Report - jswojx.com.atlaq.com/

Report Overview

Visited public
2023-12-11 09:48:34
Tags
URL
jswojx.com.atlaq.com/
Finishing URL
jswojx.com.atlaq.com/
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
风车动漫 - 专注动漫的门户网站-风车动漫网

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
whulsaux.com	unknown	2023-01-04	2023-01-04 17:10:35	2023-12-08 17:48:35	873 B	29 kB	139.45.197.244
3xc.be	unknown	unknown	No data	No data	855 B	2.1 kB	5.134.4.122
19youngporn.com	575528	unknown	No data	No data	401 B	0 B	0.0.0.0
t1.gstatic.com	unknown	2008-02-11	2013-05-07 00:57:20	2023-12-09 18:14:16	2.1 kB	4.7 kB	142.250.74.132
traffic.alexa.com	381412	1996-07-17	2012-05-20 23:46:11	2021-05-14 12:40:47	994 B	0 B	0.0.0.0
33streamay.com	unknown	unknown	No data	No data	398 B	187 B	172.234.25.151
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2023-12-10 05:12:52	892 B	451 B	216.239.32.36
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-12-10 17:58:57	1.1 kB	1.5 kB	139.45.195.8
8anime.art	unknown	unknown	No data	No data	396 B	96 B	172.234.25.151
atlaq.com	460385	2019-04-07	2019-04-10 14:32:55	2023-11-19 12:52:29	866 B	137 kB	104.21.64.58
itweepinbelltor.com	116495	2021-08-11	2021-08-11 13:34:00	2023-12-03 21:43:16	5.1 kB	156 kB	139.45.197.250
jswojx.com.atlaq.com	unknown	unknown	No data	No data	1.4 kB	52 kB	188.114.97.1
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2023-12-10 06:27:18	586 B	578 B	142.250.74.163
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-10 10:23:31	910 B	143 kB	142.250.74.168
amunfezanttor.com	unknown	2023-03-31	2023-03-31 14:42:42	2023-12-11 05:51:24	1.0 kB	1.0 kB	139.45.197.250
80limit.com	unknown	unknown	No data	No data	395 B	15 kB	163.172.63.142

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-11	medium	whulsaux.com	Sinkholed
2023-12-11	medium	amunfezanttor.com	Sinkholed
2023-12-11	medium	whulsaux.com	Sinkholed
2023-12-11	medium	amunfezanttor.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	jswojx.com.atlaq.com/	ScriptElement	3.6 kB	2024-08-20	2024-08-20
Pretty URL jswojx.com.atlaq.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:08 Last Seen2024-08-20 16:08 Times Seen1 Hash 34dce2656b52c3518b6d01bc0ab074d7 193961894995dca3c2de3341b2b81a95ef734be7 894bd5c978b76d8fed38509a5d29a159fb0d990e15e2bc409b545851c3e23163 Loading...

	www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c	ScriptElement	267 kB	2023-12-11	2023-12-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-11 10:48 Last Seen2023-12-11 10:48 Times Seen1 Hash bc600cc80b75f8c31109ff2159febf4e 4d65f1d3e85c3dec67c8331cc323249abd0d670c 58b31b54c4c3e1aba20b3714d14fa03dce729fa76e2989e39aa50c45801b13c9 Loading...

	unknown	EventHandler	151 B	2024-08-20	2024-08-20
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-20 16:08 Last Seen2024-08-20 16:08 Times Seen1 Hash bf1ec30dd09865b35cf9487b448468e9 65db83212bc161dc345b196c25fc54a581970db5 d1ac4ec46db2d6b84536348195e0fc9558c69885e8e70b7639d5b05c93fbd6f3 Loading...

	unknown	EventHandler	147 B	2024-08-20	2024-08-20
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-20 16:08 Last Seen2024-08-20 16:08 Times Seen1 Hash 98482ef65629fec65ae3d65885f8250d 839495a5542e558966cf3acdc565cdcb19b44f15 0348d2080636db6e5715557fb65718e4f7b30faa409b5d79c07b3cebe35582f2 Loading...

	unknown	EventHandler	152 B	2024-08-20	2024-08-20
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-20 16:08 Last Seen2024-08-20 16:08 Times Seen1 Hash 16002c02d79ec8139ce6d66dd4753bab 93704ef58c65970aa9e060f6b968f818bf2589c4 a59edabf4b47a4f6a0039c32fad6d9cec435d9eb575a67b7f364a27b241e9282 Loading...

	jswojx.com.atlaq.com/	ScriptElement	59 kB	2023-11-11	2024-08-20
Pretty URL jswojx.com.atlaq.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-11 13:15 Last Seen2024-08-20 19:59 Times Seen27 Hash b19b96f2fc5eeadfd5a5852e5fbd19ab 021c13b5d0cfe7880adaff70d73a5ab6910e1cb5 4be0a27e37a47491b51c4eb6ea1423d82483806e6ce015132a40a0ccb1e96c7d Loading...

	jswojx.com.atlaq.com/	ScriptElement	447 B	2023-11-11	2024-08-20
Pretty URL jswojx.com.atlaq.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-11 13:15 Last Seen2024-08-20 19:59 Times Seen27 Hash edac1ca3689a31cc59d42a6062c37472 c02dff66418e29c297de8c4f07353942ca91bf2d 201665128cc31ad2da0fcf6cbacf714ebba47b34306525369fd8b6be99e7a07d Loading...

	unknown	ScriptElement	88 kB	2023-11-02	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 10:05 Last Seen2024-08-20 21:23 Times Seen2914 Hash d46d2997ab218d1dba1ab614422ed53f 3f1f6b9847c8ad209835db366c62fcb209b83a67 09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42 Loading...

	jswojx.com.atlaq.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL jswojx.com.atlaq.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 10:31 Times Seen341419 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 10:31 Times Seen340618 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	whulsaux.com/tag.min.js	ScriptElement	81 kB	2023-12-10	2023-12-12
Pretty URL whulsaux.com/tag.min.js IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-10 22:57 Last Seen2023-12-12 05:01 Times Seen23 Hash bb657d1047756d414ca6f954c6d8bb09 7f0be8ba49b51f627cf197b1a312684b9e37a3cc d832287476725c8d9631f8a146e42631811e0db07ec426eabf8b02292803521e Loading...

	unknown	ScriptElement	26 kB	2023-03-07	2025-01-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-01-30 15:49 Times Seen1752 Hash a912e7afe74b51fdd03b28bf67e7d409 85004dfe087af5a730261c85262661d89b3d2516 706b3882753d8f81cfcf35aa2623303b1b380c8106686a4ad12a1fae23cf4650 Loading...

	jswojx.com.atlaq.com/	ScriptElement	154 B	2023-03-10	2025-04-06
Pretty URL jswojx.com.atlaq.com/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 11:07 Last Seen2025-04-06 21:45 Times Seen80 Hash 556aedec3c17b1047b6ea5b24555b6b3 bc98386bf7c5d5088b545befbe3f36738874ca18 25b0f8074b7996c02b28918d9dec52e00501eee8990db393f4a0624d136a828e Loading...

	itweepinbelltor.com/pfe/current/tag.min.js?z=5490114	ScriptElement	13 kB	2023-11-02	2024-08-20
Pretty URL itweepinbelltor.com/pfe/current/tag.min.js?z=5490114 IP 139.45.197.250 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 10:05 Last Seen2024-08-20 21:23 Times Seen2697 Hash 258578af3c107ccb907f73c3a2f4c25f 7a192edea829968fb7f57f2a2fc4cb5b612598be 1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75 Loading...

	www.googletagmanager.com/gtag/js?id=UA-85346163-2	ScriptElement	135 kB	2023-12-11	2023-12-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-85346163-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-11 10:48 Last Seen2023-12-11 10:48 Times Seen1 Hash 9942e42cdbe97a8a9928dfd9a2d0ab54 c0c6ba3e53093d6e5e7c8b0d63a5c7291b32b67a c35352693f3b402b796b792717c6bde4752e5f0da376b94fea9e5c74566299aa Loading...

		Size	First Seen	Last Seen
	#1 Write - 4adc2b935348aab79d5ba700d49694e5	51 kB	2024-08-20 16:08	2024-08-20 16:08
Pretty Observations First Seen2024-08-20 16:08 Last Seen2024-08-20 16:08 Times Seen1 Hash 4adc2b935348aab79d5ba700d49694e5 25f418f691f20feaeee6d1e762741ac1c48d9e96 0e9989d52781967baf3962d89ad989406806877c026a3fab7e5d17b0a1c97f0f Loading...

HTTP Transactions (37)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=UA-85346163-2

142.250.74.168

200 OK

52 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-85346163-2
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (2213)
Size
52 kB (51623 bytes)
Hash
9942e42cdbe97a8a9928dfd9a2d0ab54
c0c6ba3e53093d6e5e7c8b0d63a5c7291b32b67a
c35352693f3b402b796b792717c6bde4752e5f0da376b94fea9e5c74566299aa

HTTP Headers

GET /gtag/js?id=UA-85346163-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 11 Dec 2023 09:48:08 GMT
expires: Mon, 11 Dec 2023 09:48:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51623
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

atlaq.com/logo.png

104.21.64.58

200 OK

117 kB

URL GET HTTP/3
atlaq.com/logo.png
IP
104.21.64.58:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint5E:AC:5A:49:0B:05:39:5A:D5:49:EF:4E:F8:76:94:B6:C0:A1:29:84
ValidityTue, 29 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
PNG image data, 500 x 446, 8-bit/color RGBA, non-interlaced - data
Size
117 kB (117433 bytes)
Hash
792b74959e26cd37fd05dfcd0ef07770
c6e3ed2dd9771b077daf93eda5773cd10d621147
7ae2cb133588b7a2926b71630869d602c294840f6c1379666e82b25f3354623b

HTTP Headers

GET /logo.png HTTP/1.1
Host: atlaq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 11 Dec 2023 09:48:08 GMT
content-type: image/png
content-length: 117433
cache-control: public, max-age=31536000
expires: Mon, 25 Nov 2024 02:30:11 GMT
last-modified: Wed, 29 Jan 2020 11:21:42 GMT
vary: User-Agent,Origin, Accept-Encoding
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1322277
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZmiLz7R3sYEBwsKFHuXgoTEdet6As0m7YugJohdV7kOVBaVWqpgVGcVSPrRHtiUpCdQTtfDUTBuG8yh%2Ff9lPMWhZrxppEivzFHWDifIy8RSa6i%2BtK9yRlXhy7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833ccf6afed90b59-OSL
alt-svc: h3=":443"; ma=86400

itweepinbelltor.com/zone?pub=0&zone_id=5490114&is_mobile=false&domain=jswojx.com.atlaq.com&var=&ymid=&var_3=&tg=0&sw=3.1.471

139.45.197.250

200 OK

888 B

URL GET HTTP/2
itweepinbelltor.com/zone?pub=0&zone_id=5490114&is_mobile=false&domain=jswojx.com.atlaq.com&var=&ymid=&var_3=&tg=0&sw=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
JSON data - , ASCII text, with very long lines (887)
Size
888 B (888 bytes)
Hash
5800ebd5fac46023ee5ce159af185039
69130d428356b977ec0a5bb70fe95ce3bc947b85
b299942a863006c6c8227371cc765b6eaef53616b56613001feda66f9667444f

HTTP Headers

GET /zone?pub=0&zone_id=5490114&is_mobile=false&domain=jswojx.com.atlaq.com&var=&ymid=&var_3=&tg=0&sw=3.1.471 HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:08 GMT
content-type: application/json; charset=utf-8
content-length: 888
x-trace-id: d6b72da0ddfafedc5df9c1806485df94
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c

142.250.74.168

200 OK

90 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type
ASCII text, with very long lines (5955)
Size
90 kB (90234 bytes)
Hash
bc600cc80b75f8c31109ff2159febf4e
4d65f1d3e85c3dec67c8331cc323249abd0d670c
58b31b54c4c3e1aba20b3714d14fa03dce729fa76e2989e39aa50c45801b13c9

HTTP Headers

GET /gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 11 Dec 2023 09:48:08 GMT
expires: Mon, 11 Dec 2023 09:48:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90234
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

itweepinbelltor.com/custom

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
itweepinbelltor.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jswojx.com.atlaq.com/
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

itweepinbelltor.com/custom

139.45.197.250

200 OK

39 B

URL OPTIONS HTTP/2
itweepinbelltor.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
JSON data - , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
Content-Type: application/json
Content-Length: 377
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: cbd431dc5bc6bf19e5daa087cf6bfa8d
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

whulsaux.com/tag.min.js

139.45.197.244

200 OK

26 kB

URL GET HTTP/2
whulsaux.com/tag.min.js
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectwhulsaux.com
FingerprintA8:C3:DA:A6:D8:7E:B2:1D:20:3B:9D:3B:86:9A:EF:7C:B3:AC:47:D7
ValidityMon, 20 Nov 2023 05:29:27 GMT - Sun, 18 Feb 2024 05:29:26 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25676 bytes)
Hash
bb657d1047756d414ca6f954c6d8bb09
7f0be8ba49b51f627cf197b1a312684b9e37a3cc
d832287476725c8d9631f8a146e42631811e0db07ec426eabf8b02292803521e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: text/javascript; charset=utf-8
content-length: 25676
content-encoding: br
x-trace-id: dba714ee7b60e46ac870e34b8c36f277
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Sun, 10 Dec 2023 21:45:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

itweepinbelltor.com/pfe/current/tag.min.js?z=5490114

139.45.197.250

200 OK

5.8 kB

URL GET HTTP/2
itweepinbelltor.com/pfe/current/tag.min.js?z=5490114
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
C source, ASCII text, with very long lines (13300), with no line terminators
Size
5.8 kB (5780 bytes)
Hash
258578af3c107ccb907f73c3a2f4c25f
7a192edea829968fb7f57f2a2fc4cb5b612598be
1f945c9c46c47a2b0e867b0d09c3e4559cd768a2d3747abf28d1d65667733b75

HTTP Headers

GET /pfe/current/tag.min.js?z=5490114 HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:08 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-33f4"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT

File type
JSON data - , ASCII text
Size
94 B (94 bytes)
Hash
ff88e6ff67f37714c2d923c3badeb670
9f970e3c4c33973922b10c27a45e8c5e90359238
dc8070a5165c615d83a5406277e782c91abab7479592142d3e49916bce3b52e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
Content-Type: application/json
Content-Length: 505
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

80limit.com/favicon.ico

163.172.63.142

200 OK

15 kB

URL GET HTTP/1.1
80limit.com/favicon.ico
IP
163.172.63.142:443
ASN
#12876 Online S.a.s.

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subject80limit.com
Fingerprint7A:D8:3D:D6:BC:F0:55:A6:3B:FF:1B:8C:D7:D1:14:4F:2D:5D:48:05
ValidityWed, 11 Oct 2023 12:03:27 GMT - Tue, 09 Jan 2024 12:03:26 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel - data
Size
15 kB (15086 bytes)
Hash
27f6c7cdbaae146742f8258660ec8480
e0620a61aeb27c5e867f88dd0e56d0b3ffa4e43b
8d8f08db58bf3a5e28f3eff70d930a65617e678f04f4a0f102d4c934fa1ea5f2

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 80limit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.10.1
Date: Mon, 11 Dec 2023 09:48:09 GMT
Content-Type: image/x-icon
Content-Length: 15086
Last-Modified: Mon, 09 Jan 2023 10:08:50 GMT
Connection: keep-alive
ETag: "63bbe7b2-3aee"
Accept-Ranges: bytes

jswojx.com.atlaq.com/

188.114.97.1

200 OK

0 B

URL User Request GET HTTP/2
jswojx.com.atlaq.com/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint76:15:CE:DE:39:63:81:C5:4E:4A:13:3D:70:6B:AE:85:FA:98:9A:38
ValidityFri, 25 Aug 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: jswojx.com.atlaq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=2592000
cf-railgun: direct (waiting for pending WAN connection)
expires: Wed, 10 Jan 2024 09:48:02 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: User-Agent,Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2atX7urLWGi%2FQcftX7vf22GWD%2BRvVGO%2BiTJj8R0G2%2BZeJvYE0b7O76An3E1k%2BYinaFir2J2ILOmd%2BvTsOuKQEgc%2F8pzfQJIZWLlCOqbX%2BBFxsFymiQ2a6LG19NIbG5ifEc1wkbsngQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833ccf6b0fb1712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

whulsaux.com/5/6577958/?oo=1&aab=1

139.45.197.244

200 OK

1.4 kB

URL GET HTTP/2
whulsaux.com/5/6577958/?oo=1&aab=1
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectwhulsaux.com
FingerprintA8:C3:DA:A6:D8:7E:B2:1D:20:3B:9D:3B:86:9A:EF:7C:B3:AC:47:D7
ValidityMon, 20 Nov 2023 05:29:27 GMT - Sun, 18 Feb 2024 05:29:26 GMT

File type
gzip compressed data, max speed, from Unix - data
Size
1.4 kB (1413 bytes)
Hash
420f95e956ff19dbab54a65d93e8f71f
54821ff208500daba5fc1eab1871aabfaa4a7213
67ec00b0694b66f10c0ca147709cb5cdafa232922a559cbf7944689b0a8c57c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6577958/?oo=1&aab=1 HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: application/json
x-trace-id: dfe989078d5d91ba82c2df56190e75da
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=63527c6295f246528e7ba36ef5239ed4; expires=Tue, 10 Dec 2024 09:48:09 GMT; path=/; secure; SameSite=None
oaidts=1702288089; expires=Tue, 10 Dec 2024 09:48:09 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

33streamay.com/favicon.ico

172.234.25.151

403 Forbidden

93 B

URL GET HTTP/1.1
33streamay.com/favicon.ico
IP
172.234.25.151:443
ASN
#20940 Akamai International B.V.

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subject33streamay.com
Fingerprint1A:0C:E0:00:90:4D:FA:92:B5:A6:CF:70:CB:0B:2A:B8:AC:5D:0F:8F
ValidityMon, 13 Nov 2023 13:29:35 GMT - Sun, 11 Feb 2024 13:29:34 GMT

File type
HTML document, ASCII text
Size
93 B (93 bytes)
Hash
b0d506893d4802090edf1644f5f082cd
4bf0d7ecb70703857c7029754fa02a7496313b63
0d3e98ca727fc1201b436170af5a63f23348aaf146a3ac6234f6c4da283e8b34

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 33streamay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
content-length: 93
cache-control: no-cache
content-type: text/html

atlaq.com/style.css

104.21.64.58

200 OK

18 kB

URL GET HTTP/2
atlaq.com/style.css
IP
104.21.64.58:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint5E:AC:5A:49:0B:05:39:5A:D5:49:EF:4E:F8:76:94:B6:C0:A1:29:84
ValidityTue, 29 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (49091), with no line terminators
Size
18 kB (17846 bytes)
Hash
1dc4998a41131ac5df41ae820c7f583c
227aa907d96a66d38f5073700d2d8c5e1262187c
1f807cd9d5d8475f4ec107c17a62318927277940eb8bfe1d386ec97ad4cb9f57

HTTP Headers

GET /style.css HTTP/1.1
Host: atlaq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 09:48:08 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-bgj: minify
expires: Fri, 22 Dec 2023 03:51:19 GMT
last-modified: Tue, 25 Oct 2022 04:42:27 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding,User-Agent,Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1663009
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7vTaAnik8GEa9m%2Fam2rmPTElFNmUATbuK%2FtPzLyTsHwEq52QgY9yafeexzTq5WfyvVoa5O5H8lfm3zPHHUuogZi2WJsWn02T6UzgDcldQ08In%2FxWPfvvWsfI%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833ccf697eda5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

itweepinbelltor.com/event

139.45.197.250

200 OK

0 B

URL POST HTTP/2
itweepinbelltor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jswojx.com.atlaq.com/
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-FPZ0VEL1WQ&gtm=45je3bt0v894672372&_p=1702288088946&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2043604979.1702288089&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1702288089&sct=1&seg=0&dl=https%3A%2F%2Fjswojx.com.atlaq.com%2F&dt=%E9%A3%8E%E8%BD%A6%E5%8A%A8%E6%BC%AB%20-%20%E4%B8%93%E6%B3%A8%E5%8A%A8%E6%BC%AB%E7%9A%84%E9%97%A8%E6%88%B7%E7%BD%91%E7%AB%99-%E9%A3%8E%E8%BD%A6%E5%8A%A8%E6%BC%AB%E7%BD%91&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1571

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-FPZ0VEL1WQ&gtm=45je3bt0v894672372&_p=1702288088946&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2043604979.1702288089&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1702288089&sct=1&seg=0&dl=https%3A%2F%2Fjswojx.com.atlaq.com%2F&dt=%E9%A3%8E%E8%BD%A6%E5%8A%A8%E6%BC%AB%20-%20%E4%B8%93%E6%B3%A8%E5%8A%A8%E6%BC%AB%E7%9A%84%E9%97%A8%E6%88%B7%E7%BD%91%E7%AB%99-%E9%A3%8E%E8%BD%A6%E5%8A%A8%E6%BC%AB%E7%BD%91&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1571
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-FPZ0VEL1WQ&gtm=45je3bt0v894672372&_p=1702288088946&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2043604979.1702288089&ul=en-us&sr=1280x1024&_eu=AAAI&_s=1&sid=1702288089&sct=1&seg=0&dl=https%3A%2F%2Fjswojx.com.atlaq.com%2F&dt=%E9%A3%8E%E8%BD%A6%E5%8A%A8%E6%BC%AB%20-%20%E4%B8%93%E6%B3%A8%E5%8A%A8%E6%BC%AB%E7%9A%84%E9%97%A8%E6%88%B7%E7%BD%91%E7%AB%99-%E9%A3%8E%E8%BD%A6%E5%8A%A8%E6%BC%AB%E7%BD%91&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1571 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://jswojx.com.atlaq.com
date: Mon, 11 Dec 2023 09:48:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

itweepinbelltor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
itweepinbelltor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
JSON data - , ASCII text
Size
94 B (94 bytes)
Hash
6d63cb739231157729534f95c78e0483
e93df3b7de3b4da5ee072c3a859b71e45fe84792
716d7827b53e3050097441f050a22c34d9ae125f378330d273ac2b2f29a70dcc

HTTP Headers

POST /event HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
Content-Type: application/json
Content-Length: 1633
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=f65458021093468c83cd3c3abac205aa&zoneId=5490114&checkDuplicate=true&ymid=&var=

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?pub=0&userId=f65458021093468c83cd3c3abac205aa&zoneId=5490114&checkDuplicate=true&ymid=&var=
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data - , ASCII text
Size
65 B (65 bytes)
Hash
eeff72f5cbb010d6d943ab8a7fa71a6c
30bb07f1c44414f06d937f7c1af862b2ce21f6f0
b78ce5690bab6967bb4f32df08918ab94eec06956804a3dfcdca77debce9511a

HTTP Headers

GET /gid.js?pub=0&userId=f65458021093468c83cd3c3abac205aa&zoneId=5490114&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Cookie: ID=63527c6295f246528e7ba36ef5239ed4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=63527c6295f246528e7ba36ef5239ed4; expires=Tue, 10 Dec 2024 09:48:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL POST HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
Fingerprint94:5D:BD:F9:F6:55:6B:83:55:25:90:4A:5F:E4:CF:19:5E:6B:A2:51
ValidityWed, 22 Nov 2023 20:33:33 GMT - Tue, 20 Feb 2024 20:33:32 GMT

File type
JSON data - , ASCII text
Size
94 B (94 bytes)
Hash
eb2f63fef9187e875bcb6336465f851a
3d45baa0fff6b531ec862215cf13235d8f4428e1
02a76b5e3736fbc0c76bf91e1ad40c4be2231bef9674232a3bc0938cf4bd80e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
Content-Type: application/json
Content-Length: 505
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: application/json; charset=utf-8
content-length: 94
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

itweepinbelltor.com/custom

139.45.197.250

200 OK

39 B

URL OPTIONS HTTP/2
itweepinbelltor.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
JSON data - , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
Content-Type: application/json
Content-Length: 374
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:10 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 598f850153f51fd13795e51e8abe39fa
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=2043604979.1702288089&gtm=45je3bt0v894672372&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2027932829

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=2043604979.1702288089&gtm=45je3bt0v894672372&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2027932829
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintDB:33:6A:DD:DA:72:55:0D:55:09:60:6E:D1:5B:40:D8:2B:9B:4F:3C
ValidityMon, 20 Nov 2023 08:12:16 GMT - Mon, 12 Feb 2024 08:12:15 GMT

File type
GIF image data, version 89a, 1 x 1 - data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=2043604979.1702288089&gtm=45je3bt0v894672372&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2027932829 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 09:48:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://19youngporn.com

142.250.74.132

404 Not Found

726 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://19youngporn.com
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced - data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://19youngporn.com HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 09:48:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://8anime.art

142.250.74.132

404 Not Found

726 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://8anime.art
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced - data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://8anime.art HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 09:48:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://jswojx.com

142.250.74.132

200 OK

863 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://jswojx.com
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced - data
Size
863 B (863 bytes)
Hash
1a23351427007cc93904d0679ccd6fd2
f32e1667e517c9ca13361c788cb385cd4534d717
7f0bf144307fd6909d843f1b7bb121347555a40e896c4756d625d13212849003

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://jswojx.com HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://www.jswojx.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 863
date: Mon, 11 Dec 2023 09:48:10 GMT
expires: Mon, 18 Dec 2023 09:48:10 GMT
cache-control: public, max-age=604800
last-modified: Tue, 18 Feb 2020 02:17:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://33streamay.com

142.250.74.132

404 Not Found

726 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://33streamay.com
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced - data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://33streamay.com HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 09:48:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

3xc.be/favicon.ico

5.134.4.122

302 Found

0 B

URL GET HTTP/2
3xc.be/favicon.ico
IP
5.134.4.122:443
ASN
#34762 Combell NV

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subject3xc.be
Fingerprint02:EC:D4:E7:82:7F:FB:E2:ED:CF:F7:CC:3B:F0:6C:29:6E:B5:1C:BB
ValidityMon, 16 Oct 2023 14:32:40 GMT - Sun, 14 Jan 2024 14:32:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 3xc.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Mon, 11 Dec 2023 09:48:10 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-frame-options: SAMEORIGIN
link: <https://3xc.be/wp-json/>; rel="https://api.w.org/"
x-tec-api-version: v1
x-tec-api-root: https://3xc.be/wp-json/tribe/events/v1/
x-tec-api-origin: https://3xc.be
x-redirect-by: WordPress
set-cookie: pll_language=nl; expires=Tue, 10-Dec-2024 09:48:10 GMT; Max-Age=31536000; path=/; secure; SameSite=Lax
location: https://3xc.be/wp-content/uploads/2018/11/cropped-LOGO-CLOUD-COMPUTER-COMPANY-32x32.png
X-Firefox-Spdy: h2

itweepinbelltor.com/custom

139.45.197.250

200 OK

39 B

URL OPTIONS HTTP/2
itweepinbelltor.com/custom
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
JSON data - , ASCII text
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
Content-Type: application/json
Content-Length: 734
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:10 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d917426685eda3b457a084cef6578aeb
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

3xc.be/wp-content/uploads/2018/11/cropped-LOGO-CLOUD-COMPUTER-COMPANY-32x32.png

5.134.4.122

200 OK

1.3 kB

URL GET HTTP/2
3xc.be/wp-content/uploads/2018/11/cropped-LOGO-CLOUD-COMPUTER-COMPANY-32x32.png
IP
5.134.4.122:443
ASN
#34762 Combell NV

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subject3xc.be
Fingerprint02:EC:D4:E7:82:7F:FB:E2:ED:CF:F7:CC:3B:F0:6C:29:6E:B5:1C:BB
ValidityMon, 16 Oct 2023 14:32:40 GMT - Sun, 14 Jan 2024 14:32:39 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced - data
Size
1.3 kB (1263 bytes)
Hash
e33aff546886ccb862b3bb8a4e196fc6
6543259761b2b7cfb512f5e7906c43cb5ac5915e
1ba9245589b8fd67f712e3c49fcef672b6fb00b2853d364e8738cf17416210ad

HTTP Headers

GET /wp-content/uploads/2018/11/cropped-LOGO-CLOUD-COMPUTER-COMPANY-32x32.png HTTP/1.1
Host: 3xc.be
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:10 GMT
content-type: image/png
content-length: 1263
last-modified: Wed, 14 Nov 2018 16:03:08 GMT
etag: "4ef-57aa211f34700"
accept-ranges: bytes
X-Firefox-Spdy: h2

8anime.art/favicon.ico

172.234.25.151

403 Forbidden

0 B

URL GET HTTP/1.1
8anime.art/favicon.ico
IP
172.234.25.151:443
ASN
#20940 Akamai International B.V.

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subject8anime.art
Fingerprint6C:E3:8A:96:98:EC:E8:2F:F5:35:35:99:2A:CA:D7:6C:3E:A6:2F:3A
ValidityMon, 20 Nov 2023 11:07:16 GMT - Sun, 18 Feb 2024 11:07:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 8anime.art
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
content-length: 93
cache-control: no-cache
content-type: text/html

my.rtmark.net/gid.js?userId=63527c6295f246528e7ba36ef5239ed4

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=63527c6295f246528e7ba36ef5239ed4
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
75b40c2aef2660ca192595fd667e1f6a
e171b9f874c7f7e24a5d7a58949221486b8705df
ff24c11be7ddc422a0227d24e9d6d40eb56dc9eadd7353156960971276cea2ac

HTTP Headers

GET /gid.js?userId=63527c6295f246528e7ba36ef5239ed4 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=63527c6295f246528e7ba36ef5239ed4; expires=Tue, 10 Dec 2024 09:48:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

jswojx.com.atlaq.com/sw-5490114.js

188.114.97.1

404 Not Found

4.8 kB

URL GET HTTP/3
jswojx.com.atlaq.com/sw-5490114.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint76:15:CE:DE:39:63:81:C5:4E:4A:13:3D:70:6B:AE:85:FA:98:9A:38
ValidityFri, 25 Aug 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document, ASCII text, with very long lines (5213), with no line terminators
Size
4.8 kB (4828 bytes)
Hash
544e939050d2421a4d8f8ff308ade809
2464e831970ca9846ab4a5e5bf9e6b3184e6557d
32d1737df6b9ece657e8092fcc2f786efbb472e7a84e2baae1fb17efabdded34

HTTP Headers

GET /sw-5490114.js HTTP/1.1
Host: jswojx.com.atlaq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
DNT: 1
Connection: keep-alive
Cookie: _ga_FPZ0VEL1WQ=GS1.1.1702288089.1.0.1702288089.60.0.0; _ga=GA1.1.2043604979.1702288089
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=31536000
expires: Wed, 10 Jan 2024 09:48:09 GMT
x-litespeed-cache: miss
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-expose-headers: Content-Disposition
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmQhqovwVr8vq9HJraG33D8XoqYzSeS3mEN4tAkqee5ZqHYgx%2B%2FVUvuqVCPObt0iSa9J6ohRim49l3yd89ER%2BBs%2F8%2F0B7SCJzhBOJ%2B%2F9cX3eOkX2DCkvDljjYog1F30prNoP1J5UYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833ccf6cc970712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

itweepinbelltor.com/pfe/current/defaultSkin.min.js

139.45.197.250

200 OK

57 kB

URL GET HTTP/2
itweepinbelltor.com/pfe/current/defaultSkin.min.js
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type

Size
57 kB (57187 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-df63"
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

itweepinbelltor.com/pfe/current/universal.min.js?v=3.1.471

139.45.197.250

200 OK

88 kB

URL GET HTTP/2
itweepinbelltor.com/pfe/current/universal.min.js?v=3.1.471
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectitweepinbelltor.com
Fingerprint02:3B:3D:FF:9B:86:67:A5:C6:4C:6C:1F:CB:D0:95:6B:BE:08:B2:DF
ValidityFri, 20 Oct 2023 05:44:18 GMT - Thu, 18 Jan 2024 05:44:17 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (87852 bytes)
Hash
d46d2997ab218d1dba1ab614422ed53f
3f1f6b9847c8ad209835db366c62fcb209b83a67
09e8ce2dfeac0ad09cd24788931b38ea7e7592f2c28eecc324b2dd1cd69d1b42

HTTP Headers

GET /pfe/current/universal.min.js?v=3.1.471 HTTP/1.1
Host: itweepinbelltor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
Origin: https://jswojx.com.atlaq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 09:48:08 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 17:44:23 GMT
etag: W/"6564d577-1572c"
access-control-allow-origin: https://jswojx.com.atlaq.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

jswojx.com.atlaq.com/badk.txt

188.114.97.1

200 OK

44 kB

URL GET HTTP/3
jswojx.com.atlaq.com/badk.txt
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jswojx.com.atlaq.com/
Certificate
IssuerCloudflare, Inc.
Subjectatlaq.com
Fingerprint76:15:CE:DE:39:63:81:C5:4E:4A:13:3D:70:6B:AE:85:FA:98:9A:38
ValidityFri, 25 Aug 2023 00:00:00 GMT - Sat, 24 Aug 2024 23:59:59 GMT

File type
ASCII text
Size
44 kB (43852 bytes)
Hash
f4245877e1f9b8764acbac7b475ebf2d
7471a9d7354637651fa5d0200febe7ab162fb69a
bd300473a295a173716b1b182aed7c14e3551f7400360dd5f694115683ccd41c

HTTP Headers

GET /badk.txt HTTP/1.1
Host: jswojx.com.atlaq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jswojx.com.atlaq.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 11 Dec 2023 09:48:09 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=2592000
cf-railgun: direct (starting new WAN connection)
expires: Wed, 10 Jan 2024 09:47:58 GMT
last-modified: Mon, 13 Apr 2020 08:00:16 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding,User-Agent,Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lg%2FU4XGrX5M6qy5fF%2FcHWTa29NGE7X6Gr0L1yr5HEqF%2FWKa3x1wAq6ixwDmkNKL%2FdvQWoRnOVnZNjZEC%2BTTmTJKeO3cpK18RxaE9P2pVDcRCqIgwAiv0d1dhVYq1hqnbGgHVKXpEVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833ccf6b0faf712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=jswojx.com

0.0.0.0

0 B

URL GET
traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=jswojx.com
IP
0.0.0.0:0
ASN
#0

Requested by
https://jswojx.com.atlaq.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=jswojx.com HTTP/1.1
Host: traffic.alexa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

19youngporn.com/favicon.ico

0.0.0.0

0 B

URL GET
19youngporn.com/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://jswojx.com.atlaq.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 19youngporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=jswojx.com

0.0.0.0

0 B

URL GET
traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=jswojx.com
IP
0.0.0.0:0
ASN
#0

Requested by
https://jswojx.com.atlaq.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=jswojx.com HTTP/1.1
Host: traffic.alexa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jswojx.com.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML