26:10 GMT
5KDdKMV0p-I72NpzXhHD1pA2J_k=1753305970; Path=/; Max-Age=86400; Expires=Wed, 23 Jul 2025 21:26:10 GMT
yEm6AwHnzE7j3o_0dHmyzyJN_XU=tb6KsxDMvBsSGTgIA3MfBGxkeq8; Path=/; Max-Age=86400; Expires=Wed, 23 Jul 2025 21:26:10 GMT
cf-ray: 9636042ef8f70b06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET payannualset.xyz/favicon.ico
403 Forbidden 146 B URL
payannualset.xyz/favicon.ico
IP / ASN
104.21.80.1
#13335 CLOUDFLARENET
Requested by https://payannualset.xyz/f45rtfr54456643w3hhyt#infoyvr@slurpmail.net
Resource Info
File type HTML document, ASCII text, with CRLF line terminators
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 15567
Size 146 B (146 bytes)
MD5 9fe3cb2b7313dc79bb477bc8fde184a7
SHA1 4d7b3cb41e90618358d0ee066c45c76227a13747
SHA256 32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864
Certificate Info
Issuer Google Trust Services
Subject payannualset.xyz
Fingerprint 2B:0F:55:0E:9B:0A:47:D1:81:6D:52:69:D0:A6:10:31:4C:E5:AE:3E
Validity Mon, 21 Jul 2025 11:00:55 GMT - Sun, 19 Oct 2025 11:59:27 GMT
GET /favicon.ico HTTP/1.1
Host: payannualset.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payannualset.xyz/f45rtfr54456643w3hhyt
Cookie: KAMZsHtGP4wHWhRelnp447c0UvE=6zXfbKfp24IVMX2BcyqIiQyxlQY; el8Agk4V6rUDGedxIqXQTirApUA=1753219570; 5KDdKMV0p-I72NpzXhHD1pA2J_k=1753305970; yEm6AwHnzE7j3o_0dHmyzyJN_XU=tb6KsxDMvBsSGTgIA3MfBGxkeq8; HDhPYuIhAC52UyZoYG_hZ4yFus4=lkLPZiL_UVgRTxwDers97UXe5XU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 22 Jul 2025 21:26:27 GMT
content-type: text/html
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
pragma: public
age: 1144
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WPhchWA9HnEgrBN3pWwgkibNRdGVKxzFXjp8I89fk2IQP8B0L%2BILtnaU5suPg%2FVYBxFo1UyYD9LW87yJvxG9Fvl8qSpJE0xviUZQ%2B4Gv"}]}
content-encoding: br
server: cloudflare
cf-ray: 96360435b8430b06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST payannualset.xyz/f45rtfr54456643w3hhyt
204 No Content 0 B URL
payannualset.xyz/f45rtfr54456643w3hhyt
IP / ASN
104.21.80.1
#13335 CLOUDFLARENET
Requested by https://payannualset.xyz/f45rtfr54456643w3hhyt#infoyvr@slurpmail.net
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5605996
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject payannualset.xyz
Fingerprint 2B:0F:55:0E:9B:0A:47:D1:81:6D:52:69:D0:A6:10:31:4C:E5:AE:3E
Validity Mon, 21 Jul 2025 11:00:55 GMT - Sun, 19 Oct 2025 11:59:27 GMT
POST /f45rtfr54456643w3hhyt HTTP/1.1
Host: payannualset.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
WyBDV8tYnB2tZegEYqKSEyTOwk: 41322746
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp:
X-Requested-TimeStamp-Expire:
X-Requested-TimeStamp-Combination:
X-Requested-Type: GET
X-Requested-Type-Combination: GET
CKhnRcAX3sTav5VjwwisyCWEXDk: -T2LV9LHIP5bod4txoOrCzhhWzI
Content-type: application/x-www-form-urlencoded
Content-Length: 22
Origin: https://payannualset.xyz
DNT: 1
Connection: keep-alive
Referer: https://payannualset.xyz/f45rtfr54456643w3hhyt
Cookie: KAMZsHtGP4wHWhRelnp447c0UvE=6zXfbKfp24IVMX2BcyqIiQyxlQY; el8Agk4V6rUDGedxIqXQTirApUA=1753219570; 5KDdKMV0p-I72NpzXhHD1pA2J_k=1753305970; yEm6AwHnzE7j3o_0dHmyzyJN_XU=tb6KsxDMvBsSGTgIA3MfBGxkeq8; HDhPYuIhAC52UyZoYG_hZ4yFus4=lkLPZiL_UVgRTxwDers97UXe5XU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Tue, 22 Jul 2025 21:26:28 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block, 1; mode=block
x-frame-options: SAMEORIGIN
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
x-robots-tag: noindex, nofollow
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jwh%2BGppplvgarOJhnqmEPeX5phep8rlRxvs%2BnHvAVD%2F018NipX4TL1FSZwDDrk5Zgsvf50WG38ckTlrTkCglEnFtcu8X8orBONyuodUF"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
set-cookie: naEJurpQDJvyFqt9Jp1gsLSgME0=LwzgqdY6wFFHjwBlNyVbmCZBrVw; Path=/; Max-Age=86400; Expires=Wed, 23 Jul 2025 21:26:23 GMT
QHHRtAKdal_uTN551W7tRMnRliU=1753219583; Path=/; Max-Age=86400; Expires=Wed, 23 Jul 2025 21:26:23 GMT
9QXP_D-Yfj34P9KkjmAxeU8RFTo=1753305983; Path=/; Max-Age=86400; Expires=Wed, 23 Jul 2025 21:26:23 GMT
cvUDUKRfuL3KTAMoUzQFT2twWcQ=xt7E7QG4V83SmiDcV314g80XciY; Path=/; Max-Age=86400; Expires=Wed, 23 Jul 2025 21:26:23 GMT
RRczXWMCWpYgMDM7M9iHemAesSw=UBaxlkhfQRW1JE15Rmfjz_WpG0c; Path=/; Max-Age=86400; Expires=Wed, 23 Jul 2025 21:26:23 GMT
cf-ray: 96360436088e0b06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.googleadservices.com/pagead/aclk?sa=L&ai=CyRiOTwJjZd7nMb2koPMPsuCUmAqyyKOtdLOe-7_dEc6Focr2ARABIIaPgAJgt4SAgPQwoAGCjIGJKcgBBqkCtPCaCrOWbD6oAwGqBO0BT9B7t6l6CqJDxrd8YVByT7tc2dsV0TqfJ1_GykBgeYiahFHhxxgW3wTURhgL-tAQtJY2FRhOBpyxZv0ADKWztmv7dbGm3em3Z0E708ZruC5b62KNfytYSZVfKb1Tf5O68tyRsd3arsovNTWRthdXLEreCI9OJUgh4sSaQ8RvY71psPrqnEHVohd-GtDHRkq5IIHaLoiMLwFyo4etBYyOIkSxZBC4-0B2hewVQOWMW5i7laQ7T5rdop7fZeY2p_ADv9R55EmqFewee7yzCdWhaqNxk-08B0OpOioZ75BYTbdjKHV6hL9kK_YNgQwLwAT06-Hb2QSIBe75g7RMkAYBoAY32AYCgAeCxNHoA4gHAZAHAqgH2baxAqgH4p6xAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAf0mbECqAfmmrECqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAItOipBKgIAbAIArgIAdIIHAiAgICABBACGEIyAoAEOge_8YCAgIBESLfmvyGxCcoaOoGdkD0qgAoTmAsByAsF0AstgAwBogwUKhIKEOS0sQLutbECtbixAru7sQLSDAIIAegMCZoNAS2qDQJOR8gNAdgTDIIUERoPbWFpbC5nb29nbGUuY29tqBUH0BUBmBYB-BYBgBcBuhcCEAE&gclid=CjwKCAiA9ourBhAVEiwA3L5RFgn7euqyDdZN4GkkyO2LQmDf013OYVzEBgezrsfATdCpsszHFoawIRoCmkMQAvD_BwE&cit=CkUKCQiA9ourBhDRARI0AAqinVblpJcV6hFdI6WOA2AnhGqpxF80GubQcgDQWzv_iw9RxvXDM10y5brpKyPNYPjmTBoCGw_w_wcB&num=1&cid=CAQSIgDICaaNNWlrFPVRVO5FNn8zxEPkVnKT9wxodEhzrNIxD5oYAQ&sig=AOD64_23cH0DCJLByH5G6DznpTBH4lKXmw&client=ca-gmail&label=gmail_message_ad_external_click&adurl=https://payrollreceiving.ju.mp?/aW5mb3l2ckBzbHVycG1haWwubmV0
302 Found 16 kB URL
www.googleadservices.com/pagead/aclk?sa=L&ai=CyRiOTwJjZd7nMb2koPMPsuCUmAqyyKOtdLOe-7_dEc6Focr2ARABIIaPgAJgt4SAgPQwoAGCjIGJKcgBBqkCtPCaCrOWbD6oAwGqBO0BT9B7t6l6CqJDxrd8YVByT7tc2dsV0TqfJ1_GykBgeYiahFHhxxgW3wTURhgL-tAQtJY2FRhOBpyxZv0ADKWztmv7dbGm3em3Z0E708ZruC5b62KNfytYSZVfKb1Tf5O68tyRsd3arsovNTWRthdXLEreCI9OJUgh4sSaQ8RvY71psPrqnEHVohd-GtDHRkq5IIHaLoiMLwFyo4etBYyOIkSxZBC4-0B2hewVQOWMW5i7laQ7T5rdop7fZeY2p_ADv9R55EmqFewee7yzCdWhaqNxk-08B0OpOioZ75BYTbdjKHV6hL9kK_YNgQwLwAT06-Hb2QSIBe75g7RMkAYBoAY32AYCgAeCxNHoA4gHAZAHAqgH2baxAqgH4p6xAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAf0mbECqAfmmrECqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAItOipBKgIAbAIArgIAdIIHAiAgICABBACGEIyAoAEOge_8YCAgIBESLfmvyGxCcoaOoGdkD0qgAoTmAsByAsF0AstgAwBogwUKhIKEOS0sQLutbECtbixAru7sQLSDAIIAegMCZoNAS2qDQJOR8gNAdgTDIIUERoPbWFpbC5nb29nbGUuY29tqBUH0BUBmBYB-BYBgBcBuhcCEAE&gclid=CjwKCAiA9ourBhAVEiwA3L5RFgn7euqyDdZN4GkkyO2LQmDf013OYVzEBgezrsfATdCpsszHFoawIRoCmkMQAvD_BwE&cit=CkUKCQiA9ourBhDRARI0AAqinVblpJcV6hFdI6WOA2AnhGqpxF80GubQcgDQWzv_iw9RxvXDM10y5brpKyPNYPjmTBoCGw_w_wcB&num=1&cid=CAQSIgDICaaNNWlrFPVRVO5FNn8zxEPkVnKT9wxodEhzrNIxD5oYAQ&sig=AOD64_23cH0DCJLByH5G6DznpTBH4lKXmw&client=ca-gmail&label=gmail_message_ad_external_click&adurl=https://payrollreceiving.ju.mp?/aW5mb3l2ckBzbHVycG1haWwubmV0
IP / ASN
142.250.74.66
#15169 GOOGLE
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5605996
Size 16 kB (16106 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject www.googleadservices.com
Fingerprint ED:D3:1D:1D:FA:F4:BE:6B:C8:FD:F3:33:88:71:B7:8B:B9:FE:19:3F
Validity Mon, 23 Jun 2025 08:41:48 GMT - Mon, 15 Sep 2025 08:41:47 GMT
GET /pagead/aclk?sa=L&ai=CyRiOTwJjZd7nMb2koPMPsuCUmAqyyKOtdLOe-7_dEc6Focr2ARABIIaPgAJgt4SAgPQwoAGCjIGJKcgBBqkCtPCaCrOWbD6oAwGqBO0BT9B7t6l6CqJDxrd8YVByT7tc2dsV0TqfJ1_GykBgeYiahFHhxxgW3wTURhgL-tAQtJY2FRhOBpyxZv0ADKWztmv7dbGm3em3Z0E708ZruC5b62KNfytYSZVfKb1Tf5O68tyRsd3arsovNTWRthdXLEreCI9OJUgh4sSaQ8RvY71psPrqnEHVohd-GtDHRkq5IIHaLoiMLwFyo4etBYyOIkSxZBC4-0B2hewVQOWMW5i7laQ7T5rdop7fZeY2p_ADv9R55EmqFewee7yzCdWhaqNxk-08B0OpOioZ75BYTbdjKHV6hL9kK_YNgQwLwAT06-Hb2QSIBe75g7RMkAYBoAY32AYCgAeCxNHoA4gHAZAHAqgH2baxAqgH4p6xAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAf0mbECqAfmmrECqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHAKAItOipBKgIAbAIArgIAdIIHAiAgICABBACGEIyAoAEOge_8YCAgIBESLfmvyGxCcoaOoGdkD0qgAoTmAsByAsF0AstgAwBogwUKhIKEOS0sQLutbECtbixAru7sQLSDAIIAegMCZoNAS2qDQJOR8gNAdgTDIIUERoPbWFpbC5nb29nbGUuY29tqBUH0BUBmBYB-BYBgBcBuhcCEAE&gclid=CjwKCAiA9ourBhAVEiwA3L5RFgn7euqyDdZN4GkkyO2LQmDf013OYVzEBgezrsfATdCpsszHFoawIRoCmkMQAvD_BwE&cit=CkUKCQiA9ourBhDRARI0AAqinVblpJcV6hFdI6WOA2AnhGqpxF80GubQcgDQWzv_iw9RxvXDM10y5brpKyPNYPjmTBoCGw_w_wcB&num=1&cid=CAQSIgDICaaNNWlrFPVRVO5FNn8zxEPkVnKT9wxodEhzrNIxD5oYAQ&sig=AOD64_23cH0DCJLByH5G6DznpTBH4lKXmw&client=ca-gmail&label=gmail_message_ad_external_click&adurl=https://payrollreceiving.ju.mp?/aW5mb3l2ckBzbHVycG1haWwubmV0 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
p3p: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 22 Jul 2025 21:26:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
location: https://payrollreceiving.ju.mp?/aW5mb3l2ckBzbHVycG1haWwubmV0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: adclick_server
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET payannualset.xyz/f45rtfr54456643w3hhyt#infoyvr@slurpmail.net
403 Forbidden 1.1 kB URL
payannualset.xyz/f45rtfr54456643w3hhyt#infoyvr@slurpmail.net
IP / ASN
104.21.80.1
#13335 CLOUDFLARENET
Resource Info
File type HTML document, ASCII text, with very long lines (945), with CRLF line terminators
First Seen 2025-07-22
Last Seen 2025-07-22
Times Seen 1
Size 1.1 kB (1084 bytes)
MD5 798d3f49aa8d143f316e82fc7da620de
SHA1 6bed0d3024027d7ac9025b664ce49d6e1ca9dcef
SHA256 b1c36f8afb4ec6ef0871a47d62128f76db088dc3e365c511569a371a49955caf
Certificate Info
Issuer Google Trust Services
Subject payannualset.xyz
Fingerprint 2B:0F:55:0E:9B:0A:47:D1:81:6D:52:69:D0:A6:10:31:4C:E5:AE:3E
Validity Mon, 21 Jul 2025 11:00:55 GMT - Sun, 19 Oct 2025 11:59:27 GMT
GET /f45rtfr54456643w3hhyt HTTP/1.1
Host: payannualset.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://payrollreceiving.ju.mp/
DNT: 1
Connection: keep-alive
Cookie: KAMZsHtGP4wHWhRelnp447c0UvE=6zXfbKfp24IVMX2BcyqIiQyxlQY; el8Agk4V6rUDGedxIqXQTirApUA=1753219570; 5KDdKMV0p-I72NpzXhHD1pA2J_k=1753305970; yEm6AwHnzE7j3o_0dHmyzyJN_XU=tb6KsxDMvBsSGTgIA3MfBGxkeq8; HDhPYuIhAC52UyZoYG_hZ4yFus4=lkLPZiL_UVgRTxwDers97UXe5XU; naEJurpQDJvyFqt9Jp1gsLSgME0=LwzgqdY6wFFHjwBlNyVbmCZBrVw; QHHRtAKdal_uTN551W7tRMnRliU=1753219583; 9QXP_D-Yfj34P9KkjmAxeU8RFTo=1753305983; cvUDUKRfuL3KTAMoUzQFT2twWcQ=xt7E7QG4V83SmiDcV314g80XciY; RRczXWMCWpYgMDM7M9iHemAesSw=UBaxlkhfQRW1JE15Rmfjz_WpG0c
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Tue, 22 Jul 2025 21:26:28 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bk9nDPA1ZU5qL%2FqJAlgPd3v8vhJX%2Bzp%2BI1Aq0VevqtEsekXL%2BQwSL7zujpR0bOHBQvY%2BPz1QyMD4Cylj10DkT3%2FZKTSTs%2FoR0LNk9l7cPfey4cp1NrIMN5jdmY5ZeI%2FlRj4a"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 96360439bdab7127-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6570&min_rtt=647&rtt_var=6338&sent=63&recv=83&lost=0&retrans=0&sent_bytes=7834&recv_bytes=5556&delivery_rate=424217&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=18074&unsent_bytes=0&cid=4d01c0bf4f378e8a&ts=911&inflight_dur=31&x=40"
GET payannualset.xyz/favicon.ico
403 Forbidden 146 B URL
payannualset.xyz/favicon.ico
IP / ASN
104.21.80.1
#13335 CLOUDFLARENET
Requested by https://payannualset.xyz/f45rtfr54456643w3hhyt#infoyvr@slurpmail.net
Resource Info
File type HTML document, ASCII text, with CRLF line terminators
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 15567
Size 146 B (146 bytes)
MD5 9fe3cb2b7313dc79bb477bc8fde184a7
SHA1 4d7b3cb41e90618358d0ee066c45c76227a13747
SHA256 32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864
Certificate Info
Issuer Google Trust Services
Subject payannualset.xyz
Fingerprint 2B:0F:55:0E:9B:0A:47:D1:81:6D:52:69:D0:A6:10:31:4C:E5:AE:3E
Validity Mon, 21 Jul 2025 11:00:55 GMT - Sun, 19 Oct 2025 11:59:27 GMT
GET /favicon.ico HTTP/1.1
Host: payannualset.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payannualset.xyz/f45rtfr54456643w3hhyt
Cookie: KAMZsHtGP4wHWhRelnp447c0UvE=6zXfbKfp24IVMX2BcyqIiQyxlQY; el8Agk4V6rUDGedxIqXQTirApUA=1753219570; 5KDdKMV0p-I72NpzXhHD1pA2J_k=1753305970; yEm6AwHnzE7j3o_0dHmyzyJN_XU=tb6KsxDMvBsSGTgIA3MfBGxkeq8; HDhPYuIhAC52UyZoYG_hZ4yFus4=lkLPZiL_UVgRTxwDers97UXe5XU; naEJurpQDJvyFqt9Jp1gsLSgME0=LwzgqdY6wFFHjwBlNyVbmCZBrVw; QHHRtAKdal_uTN551W7tRMnRliU=1753219583; 9QXP_D-Yfj34P9KkjmAxeU8RFTo=1753305983; cvUDUKRfuL3KTAMoUzQFT2twWcQ=xt7E7QG4V83SmiDcV314g80XciY; RRczXWMCWpYgMDM7M9iHemAesSw=UBaxlkhfQRW1JE15Rmfjz_WpG0c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Tue, 22 Jul 2025 21:26:28 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZnZJ8A2a0mLxLRyspd1BX%2FLF0GJuODSPJ4TpWrCfEzwix%2BvByRGpsTw5fUVpBJLVJyrvvjCGahiEOaJpkVs6nIUOWiLYOie9LZ%2Fbpyz%2F1RspFtF%2BvBTLAesYdIGLdfzpjGI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
pragma: public
age: 1145
cf-cache-status: HIT
content-encoding: br
cf-ray: 9636043c1db97127-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5898&min_rtt=647&rtt_var=6098&sent=65&recv=85&lost=0&retrans=0&sent_bytes=9011&recv_bytes=6307&delivery_rate=424217&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=19225&unsent_bytes=0&cid=4d01c0bf4f378e8a&ts=988&inflight_dur=53&x=40"
POST payannualset.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/0.7103051010329947:1753218630:7Tjk63QoHyAG2x2ijcq0g7BZza5FVWkA8T4rVXynxYo/96360439bdab7127
200 OK 0 B URL
payannualset.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/0.7103051010329947:1753218630:7Tjk63QoHyAG2x2ijcq0g7BZza5FVWkA8T4rVXynxYo/96360439bdab7127
IP / ASN
104.21.80.1
#13335 CLOUDFLARENET
Requested by https://payannualset.xyz/f45rtfr54456643w3hhyt#infoyvr@slurpmail.net
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5605996
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject payannualset.xyz
Fingerprint 2B:0F:55:0E:9B:0A:47:D1:81:6D:52:69:D0:A6:10:31:4C:E5:AE:3E
Validity Mon, 21 Jul 2025 11:00:55 GMT - Sun, 19 Oct 2025 11:59:27 GMT
POST /cdn-cgi/challenge-platform/h/b/jsd/r/0.7103051010329947:1753218630:7Tjk63QoHyAG2x2ijcq0g7BZza5FVWkA8T4rVXynxYo/96360439bdab7127 HTTP/1.1
Host: payannualset.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Android; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 12165
Origin: https://payannualset.xyz
DNT: 1
Connection: keep-alive
Referer: https://payannualset.xyz/f45rtfr54456643w3hhyt
Cookie: KAMZsHtGP4wHWhRelnp447c0UvE=6zXfbKfp24IVMX2BcyqIiQyxlQY; el8Agk4V6rUDGedxIqXQTirApUA=1753219570; 5KDdKMV0p-I72NpzXhHD1pA2J_k=1753305970; yEm6AwHnzE7j3o_0dHmyzyJN_XU=tb6KsxDMvBsSGTgIA3MfBGxkeq8; HDhPYuIhAC52UyZoYG_hZ4yFus4=lkLPZiL_UVgRTxwDers97UXe5XU; naEJurpQDJvyFqt9Jp1gsLSgME0=LwzgqdY6wFFHjwBlNyVbmCZBrVw; QHHRtAKdal_uTN551W7tRMnRliU=1753219583; 9QXP_D-Yfj34P9KkjmAxeU8RFTo=1753305983; cvUDUKRfuL3KTAMoUzQFT2twWcQ=xt7E7QG4V83SmiDcV314g80XciY; RRczXWMCWpYgMDM7M9iHemAesSw=UBaxlkhfQRW1JE15Rmfjz_WpG0c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 22 Jul 2025 21:26:28 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jaSabQkfDF%2FRE5LynseLneY3C7uS0XwsWMNZ6fPuZkZ72SWG8K0wI%2BlFnsTyAMUJx0ZVX7fX448h7qig0LUsy5NW3koafoU9MAOAy9MzwjM7Mpl6CKEDwuecfDzMTofYANN"}],"group":"cf-nel","max_age":604800}
set-cookie: cf_clearance=J0tgTg0ZVfou0u.aJEYSTa5rO0WwlhYJpZfBntMrawY-1753219588-1.2.1.1-4._M.WhMXK3Q0fUQbJ3X6E2lnpPtmM7juVpO2HT5N66x4uWup7Y1LURce0ccT2yCVqNOZeiNFJySw.kwijZVOYS65c0LkapeZUlfr3Wn.t_AysQNJQWkTW2gtTeoFN7qVwAG2qyZm.OYg3K4zaWdaY6d65gHUapFCLe.RNZZ51tDTUR9qmbtq8ZTqlEyzaV6iYfayt4Gu6a_2NykF8mcBq.oZ_VyvlcjBJ_jNKtwXMg; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=payannualset.xyz; Expires=Wed, 22 Jul 2026 21:26:28 GMT
cf-ray: 9636043dddf47127-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4175&min_rtt=341&rtt_var=5195&sent=82&recv=100&lost=0&retrans=0&sent_bytes=16270&recv_bytes=21134&delivery_rate=1934793&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=26224&unsent_bytes=0&cid=4d01c0bf4f378e8a&ts=1270&inflight_dur=75&x=40"
