GET dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js
200 OK 27 kB URL
dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (27440), with no line terminators
First Seen 2025-06-04
Last Seen 2025-06-21
Times Seen 6
Size 27 kB (27440 bytes)
MD5 fba451a83f91a2bbe32e4046f60b9b08
SHA1 a316cb73961e0dfc6fe8d132694253535993c869
SHA256 39d4958b825ef4b1e734753497ca81f16f4c98d6fd606d0bf0bdaa5328c526b9
Certificate Info
Issuer Let's Encrypt
Subject dismounttaxigloomy.com
Fingerprint 46:C3:99:A3:AC:26:11:91:79:0C:0F:9E:C0:CC:8A:D7:80:E5:7C:12
Validity Sun, 27 Apr 2025 21:14:01 GMT - Sat, 26 Jul 2025 21:14:00 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /47e256568502d808b0f4997433da285b/invoke.js HTTP/1.1
Host: dismounttaxigloomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:15 GMT
Content-Type: application/javascript
Content-Length: 11563
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 9
Host: dismounttaxigloomy.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1b6d6a9c132af8d3dec54ccccc9482af
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.storageimagedisplay.com/cti/24/5b/3c/245b3c40c6d7a28419b530e0f4c8160a/1708270169.jpg
200 OK 76 kB URL
cdn.storageimagedisplay.com/cti/24/5b/3c/245b3c40c6d7a28419b530e0f4c8160a/1708270169.jpg
IP / ASN
45.133.44.2
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:16 15:05:08], progressive, precision 8, 300x250, components 3
First Seen 2024-02-20
Last Seen 2025-07-28
Times Seen 513
Size 76 kB (75664 bytes)
MD5 0ce3d5c31e61b2b14c5ede2cdd64045e
SHA1 4d260a0cc5f3a184568ffe8ca627441ce048a6c4
SHA256 e2955a0eca91674eb16ea126b21a1a04e19a2d7f7ddfdc80f95d2260a0ce6224
Certificate Info
Issuer Let's Encrypt
Subject cdn.storageimagedisplay.com
Fingerprint 7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
Validity Sun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT
GET /cti/24/5b/3c/245b3c40c6d7a28419b530e0f4c8160a/1708270169.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:16 GMT
content-type: image/jpeg
content-length: 75664
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:29:37 GMT
etag: "65d22261-12790"
expires: Mon, 16 Jun 2025 19:33:16 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
200 OK 28 kB URL
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
IP / ASN
142.250.74.10
#15169 GOOGLE
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text, with very long lines (1572)
First Seen 2025-06-02
Last Seen 2025-08-02
Times Seen 400
Size 28 kB (27925 bytes)
MD5 8ce20b90f602eca81760f51e82ec3323
SHA1 4e3bcb53083c31091d592bad676a2f9745c9db25
SHA256 14f74125fcc00d0afabf2d2db11f273fccb72581fbbb0986895e12e06c3a831f
Certificate Info
Issuer Google Trust Services
Subject upload.video.google.com
Fingerprint FF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
Validity Mon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT
GET /css2?family=Roboto:wght@100;300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Jun 2025 19:33:17 GMT
date: Sat, 14 Jun 2025 19:33:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css
200 OK 79 kB URL
cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text
First Seen 2024-01-20
Last Seen 2025-08-02
Times Seen 4044
Size 79 kB (78689 bytes)
MD5 3d4123dbfb33d27a5cfdfcfa91df6783
SHA1 e7d0eeeec54b848f0bc3da8685fa3bc88429d660
SHA256 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/interstitial/bottom_banner/1/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65aa8501-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 0
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=MD87XjHooI0r29V%2BU9TVDswtR%2BV1NHNnCTktSPj6FwdW7XA6oyHscVIxP%2B1pDm7RodLTghdJN8S1yh7MIJN8UVCebOBq1HBknF4pJIgkETLHBtdG"}]}
cf-ray: 94fc42305c561c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET caresaybetteann.pages.dev/wp-content/themes/news-press-release/css/build/owl.carousel.css?ver=6.5.5
200 OK 4.8 kB URL
caresaybetteann.pages.dev/wp-content/themes/news-press-release/css/build/owl.carousel.css?ver=6.5.5
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text
First Seen 2025-04-16
Last Seen 2025-06-28
Times Seen 3
Size 4.8 kB (4781 bytes)
MD5 d7ebac1fafc8e14cf40b94ad334726f4
SHA1 f06321430525f53b876c8239bab52d66d8b47575
SHA256 f23025de14edad0710e80fba7820c0f43bca9a2dae90992ff46c7d49b9585f99
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/themes/news-press-release/css/build/owl.carousel.css?ver=6.5.5 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: text/css; charset=utf-8
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"fbee75849fa9e4c348bf08dc0f802a23"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SFUzYFPqnA1OmTqz0qT2vN4EzGIdFyZOk5JDMNTTlWKlNPNiyqOs0qZb0jNYPE2Aso8fe6BI%2B01g%2FuN1pHFq7fjMwaiqryPw%2BlcKFrH%2BOfS6GfR37gQFWFAygIk1LFyDK6I6P2n51Vhkpb7j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b0fe656c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5313&min_rtt=1583&rtt_var=3529&sent=47&recv=21&lost=0&retrans=0&sent_bytes=29257&recv_bytes=5319&delivery_rate=26556&cwnd=20400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=644&x=1", cfExtPri, cfHdrFlush;dur=0
GET invadedisheartentrail.com/ren.gif?sid=H4sIAAAAAAAC_1RTzYsc1Rd9NZNdFj9-wY-FCC24UHA6VV3V1d1mEYxxdDBfJpGAGuRVvVc9z35Vr3yvPiatYDBEsmxBxWX16ZmMxiHoLhtBegSFgYDtahaZTf6DCK6lehpGL9S9t-qcKs65dd8X4_yAeMjp_qXzaiikpCfbTbvx0jWRMFWaxoWrDcdu2qca10Tie6caG3XSxauO6zXtlxtv8nCgTrZsx7Yd22msCs0jtXFyjkKkOz2n2bObXqvptD1s6P_em3wJhlpgxQE5AcFm_3scvQ8RTpHEP57lZpCp9JU34lzSTGkUbPvdZJCoMkF81EbaQpRsL9hQZkbIt0tQyfbCAVSxWTtAIGZk6ZlHCJLthUwExdah0kCCJwjYcZTFFFxOIegUoboFwf4gQMhw4SKS-O4FpUt64xClNTojx_7-C6KckWOPnkIS3z8jxUbjipJ5JlRisBFVEBtTiP4Uab6LbLgEUe4izD6HYA-J_exxJPG9t1QhBo2C6wEE238xDLjb7XjRCqN2Z8Xr0s5K4FO64nTcruPxLrNb0XxQIppC8hGosZDXl7CQRxby1ELM9hue3fVCh7p-1GNhx_ao5zEe2L1uy7ZpL-wgD2sXI2TpCKEcIdS3t1O2ng2K9mamc76VJ6Fpj52d_MNUOr7rdhzHGzt3DzlzymZNGTtI9U0MxAg6_wVmvYJhSzDZjFjvfIaCVSg5QWkISkpQCoIyIyiLaotJ0zLVXSZNHjiL2lpUt5qorD-mWyrr84SA6hE0qzZF-rG5hTBbngwjwyaqTjTIqgkNWDVOD8j_639jXX_wBAO-3-j4gcN9m9qdjuc4tk-DdtsJu07X7_ScltuFERWEWZrPcShm5OkXfkcqZsQqvkZAd2HkLkKxDJo_D1pWoOsVhsmDkMZcSkGHmhpJmyntc9NkvABTFdLsGLIb1lgekOfmm_LeJ3fAw73Tj915INQVUl3hI_ErQV_emVxWJdm8rEpDfrqYZiIWQ1pv0ZWMZnz53tv8Rqk0WztrRt-_FtZA3e5c5SY7RxMmkr4hP5wRjHG9qnTIyc9r5hoPLuVm_Uyukzw9d-n11bU41dwYoZIpaG3wiUYoZuTEb_vzE-KufAChp9B5hTjfI4uAUFOE6U2Y9Ei_UQRaHnGC1EKZVxPdCo4eSjEj57_6DpLvnb6_unb7m-A6aFDB8H-9eNRPNK2_QEU1NnfQ1xZodgtJXKHQFQpZgcoRTL48yVK9d_rPhZRAWpNAamszkFp-eThqI_Yb7Vbg-t2uzyOfRS5zWy7rtW3e82jP93peG5mZrZ9_-Ok_AQAA__8nV6ZpBwUAAA==
200 OK 0 B URL
invadedisheartentrail.com/ren.gif?sid=H4sIAAAAAAAC_1RTzYsc1Rd9NZNdFj9-wY-FCC24UHA6VV3V1d1mEYxxdDBfJpGAGuRVvVc9z35Vr3yvPiatYDBEsmxBxWX16ZmMxiHoLhtBegSFgYDtahaZTf6DCK6lehpGL9S9t-qcKs65dd8X4_yAeMjp_qXzaiikpCfbTbvx0jWRMFWaxoWrDcdu2qca10Tie6caG3XSxauO6zXtlxtv8nCgTrZsx7Yd22msCs0jtXFyjkKkOz2n2bObXqvptD1s6P_em3wJhlpgxQE5AcFm_3scvQ8RTpHEP57lZpCp9JU34lzSTGkUbPvdZJCoMkF81EbaQpRsL9hQZkbIt0tQyfbCAVSxWTtAIGZk6ZlHCJLthUwExdah0kCCJwjYcZTFFFxOIegUoboFwf4gQMhw4SKS-O4FpUt64xClNTojx_7-C6KckWOPnkIS3z8jxUbjipJ5JlRisBFVEBtTiP4Uab6LbLgEUe4izD6HYA-J_exxJPG9t1QhBo2C6wEE238xDLjb7XjRCqN2Z8Xr0s5K4FO64nTcruPxLrNb0XxQIppC8hGosZDXl7CQRxby1ELM9hue3fVCh7p-1GNhx_ao5zEe2L1uy7ZpL-wgD2sXI2TpCKEcIdS3t1O2ng2K9mamc76VJ6Fpj52d_MNUOr7rdhzHGzt3DzlzymZNGTtI9U0MxAg6_wVmvYJhSzDZjFjvfIaCVSg5QWkISkpQCoIyIyiLaotJ0zLVXSZNHjiL2lpUt5qorD-mWyrr84SA6hE0qzZF-rG5hTBbngwjwyaqTjTIqgkNWDVOD8j_639jXX_wBAO-3-j4gcN9m9qdjuc4tk-DdtsJu07X7_ScltuFERWEWZrPcShm5OkXfkcqZsQqvkZAd2HkLkKxDJo_D1pWoOsVhsmDkMZcSkGHmhpJmyntc9NkvABTFdLsGLIb1lgekOfmm_LeJ3fAw73Tj915INQVUl3hI_ErQV_emVxWJdm8rEpDfrqYZiIWQ1pv0ZWMZnz53tv8Rqk0WztrRt-_FtZA3e5c5SY7RxMmkr4hP5wRjHG9qnTIyc9r5hoPLuVm_Uyukzw9d-n11bU41dwYoZIpaG3wiUYoZuTEb_vzE-KufAChp9B5hTjfI4uAUFOE6U2Y9Ei_UQRaHnGC1EKZVxPdCo4eSjEj57_6DpLvnb6_unb7m-A6aFDB8H-9eNRPNK2_QEU1NnfQ1xZodgtJXKHQFQpZgcoRTL48yVK9d_rPhZRAWpNAamszkFp-eThqI_Yb7Vbg-t2uzyOfRS5zWy7rtW3e82jP93peG5mZrZ9_-Ok_AQAA__8nV6ZpBwUAAA==
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject invadedisheartentrail.com
Fingerprint 95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
Validity Tue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC_1RTzYsc1Rd9NZNdFj9-wY-FCC24UHA6VV3V1d1mEYxxdDBfJpGAGuRVvVc9z35Vr3yvPiatYDBEsmxBxWX16ZmMxiHoLhtBegSFgYDtahaZTf6DCK6lehpGL9S9t-qcKs65dd8X4_yAeMjp_qXzaiikpCfbTbvx0jWRMFWaxoWrDcdu2qca10Tie6caG3XSxauO6zXtlxtv8nCgTrZsx7Yd22msCs0jtXFyjkKkOz2n2bObXqvptD1s6P_em3wJhlpgxQE5AcFm_3scvQ8RTpHEP57lZpCp9JU34lzSTGkUbPvdZJCoMkF81EbaQpRsL9hQZkbIt0tQyfbCAVSxWTtAIGZk6ZlHCJLthUwExdah0kCCJwjYcZTFFFxOIegUoboFwf4gQMhw4SKS-O4FpUt64xClNTojx_7-C6KckWOPnkIS3z8jxUbjipJ5JlRisBFVEBtTiP4Uab6LbLgEUe4izD6HYA-J_exxJPG9t1QhBo2C6wEE238xDLjb7XjRCqN2Z8Xr0s5K4FO64nTcruPxLrNb0XxQIppC8hGosZDXl7CQRxby1ELM9hue3fVCh7p-1GNhx_ao5zEe2L1uy7ZpL-wgD2sXI2TpCKEcIdS3t1O2ng2K9mamc76VJ6Fpj52d_MNUOr7rdhzHGzt3DzlzymZNGTtI9U0MxAg6_wVmvYJhSzDZjFjvfIaCVSg5QWkISkpQCoIyIyiLaotJ0zLVXSZNHjiL2lpUt5qorD-mWyrr84SA6hE0qzZF-rG5hTBbngwjwyaqTjTIqgkNWDVOD8j_639jXX_wBAO-3-j4gcN9m9qdjuc4tk-DdtsJu07X7_ScltuFERWEWZrPcShm5OkXfkcqZsQqvkZAd2HkLkKxDJo_D1pWoOsVhsmDkMZcSkGHmhpJmyntc9NkvABTFdLsGLIb1lgekOfmm_LeJ3fAw73Tj915INQVUl3hI_ErQV_emVxWJdm8rEpDfrqYZiIWQ1pv0ZWMZnz53tv8Rqk0WztrRt-_FtZA3e5c5SY7RxMmkr4hP5wRjHG9qnTIyc9r5hoPLuVm_Uyukzw9d-n11bU41dwYoZIpaG3wiUYoZuTEb_vzE-KufAChp9B5hTjfI4uAUFOE6U2Y9Ei_UQRaHnGC1EKZVxPdCo4eSjEj57_6DpLvnb6_unb7m-A6aFDB8H-9eNRPNK2_QEU1NnfQ1xZodgtJXKHQFQpZgcoRTL48yVK9d_rPhZRAWpNAamszkFp-eThqI_Yb7Vbg-t2uzyOfRS5zWy7rtW3e82jP93peG5mZrZ9_-Ok_AQAA__8nV6ZpBwUAAA== HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:16 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 1
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 67ad1e6dad5026b8221abfd8a280b2a5
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css&l=3487&fd=528
200 OK 0 B URL
praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css&l=3487&fd=528
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject praystakeinstinct.com
Fingerprint EB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
Validity Tue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css&l=3487&fd=528 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16337114=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:17 GMT
Content-Length: 0
Connection: keep-alive
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET experttrafficcounter.com/stats
200 OK 40 B URL
experttrafficcounter.com/stats
IP / ASN
3.65.59.59
#16509 AMAZON-02
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text, with no line terminators
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 40 B (40 bytes)
MD5 f228b8fa5457c7a9185bf0f13c525cdb
SHA1 f9d80f41af095098a0aafbb4dc851e9a7b7ad8f5
SHA256 badbccb8fa678cc5039be19440f6df758513b162d39f656bb764b6ea71ed8c3c
Certificate Info
Issuer Amazon
Subject experttrafficcounter.com
Fingerprint CE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
Validity Tue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT
GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://caresaybetteann.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=7e1b0b0b-39e1-401b-93c9-bafba5fd8858:2:1; expires=Tue, 12 Jun 2035 19:33:14 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
GET dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js
200 OK 28 kB URL
dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (27472), with no line terminators
First Seen 2025-06-06
Last Seen 2025-06-15
Times Seen 4
Size 28 kB (27472 bytes)
MD5 3da3cd1d771ea694397fe634ae9441b6
SHA1 9aafdfe98f8d5ea3d95e74b711896660240ef66a
SHA256 963e11f631db48af73a916435c3aedf93448b250931ab0ccf247e532f9713954
Certificate Info
Issuer Let's Encrypt
Subject dismounttaxigloomy.com
Fingerprint 46:C3:99:A3:AC:26:11:91:79:0C:0F:9E:C0:CC:8A:D7:80:E5:7C:12
Validity Sun, 27 Apr 2025 21:14:01 GMT - Sat, 26 Jul 2025 21:14:00 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /47e256568502d808b0f4997433da285b/invoke.js HTTP/1.1
Host: dismounttaxigloomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:14 GMT
Content-Type: application/javascript
Content-Length: 11554
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 6
Host: dismounttaxigloomy.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7ae8e0a0d66b31e53e71a4ccdc6d6835
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET caresaybetteann.pages.dev/wp-content/themes/news-press-release/js/v4-shims.min.js?ver=6.1.1
200 OK 26 kB URL
caresaybetteann.pages.dev/wp-content/themes/news-press-release/js/v4-shims.min.js?ver=6.1.1
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (25929), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-01
Times Seen 1334
Size 26 kB (26153 bytes)
MD5 3c32505e3df0fc7407f2ed5d5b41c3b3
SHA1 2213983476d6ba3fc206457dc959959cc5af21ad
SHA256 74110cf04c05b69b63f47ec3b5d7abb4fc7cefcf82a5bc8001c35eb501cc2d04
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/themes/news-press-release/js/v4-shims.min.js?ver=6.1.1 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: application/javascript
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"cbe94db5c885400e80df660a15b1e21f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gv0aQvNtBoDJ5gPRQbBZ%2BqYFTI%2BqRJ6UrAqmDWB%2FY6hrDMQwNw30Z5fPvMV54LNFr0YOxaWTN7YK7vh%2BYoAi8hyhSXunMnHqpZZWqsHxX7Zcdz0qxpH8SakS3k3%2Fm%2B3cnm6wDC6ISqAhNVm%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b280856c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3905&min_rtt=1583&rtt_var=2953&sent=62&recv=25&lost=0&retrans=0&sent_bytes=42812&recv_bytes=5503&delivery_rate=1448899&cwnd=20400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=711&x=1", cfExtPri, cfHdrFlush;dur=0
GET caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
200 OK 19 kB URL
caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 19156, version 1.0
First Seen 2023-04-30
Last Seen 2025-08-02
Times Seen 2505
Size 19 kB (19156 bytes)
MD5 0ceb759015a6df090ad355231fdb39f1
SHA1 b947749baab5bfa0bee35d31e5a5050d4beefe9b
SHA256 db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/fonts/ibm-plex-sans/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://caresaybetteann.pages.dev/wp-content/fonts/fb6d14462284b92c7e38e757c60e3b4e.css?ver=1.0
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:15 GMT
content-type: font/woff2
content-length: 19156
cf-ray: 94fc42204e0c56c9-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "5b65d7e89eb39a25f13e3739105cece8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FrycAYhffqIDEmOJZo5qTrFkQyzoVm4bOoPKX0iQjXXo8gF%2FjfRH03sPw2T%2BJg%2BOqWAzpNz5hd%2F1oHMTg0MhkYDNDnSrLW5HarK80AEkxMvdkA0eIBh6IF50ufI%2FQ3gYhvvro8UlSAy4UjL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3801&min_rtt=889&rtt_var=3603&sent=730&recv=49&lost=0&retrans=0&sent_bytes=814502&recv_bytes=8152&delivery_rate=3886475&cwnd=419400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=1497&x=1", cfExtPri, cfHdrFlush;dur=0
GET nannyirrationalacquainted.com/watch.108941178896.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&tz=0&dev=e&res=14.3095&rb=&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
307 Temporary Redirect 4.9 kB URL
nannyirrationalacquainted.com/watch.108941178896.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&tz=0&dev=e&res=14.3095&rb=&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
IP / ASN
172.240.108.84
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 4.9 kB (4948 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
Validity Sun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.108941178896.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&tz=0&dev=e&res=14.3095&rb=&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:15 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
custom-referer: https://caresaybetteann.pages.dev
access-control-allow-origin: https://caresaybetteann.pages.dev
access-control-allow-credentials: true
location: https://nannyirrationalacquainted.com/watch.108941178896.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929655&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=d4c5e3411cc40ef6462c99acbabb2858e68cc7de2367c1dfeb6532b8aae195489c487430fd6ec51ca07420a70277b6305441ae5be39c1a58042ce0b591355a781358bbcd9d63b69b590a0c3bd9087f078d5c36d8f159d3346261af&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
set-cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; expires=Sat, 14 Jun 2025 19:34:15 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 2
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1fdd85f304c14e480f1aec5585fe34fd
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET caresaybetteann.pages.dev/wp-content/themes/news-press-release/images/icon-search.png
200 OK 1.1 kB URL
caresaybetteann.pages.dev/wp-content/themes/news-press-release/images/icon-search.png
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type PNG image data, 15 x 16, 8-bit/color RGBA, non-interlaced
First Seen 2024-06-04
Last Seen 2025-06-16
Times Seen 6
Size 1.1 kB (1142 bytes)
MD5 63f9e08253fd1bc7770a7e5b4c4b3924
SHA1 ef3db198c8bce01e081d0adbf11759242b0c8c74
SHA256 dd961bf4dd0d3afcff76401e10d7b9148ea897c72b3d05736bdfa6b6b5625a1b
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/themes/news-press-release/images/icon-search.png HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/wp-content/themes/news-press-release/style.css?ver=2.5
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1; pp_main_c331f53d8cb1f5b6cb7f7b13f9d18a13=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:15 GMT
content-type: image/png
content-length: 1142
cf-ray: 94fc42237a4a56c9-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "f3bf639cf488583837bc2a69f6208754"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ypxeHgQ%2FePk02mJ4zgDjZg%2FirZ%2FVk9V5Syx%2FMlqqK68X3pdCzUDX%2FoCF0%2BJUNG0ZJTJPaELBzgRr7N7agBN74lQThHMiYYVgblRNdakbJ8hAw%2BjixrMhfnELiTIe7LJHiwMwBCLqZNIfxc8Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3948&min_rtt=889&rtt_var=2498&sent=784&recv=53&lost=0&retrans=0&sent_bytes=877741&recv_bytes=8767&delivery_rate=2450386&cwnd=419400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=1966&x=1", cfExtPri, cfHdrFlush;dur=0
GET praystakeinstinct.com/76/b1/e6/76b1e60a07741106ab551c8186791238.js
200 OK 65 kB URL
praystakeinstinct.com/76/b1/e6/76b1e60a07741106ab551c8186791238.js
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (64925), with no line terminators
First Seen 2025-06-10
Last Seen 2025-06-14
Times Seen 2
Size 65 kB (64925 bytes)
MD5 2a8d98a959f315c858be7618eabe2961
SHA1 820d81b952891ef2ec5ec9157636411d0ad48581
SHA256 6bb3c11fc55338cc2e4989229381d3eb0826b160560866e17cfe724d8b61a22f
Certificate Info
Issuer Let's Encrypt
Subject praystakeinstinct.com
Fingerprint EB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
Validity Tue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /76/b1/e6/76b1e60a07741106ab551c8186791238.js HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:16 GMT
Content-Type: application/javascript
Content-Length: 23610
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 8
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 485124817b22c8ba9de0622438713d94
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET nannyirrationalacquainted.com/sbar.json?key=76b1e60a07741106ab551c8186791238&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
200 OK 7.1 kB URL
nannyirrationalacquainted.com/sbar.json?key=76b1e60a07741106ab551c8186791238&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JSON text data
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 7.1 kB (7055 bytes)
MD5 62814c915554f9b97df11bd7b07a61b1
SHA1 681260abd4bdce2abc96f25c6e8f6974d47e79f0
SHA256 89f63f2fce61fc1702b6335afd2a9fd4440c6a3f490266a7cd70c4d0375d9d62
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
Validity Sun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=76b1e60a07741106ab551c8186791238&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16337114=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:16 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
custom-referer: https://caresaybetteann.pages.dev
access-control-allow-origin: https://caresaybetteann.pages.dev
access-control-allow-credentials: true
set-cookie: uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; expires=Sat, 21 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
uncs=2; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
u_pl22919410=1; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 195
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a2cfd0fb6227be977d20672a5b4263b4
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET caresaybetteann.pages.dev/wp-content/themes/news-press-release/css/build/bootstrap.css?ver=6.5.5
200 OK 196 kB URL
caresaybetteann.pages.dev/wp-content/themes/news-press-release/css/build/bootstrap.css?ver=6.5.5
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Unicode text, UTF-8 text, with very long lines (560)
First Seen 2023-04-08
Last Seen 2025-08-01
Times Seen 1493
Size 196 kB (195836 bytes)
MD5 f6e962ab807e8058302d1272f059fe45
SHA1 2ad339e5167d5541bc909802909864bedc9dc7c0
SHA256 04d7687506d61e95371d3f311a1904bac4f8721e07123bf0cdc6c3715b8747e1
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/themes/news-press-release/css/build/bootstrap.css?ver=6.5.5 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: text/css; charset=utf-8
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"bc5afdd5c06196273d630cf1b2db89e3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YuTjGBzC5hyMy4KemjJpLpgJy1TYNcta3JJnAe2mUM03ZqYMSixOSPHPp0rJc58sQ8JDVUBLCm%2BZnlZU8%2F4A15vMT7vFMqKt22lID6HGPy0uH4KsoJA2bFmwxgF3FTPXSH8zqCywiowtF8OL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b0fe256c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2970&min_rtt=1583&rtt_var=1117&sent=137&recv=33&lost=0&retrans=0&sent_bytes=121891&recv_bytes=5884&delivery_rate=7111133&cwnd=33600&unsent_bytes=0&cid=c58715e005e4cf5b&ts=1116&x=1", cfExtPri, cfHdrFlush;dur=0
GET praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css&l=78689&fd=230
200 OK 0 B URL
praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css&l=78689&fd=230
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject praystakeinstinct.com
Fingerprint EB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
Validity Tue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css&l=78689&fd=230 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16337114=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:17 GMT
Content-Length: 0
Connection: keep-alive
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js
200 OK 90 kB URL
cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65451)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 2980
Size 90 kB (89492 bytes)
MD5 561acb3e541133bbdd2c0c19f8ee35a1
SHA1 ffd1353cf3f77d25f801c84d8208613eb0d3d548
SHA256 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: application/javascript
content-length: 89492
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: "65aa8501-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 442753
cf-cache-status: HIT
priority: u=3,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=S%2Frij4Ra%2BBdmm%2FFLvSj0jvH2gbTW1VYBTUBSNaqX5AgYqT9aEdFiIM%2BnYKAotq5jYT0VL1vh786ciexToad%2BrooXZssYD2DHyULkmP093awGLvem"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94fc42311b95712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP / ASN
142.250.74.35
#15169 GOOGLE
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
First Seen 2025-01-08
Last Seen 2025-08-02
Times Seen 97630
Size 40 kB (40128 bytes)
MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint E1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
Validity Mon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 406466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET nannyirrationalacquainted.com/watch.292559168941.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929655&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=b457f26122798edb0f06d3eced607fbede590ca7ca6fb37e3aa12a33dbd16b3acd8e5ee5f2e3ec51b0744508f7c6700e8ebe865c2303e9e278142ecc1b27eaf9e6d85d948eab0a89482883a5b26ca55c0ecbbbc092171a0681&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
200 OK 5.0 kB URL
nannyirrationalacquainted.com/watch.292559168941.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929655&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=b457f26122798edb0f06d3eced607fbede590ca7ca6fb37e3aa12a33dbd16b3acd8e5ee5f2e3ec51b0744508f7c6700e8ebe865c2303e9e278142ecc1b27eaf9e6d85d948eab0a89482883a5b26ca55c0ecbbbc092171a0681&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
IP / ASN
172.240.108.84
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (4120)
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 5.0 kB (4996 bytes)
MD5 00cf05c95e283025303af103ef3f8a5c
SHA1 9bae767df5c7153e4262f9cb9da56387659b8306
SHA256 e53d6864c681eb7adfa37e6c42a101e51583b85982a85c8532590fbae8cc677a
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
Validity Sun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.292559168941.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929655&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=b457f26122798edb0f06d3eced607fbede590ca7ca6fb37e3aa12a33dbd16b3acd8e5ee5f2e3ec51b0744508f7c6700e8ebe865c2303e9e278142ecc1b27eaf9e6d85d948eab0a89482883a5b26ca55c0ecbbbc092171a0681&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://caresaybetteann.pages.dev
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
custom-referer: https://caresaybetteann.pages.dev
access-control-allow-origin: https://caresaybetteann.pages.dev
access-control-allow-credentials: true
set-cookie: uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; expires=Sat, 21 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 15 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 15 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Sun, 15 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Sun, 15 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
u_pl16337114=1; expires=Sun, 15 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 14
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 0dbf259a5ab5766cadbb679c7f41250f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET nannyirrationalacquainted.com/watch.108941178896.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929655&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=d4c5e3411cc40ef6462c99acbabb2858e68cc7de2367c1dfeb6532b8aae195489c487430fd6ec51ca07420a70277b6305441ae5be39c1a58042ce0b591355a781358bbcd9d63b69b590a0c3bd9087f078d5c36d8f159d3346261af&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
200 OK 4.9 kB URL
nannyirrationalacquainted.com/watch.108941178896.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929655&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=d4c5e3411cc40ef6462c99acbabb2858e68cc7de2367c1dfeb6532b8aae195489c487430fd6ec51ca07420a70277b6305441ae5be39c1a58042ce0b591355a781358bbcd9d63b69b590a0c3bd9087f078d5c36d8f159d3346261af&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (4072)
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 4.9 kB (4948 bytes)
MD5 4b78232e529d00fdc9e66ebab1d90569
SHA1 a7e054beef2db604eb15a675c15f81c0da47c29c
SHA256 4f6e7098dc5f7a54fb698ba75d6e7c57406f5d9877d4af8becc2a9feb95e4b47
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
Validity Sun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.108941178896.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929655&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=d4c5e3411cc40ef6462c99acbabb2858e68cc7de2367c1dfeb6532b8aae195489c487430fd6ec51ca07420a70277b6305441ae5be39c1a58042ce0b591355a781358bbcd9d63b69b590a0c3bd9087f078d5c36d8f159d3346261af&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://caresaybetteann.pages.dev
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
custom-referer: https://caresaybetteann.pages.dev
access-control-allow-origin: https://caresaybetteann.pages.dev
access-control-allow-credentials: true
set-cookie: uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; expires=Sat, 21 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 15 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 15 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Sun, 15 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Sun, 15 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
u_pl16337114=1; expires=Sun, 15 Jun 2025 19:33:15 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 79
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 8e23213894c20d532dc504a8032d06f6
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
200 OK 19 kB URL
caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 19440, version 1.0
First Seen 2023-05-03
Last Seen 2025-07-11
Times Seen 1387
Size 19 kB (19440 bytes)
MD5 f9b6356e32a9b93ae0f1c23aa537f2a1
SHA1 0cc73519d7b7fb4e4268727490205df48bd570f6
SHA256 fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/fonts/ibm-plex-sans/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://caresaybetteann.pages.dev/wp-content/fonts/fb6d14462284b92c7e38e757c60e3b4e.css?ver=1.0
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1; pp_main_c331f53d8cb1f5b6cb7f7b13f9d18a13=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:16 GMT
content-type: font/woff2
content-length: 19440
cf-ray: 94fc4226ce7256c9-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "7c6de0a071cbcd9c17fa0c06e013e847"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThRYIWMGFtF8K1YHILtxZRNS%2BfsEdvsD46xgoFPbhMmG0p%2Fv28ifYg5dcEF2RcP81at5GIC3s4zWbCdl3jbglPZTbwJ3GU%2BlS3EDmt5Tb%2FvW84DYJDj7yD%2BiK9QK%2Fay5KzEUV1Y8Uby7MDPK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3124&min_rtt=889&rtt_var=2368&sent=817&recv=59&lost=0&retrans=0&sent_bytes=911822&recv_bytes=10303&delivery_rate=8017734&cwnd=419400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=2519&x=1", cfExtPri, cfHdrFlush;dur=0
GET praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css&l=78689&fd=526
200 OK 0 B URL
praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css&l=78689&fd=526
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject praystakeinstinct.com
Fingerprint EB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
Validity Tue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fanimate.css&l=78689&fd=526 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16337114=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:17 GMT
Content-Length: 0
Connection: keep-alive
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET invadedisheartentrail.com/impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3s0thx-_4MdBhBE8KLiT7umeL3MIxri6mC-TSEANUl1VPVtOTVdb1R-bUTAYIjmOoOKx55ndrMYl6C0XQWYFhYWA42kP2Uv-gwiepWcHVgv6fd9-nreb53n77S_G2QEJkNH9S-f1UCpFTzbrbu2lazLmurC1C1drnlt3T9WuybgVnKptVMHkr3p-UHdfrr0pWF-fbLie63quV1uVRkR64-SchUx2ul6969aDRt1rBtgw_7232RIsdcDzA3ICks_-9zh6H5JNEQ9-PCtsP9XJK28MMkVTbZDz7XfjfqyLGIOjMjIOonh70Q1tZ4R8uwQdby8cQOeblQOEckaWnnmEMN5eyESYbx0qDRVEjJAfR5FPIdQUkk7B9C1I_gcBGMeFi4gHdy9oU9Abhyyt2Bk59vdfkMWMHHv0FOLB_TNKbtSuaJWlUscWG1EJuTGF7E2RZLtIh0uQxS5Y-jkkf0jcZ48jHtx7S-eyX8uF6UPy_RdZKPxOO4hWOHXbK0GHtlfCFqUrXtvveIHocLcRzQcloymUGIFaB1l1SQdZ5CBLHAz4fi1wOwHzqN-Kupy13YAGAReh2-00XJd2WRsZq1yMkCYjMDUCM7fvJnw97eebqcnEZhYzO_a2D6HmHNuqsObY28k-TJTX8v225wVjD4m5ib4cwWS_wK6XsHwJNp0R553PkPMShSAoLEFBCQpJUKQERV5ucWUbtrzLlc1Cb5Ebi-yXE532xnRLpz0RE1AzguHlpkw-trfA0uXJMLJ8oqtAw7Sc0JCX4-SA_L_6Ns71B0_QF_u1div0RMulbrsdeJ7bomGz6bGO12m1u17D78DKEtIuzec4lDPy9Au_I5Ez4uRfI6S7sGoXTC6DZs-DFiXoeolh_IDRgVBK0qGhVtF6QnvC1rnIwXWJJD2G9IYzVgfkufmmvPfJHQi2d_qxPz9gpkRiSnwkfyXoqTuTy7ogm5d1YclPF5NUDuSQVlt0JaWpWL73trhRaMPXztrR96-xiqjKnavCpudozGXcs-SHM5JzYVa1YYL8vGavifBSZtfPZCbOknOXXl9dGyRGWCt1PAWtDD4xYHJGTvy2P_9D_JUPIM0UJisxyPbI4kDqKVhyEzY50m81gVFHPWHioMjKiWmER6CSM3L-q--gxN7p-6trt78Jr4OGJaz414NH9cTQ6g1UlmN7Bz3jgKa3EA9K5KZErkpQNYLNlidpYvZO_7mQEipnEirjbIbKqC8PR23lfi3yRYO5bqfd8vxOJDw_4CxqdoIub1HX9wVSO1s___DTfwIAAP__yglOzgcFAAA=
200 OK 0 B URL
invadedisheartentrail.com/impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3s0thx-_4MdBhBE8KLiT7umeL3MIxri6mC-TSEANUl1VPVtOTVdb1R-bUTAYIjmOoOKx55ndrMYl6C0XQWYFhYWA42kP2Uv-gwiepWcHVgv6fd9-nreb53n77S_G2QEJkNH9S-f1UCpFTzbrbu2lazLmurC1C1drnlt3T9WuybgVnKptVMHkr3p-UHdfrr0pWF-fbLie63quV1uVRkR64-SchUx2ul6969aDRt1rBtgw_7232RIsdcDzA3ICks_-9zh6H5JNEQ9-PCtsP9XJK28MMkVTbZDz7XfjfqyLGIOjMjIOonh70Q1tZ4R8uwQdby8cQOeblQOEckaWnnmEMN5eyESYbx0qDRVEjJAfR5FPIdQUkk7B9C1I_gcBGMeFi4gHdy9oU9Abhyyt2Bk59vdfkMWMHHv0FOLB_TNKbtSuaJWlUscWG1EJuTGF7E2RZLtIh0uQxS5Y-jkkf0jcZ48jHtx7S-eyX8uF6UPy_RdZKPxOO4hWOHXbK0GHtlfCFqUrXtvveIHocLcRzQcloymUGIFaB1l1SQdZ5CBLHAz4fi1wOwHzqN-Kupy13YAGAReh2-00XJd2WRsZq1yMkCYjMDUCM7fvJnw97eebqcnEZhYzO_a2D6HmHNuqsObY28k-TJTX8v225wVjD4m5ib4cwWS_wK6XsHwJNp0R553PkPMShSAoLEFBCQpJUKQERV5ucWUbtrzLlc1Cb5Ebi-yXE532xnRLpz0RE1AzguHlpkw-trfA0uXJMLJ8oqtAw7Sc0JCX4-SA_L_6Ns71B0_QF_u1div0RMulbrsdeJ7bomGz6bGO12m1u17D78DKEtIuzec4lDPy9Au_I5Ez4uRfI6S7sGoXTC6DZs-DFiXoeolh_IDRgVBK0qGhVtF6QnvC1rnIwXWJJD2G9IYzVgfkufmmvPfJHQi2d_qxPz9gpkRiSnwkfyXoqTuTy7ogm5d1YclPF5NUDuSQVlt0JaWpWL73trhRaMPXztrR96-xiqjKnavCpudozGXcs-SHM5JzYVa1YYL8vGavifBSZtfPZCbOknOXXl9dGyRGWCt1PAWtDD4xYHJGTvy2P_9D_JUPIM0UJisxyPbI4kDqKVhyEzY50m81gVFHPWHioMjKiWmER6CSM3L-q--gxN7p-6trt78Jr4OGJaz414NH9cTQ6g1UlmN7Bz3jgKa3EA9K5KZErkpQNYLNlidpYvZO_7mQEipnEirjbIbKqC8PR23lfi3yRYO5bqfd8vxOJDw_4CxqdoIub1HX9wVSO1s___DTfwIAAP__yglOzgcFAAA=
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject invadedisheartentrail.com
Fingerprint 95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
Validity Tue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3s0thx-_4MdBhBE8KLiT7umeL3MIxri6mC-TSEANUl1VPVtOTVdb1R-bUTAYIjmOoOKx55ndrMYl6C0XQWYFhYWA42kP2Uv-gwiepWcHVgv6fd9-nreb53n77S_G2QEJkNH9S-f1UCpFTzbrbu2lazLmurC1C1drnlt3T9WuybgVnKptVMHkr3p-UHdfrr0pWF-fbLie63quV1uVRkR64-SchUx2ul6969aDRt1rBtgw_7232RIsdcDzA3ICks_-9zh6H5JNEQ9-PCtsP9XJK28MMkVTbZDz7XfjfqyLGIOjMjIOonh70Q1tZ4R8uwQdby8cQOeblQOEckaWnnmEMN5eyESYbx0qDRVEjJAfR5FPIdQUkk7B9C1I_gcBGMeFi4gHdy9oU9Abhyyt2Bk59vdfkMWMHHv0FOLB_TNKbtSuaJWlUscWG1EJuTGF7E2RZLtIh0uQxS5Y-jkkf0jcZ48jHtx7S-eyX8uF6UPy_RdZKPxOO4hWOHXbK0GHtlfCFqUrXtvveIHocLcRzQcloymUGIFaB1l1SQdZ5CBLHAz4fi1wOwHzqN-Kupy13YAGAReh2-00XJd2WRsZq1yMkCYjMDUCM7fvJnw97eebqcnEZhYzO_a2D6HmHNuqsObY28k-TJTX8v225wVjD4m5ib4cwWS_wK6XsHwJNp0R553PkPMShSAoLEFBCQpJUKQERV5ucWUbtrzLlc1Cb5Ebi-yXE532xnRLpz0RE1AzguHlpkw-trfA0uXJMLJ8oqtAw7Sc0JCX4-SA_L_6Ns71B0_QF_u1div0RMulbrsdeJ7bomGz6bGO12m1u17D78DKEtIuzec4lDPy9Au_I5Ez4uRfI6S7sGoXTC6DZs-DFiXoeolh_IDRgVBK0qGhVtF6QnvC1rnIwXWJJD2G9IYzVgfkufmmvPfJHQi2d_qxPz9gpkRiSnwkfyXoqTuTy7ogm5d1YclPF5NUDuSQVlt0JaWpWL73trhRaMPXztrR96-xiqjKnavCpudozGXcs-SHM5JzYVa1YYL8vGavifBSZtfPZCbOknOXXl9dGyRGWCt1PAWtDD4xYHJGTvy2P_9D_JUPIM0UJisxyPbI4kDqKVhyEzY50m81gVFHPWHioMjKiWmER6CSM3L-q--gxN7p-6trt78Jr4OGJaz414NH9cTQ6g1UlmN7Bz3jgKa3EA9K5KZErkpQNYLNlidpYvZO_7mQEipnEirjbIbKqC8PR23lfi3yRYO5bqfd8vxOJDw_4CxqdoIub1HX9wVSO1s___DTfwIAAP__yglOzgcFAAA= HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:18 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 6
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 520fb6af93aec045849f0509ecabd52e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET nannyirrationalacquainted.com/pixel/purst?dl=0&th=0&sc=0&rs=1322&rd=1322&fd=638&bv=25.5.2579&tmpl=70
200 OK 0 B URL
nannyirrationalacquainted.com/pixel/purst?dl=0&th=0&sc=0&rs=1322&rd=1322&fd=638&bv=25.5.2579&tmpl=70
IP / ASN
172.240.108.84
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
Validity Sun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1322&rd=1322&fd=638&bv=25.5.2579&tmpl=70 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:15 GMT
Content-Length: 0
Connection: keep-alive
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
200 OK 20 kB URL
caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 20064, version 1.0
First Seen 2023-04-30
Last Seen 2025-07-19
Times Seen 792
Size 20 kB (20064 bytes)
MD5 767677e475131fa7d3f37880976bee39
SHA1 386db54484cff1dfee2cbc4441ad790fe9829a6b
SHA256 5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/fonts/ibm-plex-sans/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://caresaybetteann.pages.dev/wp-content/fonts/fb6d14462284b92c7e38e757c60e3b4e.css?ver=1.0
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:15 GMT
content-type: font/woff2
content-length: 20064
cf-ray: 94fc42203e0b56c9-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "5b877af4cb82415bbe0a20ae5f0acb18"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ia6bW4EQhGTHPqNM50jikg%2F8o1GcAYiBu7KDHvx5FtAxvFFlQkAyGnmjIOfK9W0k5PvEz0itQK3BeU49yrpQ98131fAr%2B5g4gWIVqcMFOWDEhL%2FIxW3C5fdvr9gQ17S8PsxcSz10RTvZQ5PQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4137&min_rtt=889&rtt_var=3373&sent=747&recv=50&lost=0&retrans=0&sent_bytes=834864&recv_bytes=8205&delivery_rate=2264477&cwnd=419400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=1529&x=1", cfExtPri, cfHdrFlush;dur=0
GET caresaybetteann.pages.dev/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
200 OK 0 B URL
caresaybetteann.pages.dev/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.5 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1; pp_main_c331f53d8cb1f5b6cb7f7b13f9d18a13=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:16 GMT
content-type: text/html; charset=utf-8
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWF%2F%2BA%2FyZigoQ2ndeEovkdRxA5y%2F0Kr7WpwkrQIewzTsltfyszxmKnV8EpKvtkmrjQaZE1TJctX0DYRsChQ1a%2Bg0g1vBSLRMO4sofHzDwmpND3Od%2BEJUm%2FaRHzD2F8qR5kYbeA1wzu2UvSOc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc4226fec656c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3759&min_rtt=889&rtt_var=2251&sent=789&recv=57&lost=0&retrans=0&sent_bytes=879735&recv_bytes=10212&delivery_rate=10122&cwnd=419400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=2372&x=1", cfExtPri, cfHdrFlush;dur=0
GET praystakeinstinct.com/watch.715140583301.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929656&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=62b9af5e9b0f359ad0d85ce498fe778a8edb978b5490bef9913ba651c928ff7947a8d40e077bf269388ba84503b17f3efa5b95c5f1917f4bc656b447d7629656338878f7c43a1f5dbd57514637662b7e1206ff6fb035fde3a6&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
200 OK 5.0 kB URL
praystakeinstinct.com/watch.715140583301.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929656&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=62b9af5e9b0f359ad0d85ce498fe778a8edb978b5490bef9913ba651c928ff7947a8d40e077bf269388ba84503b17f3efa5b95c5f1917f4bc656b447d7629656338878f7c43a1f5dbd57514637662b7e1206ff6fb035fde3a6&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (4128)
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 5.0 kB (5004 bytes)
MD5 ffcd41e6565d0f8ec2f3bffee1ed18ba
SHA1 3af13bc3b5d0191e6c1c8f99dde20e9b43fbd753
SHA256 98073829b1fcb68766c5c7f45892d1a60a301b8f39b8f520ef956186bbae62dd
Certificate Info
Issuer Let's Encrypt
Subject praystakeinstinct.com
Fingerprint EB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
Validity Tue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.715140583301.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929656&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=62b9af5e9b0f359ad0d85ce498fe778a8edb978b5490bef9913ba651c928ff7947a8d40e077bf269388ba84503b17f3efa5b95c5f1917f4bc656b447d7629656338878f7c43a1f5dbd57514637662b7e1206ff6fb035fde3a6&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://caresaybetteann.pages.dev
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
custom-referer: https://caresaybetteann.pages.dev
access-control-allow-origin: https://caresaybetteann.pages.dev
access-control-allow-credentials: true
set-cookie: uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; expires=Sat, 21 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
u_pl16337114=1; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 34
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 66c6313677d7f5d009426f9ca8cf678b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET cdn.storageimagedisplay.com/si/79/2e/e8/792ee83e80b5394e4d3a5125e432eb70/1701650147.png
200 OK 14 kB URL
cdn.storageimagedisplay.com/si/79/2e/e8/792ee83e80b5394e4d3a5125e432eb70/1701650147.png
IP / ASN
45.133.44.2
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
First Seen 2023-12-04
Last Seen 2025-08-02
Times Seen 605
Size 14 kB (13731 bytes)
MD5 b39effc8e82a1a83041a3282200f2d32
SHA1 4dd606913c72d9728485151e85d6f4a431f6215b
SHA256 e5375e1f3bac974f8fed58b80f75290dd66b7d71873f9c489aefab684f725fdf
Certificate Info
Issuer Let's Encrypt
Subject cdn.storageimagedisplay.com
Fingerprint 7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
Validity Sun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT
GET /si/79/2e/e8/792ee83e80b5394e4d3a5125e432eb70/1701650147.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: image/png
content-length: 13731
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 00:35:56 GMT
etag: "656d1eec-35a3"
expires: Mon, 16 Jun 2025 19:33:17 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
200 OK 20 kB URL
caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 20356, version 1.0
First Seen 2023-04-30
Last Seen 2025-08-02
Times Seen 868
Size 20 kB (20356 bytes)
MD5 e78568807d101b47dfd21e34244e072f
SHA1 4cfc3c246e975c42ef684033a58afdacf8d5f54b
SHA256 31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/fonts/ibm-plex-sans/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://caresaybetteann.pages.dev/wp-content/fonts/fb6d14462284b92c7e38e757c60e3b4e.css?ver=1.0
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:15 GMT
content-type: font/woff2
content-length: 20356
cf-ray: 94fc42203e0a56c9-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "39280302ba1390a4890a4ea43740ad8c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNUM478cWN1GlZ2dMv7KH6o3ISb4VpMaaJgisLZGIhwfECeLSjINLSROyBl8%2FZW5Zq59FiyJaeO66NX442UTqpH8PABHtSGw3JW%2BaGxZ2Za0Q0Gd%2By8004VtnxtFFWCgKyOSBeW5oAk%2BeWjz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3857&min_rtt=889&rtt_var=3089&sent=765&recv=51&lost=0&retrans=0&sent_bytes=856141&recv_bytes=8258&delivery_rate=2242152&cwnd=419400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=1548&x=1", cfExtPri, cfHdrFlush;dur=0
GET caresaybetteann.pages.dev/wp-content/themes/news-press-release/style.css?ver=2.5
200 OK 94 kB URL
caresaybetteann.pages.dev/wp-content/themes/news-press-release/style.css?ver=2.5
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text, with very long lines (1598), with CRLF line terminators
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 94 kB (94436 bytes)
MD5 36d7c261d307c7173659bc7cdb3dc970
SHA1 b7fdd6400051bfb9c6b209ccc60a062b954da11b
SHA256 1a6b26289b968c29813afd43b05a65e4b1d77b2c1c0ec875b2f5c1bdf0bfb1ba
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/themes/news-press-release/style.css?ver=2.5 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: text/css; charset=utf-8
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ee81432389637e802536a4c7282053b9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vQUorb1HQG3ZssrCdHqhxDrXd%2FTf1pqv75Sx3vmW%2B%2BmpHFuUzvKu6CP3kxttdf75AoX8udX97rWXSA%2Fee5iRnJygKqF5YvgX%2BQkwaBuvU6bwLnG3EM%2B52r0AmowmFnrK9SguWunJQzR%2BPkU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b0feb56c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3420&min_rtt=1583&rtt_var=2513&sent=73&recv=27&lost=0&retrans=0&sent_bytes=53229&recv_bytes=5596&delivery_rate=1152117&cwnd=20400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=881&x=1", cfExtPri, cfHdrFlush;dur=0
GET recordedthereby.com/sfp.js
200 OK 85 kB URL
recordedthereby.com/sfp.js
IP / ASN
185.196.197.72
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
First Seen 2025-01-25
Last Seen 2025-06-27
Times Seen 2209
Size 85 kB (85380 bytes)
MD5 108625937affa4b38bb17cea65510d72
SHA1 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
SHA256 c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0
Certificate Info
Issuer Let's Encrypt
Subject recordedthereby.com
Fingerprint 43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
Validity Mon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:16 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 484c4eae380dd3698a8f857f8c16f470
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html
200 OK 1.5 kB URL
cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html
IP / ASN
104.21.95.140
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type HTML document, ASCII text
First Seen 2023-12-18
Last Seen 2025-08-02
Times Seen 331
Size 1.5 kB (1544 bytes)
MD5 972f68410d9349904f897739b33e12cc
SHA1 e41130dbad60e81ad2665bb7407a50888aae8150
SHA256 90c062931018d386488b555fd261405457f9744db31512ff5780d49769d7b0d0
Certificate Info
Issuer Google Trust Services
Subject show-sb.com
Fingerprint DF:A8:5A:11:E9:7E:8B:0E:2E:08:20:FB:02:FE:C4:E3:E7:97:E8:3A
Validity Thu, 12 Jun 2025 07:26:41 GMT - Wed, 10 Sep 2025 08:25:04 GMT
GET /sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: text/html
server: cloudflare
last-modified: Fri, 11 Apr 2025 14:28:57 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=psCac1sVGT27xPoEfOKvGWvzCrqhNKjjNOKunNssa8fXpiAhJNqJcwqyMBc8zsfav1xd1lhZcSK4Cqq%2FcTEYxd%2BKLygiQzBb7ungYCU%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94fc422d1f18712f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET caresaybetteann.pages.dev/favicon.ico
200 OK 37 kB URL
caresaybetteann.pages.dev/favicon.ico
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type HTML document, Unicode text, UTF-8 text, with very long lines (8639), with CRLF, LF line terminators
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 37 kB (37237 bytes)
MD5 fe7260d58e061722c34067608e5767d1
SHA1 3b727818c080014a903e41605218d7396048cb55
SHA256 32278bc82b4434065c9d41dd57a0997abd9da9c67f8b017cda725b1fdce05d69
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /favicon.ico HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1; pp_main_c331f53d8cb1f5b6cb7f7b13f9d18a13=1; sb_page_76b1e60a07741106ab551c8186791238=3; sb_main_76b1e60a07741106ab551c8186791238=1; sb_count_76b1e60a07741106ab551c8186791238=2; pbpr0tpuw4isk85t8yg3jb2lj5vqf=nannyirrationalacquainted.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:18 GMT
content-type: text/html; charset=utf-8
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=103T8%2FaLfcezUlwv4XGdZ2sYjlTBIjv4mR7QSNYf6cjdy7VJ%2FK3uPcNUwEQTqz6oxSIh%2B3rWs1tJ9RgGBg6BX5QOqYZMndKQfgA83ghmPlNaFATorle%2FyX%2FbSF1K93YNTWJ46mh71XskFIs%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc42335cb256c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2919&min_rtt=889&rtt_var=2185&sent=836&recv=61&lost=0&retrans=0&sent_bytes=932525&recv_bytes=10872&delivery_rate=4986393&cwnd=419400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=4354&x=1", cfExtPri, cfHdrFlush;dur=0
GET cdn.storageimagedisplay.com/cti/6c/d9/14/6cd91448da7899cc6ea002250b1e662c/1708270272.jpg
200 OK 87 kB URL
cdn.storageimagedisplay.com/cti/6c/d9/14/6cd91448da7899cc6ea002250b1e662c/1708270272.jpg
IP / ASN
45.133.44.2
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:16 15:10:10], progressive, precision 8, 300x250, components 3
First Seen 2024-02-20
Last Seen 2025-07-29
Times Seen 541
Size 87 kB (87019 bytes)
MD5 18c244854d43934c150dd0ca6b68a93b
SHA1 56638de980812f54155699186dd04b19c29ebfd0
SHA256 82951572f360d99180c429e813caf341dc5456524cbf0ec4c4f85dc9e4a9c3fa
Certificate Info
Issuer Let's Encrypt
Subject cdn.storageimagedisplay.com
Fingerprint 7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
Validity Sun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT
GET /cti/6c/d9/14/6cd91448da7899cc6ea002250b1e662c/1708270272.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:16 GMT
content-type: image/jpeg
content-length: 87019
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:31:21 GMT
etag: "65d222c9-153eb"
expires: Mon, 16 Jun 2025 19:33:16 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET shotgunchancecruel.com/ren.gif?sid=H4sIAAAAAAAC_1RTz4scxRev3s0thy_f4I-DCCN4UHAn3dM9PTPmEIxxdTG_TCIBNUh1V_VsOdVdbVX_2IyCwRDJcQQVjz2f2c1qXILechFkVlBYCDie9pC95D-I4Fl6dmD1Qb_3-n1eN5_Pq1dfjPMD4iGn-5fOq6GQkp5sN-3GS9dEwlRpGheuNhy7aZ9qXBOJ751qbNROF686rte0X268ycOBOtmyHdt2bKexKjSP1MbJOQqR7vScZs9ueq2m0_awof_7bvIlGGqBFQfkBASb_e9x9D5EOEUS_3iWm0Gm0lfeiHNJM6VRsO13k0GiygTxURppC1GyveiGMjNCvl2CSrYXCqCKzVoBAjEjS888QpBsL2giKLYOmQYSPEHAjqMspuByCkGnCNUtCPYHAUKGCxeRxHcvKF3SG4cordEZOfb3XxDljBx79BSS-P4ZKTYaV5TMM6ESg42ogtiYQvSnSPNdZMMliHIXYfY5BHtI7GePI4nvvaUKMWgUXA8g2P6LYcDdbseLVhi1Oytel3ZWAp_SFafjdh2Pd5ndiuaDEtEUko9AjYW8foSFPLKQpxZitt_w7K4XOtT1ox4LO7ZHPY_xwO51W7ZNe2EHeVirGCFLRwjlCKG-vZUnoWmPnZ38w1Q6vut2HMcbO3dTtp4Nis1M53yzbhk724el9ryGVN_EQIyg819g1isYtgyTzYj1zmcoWIWSE5SGoKQEpSAoM4KyqLaYNC1T3WXS5IGziK1FdKuJyvpjuqWyPk8IqB5Bs2pTpB-bWwiz5ckwMmyiakeDrJrQgFXj9ID8vz4b6_qDJxjw_UbHDxzu29TudDzHsX0atNtO2HW6fqfntNwujKggzNJ8jkMxI0-_8DtSMSNW8TUCugsjdxGKZdD8edCyAl2vMEwehDTmUgo61NRI2kxpn5sm4wWYqpBmx5DdsMbygDw335T3PrkDHu6dfuzODaGukOoKH4lfCfryzuSyKsnmZVUa8tPFNBOxGNJ6i65kNOPL997mN0ql2dpZM_r-tbAG6nTnKjfZOZowkfQN-eGMYIzrVaVDTn5eM9d4cCk362dyneTpuUuvr67FqebGCJVMQWuBTzRCMSMnftuf3xB35QMIPYXOK8T5HlkYhJoiTG_CpEf8jSLQ8qgnSC2UeTXRreCoKMWMnP_qO0i-d_r-6trtb4LroEEFw__14VE-0bT-AxXV2NxBX1ug2S0kcYVCVyhkBSpHMPnyJEv13uk_F1QCaU0Cqa3NQGr55eGojdhvtFuB63e7Po98FrnMbbms17Z5z6M93-t5bWRmtn7-4af_BAAA__8_U7lMBwUAAA==
200 OK 0 B URL
shotgunchancecruel.com/ren.gif?sid=H4sIAAAAAAAC_1RTz4scxRev3s0thy_f4I-DCCN4UHAn3dM9PTPmEIxxdTG_TCIBNUh1V_VsOdVdbVX_2IyCwRDJcQQVjz2f2c1qXILechFkVlBYCDie9pC95D-I4Fl6dmD1Qb_3-n1eN5_Pq1dfjPMD4iGn-5fOq6GQkp5sN-3GS9dEwlRpGheuNhy7aZ9qXBOJ751qbNROF686rte0X268ycOBOtmyHdt2bKexKjSP1MbJOQqR7vScZs9ueq2m0_awof_7bvIlGGqBFQfkBASb_e9x9D5EOEUS_3iWm0Gm0lfeiHNJM6VRsO13k0GiygTxURppC1GyveiGMjNCvl2CSrYXCqCKzVoBAjEjS888QpBsL2giKLYOmQYSPEHAjqMspuByCkGnCNUtCPYHAUKGCxeRxHcvKF3SG4cordEZOfb3XxDljBx79BSS-P4ZKTYaV5TMM6ESg42ogtiYQvSnSPNdZMMliHIXYfY5BHtI7GePI4nvvaUKMWgUXA8g2P6LYcDdbseLVhi1Oytel3ZWAp_SFafjdh2Pd5ndiuaDEtEUko9AjYW8foSFPLKQpxZitt_w7K4XOtT1ox4LO7ZHPY_xwO51W7ZNe2EHeVirGCFLRwjlCKG-vZUnoWmPnZ38w1Q6vut2HMcbO3dTtp4Nis1M53yzbhk724el9ryGVN_EQIyg819g1isYtgyTzYj1zmcoWIWSE5SGoKQEpSAoM4KyqLaYNC1T3WXS5IGziK1FdKuJyvpjuqWyPk8IqB5Bs2pTpB-bWwiz5ckwMmyiakeDrJrQgFXj9ID8vz4b6_qDJxjw_UbHDxzu29TudDzHsX0atNtO2HW6fqfntNwujKggzNJ8jkMxI0-_8DtSMSNW8TUCugsjdxGKZdD8edCyAl2vMEwehDTmUgo61NRI2kxpn5sm4wWYqpBmx5DdsMbygDw335T3PrkDHu6dfuzODaGukOoKH4lfCfryzuSyKsnmZVUa8tPFNBOxGNJ6i65kNOPL997mN0ql2dpZM_r-tbAG6nTnKjfZOZowkfQN-eGMYIzrVaVDTn5eM9d4cCk362dyneTpuUuvr67FqebGCJVMQWuBTzRCMSMnftuf3xB35QMIPYXOK8T5HlkYhJoiTG_CpEf8jSLQ8qgnSC2UeTXRreCoKMWMnP_qO0i-d_r-6trtb4LroEEFw__14VE-0bT-AxXV2NxBX1ug2S0kcYVCVyhkBSpHMPnyJEv13uk_F1QCaU0Cqa3NQGr55eGojdhvtFuB63e7Po98FrnMbbms17Z5z6M93-t5bWRmtn7-4af_BAAA__8_U7lMBwUAAA==
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject shotgunchancecruel.com
Fingerprint 57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
Validity Sun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT
GET /ren.gif?sid=H4sIAAAAAAAC_1RTz4scxRev3s0thy_f4I-DCCN4UHAn3dM9PTPmEIxxdTG_TCIBNUh1V_VsOdVdbVX_2IyCwRDJcQQVjz2f2c1qXILechFkVlBYCDie9pC95D-I4Fl6dmD1Qb_3-n1eN5_Pq1dfjPMD4iGn-5fOq6GQkp5sN-3GS9dEwlRpGheuNhy7aZ9qXBOJ751qbNROF686rte0X268ycOBOtmyHdt2bKexKjSP1MbJOQqR7vScZs9ueq2m0_awof_7bvIlGGqBFQfkBASb_e9x9D5EOEUS_3iWm0Gm0lfeiHNJM6VRsO13k0GiygTxURppC1GyveiGMjNCvl2CSrYXCqCKzVoBAjEjS888QpBsL2giKLYOmQYSPEHAjqMspuByCkGnCNUtCPYHAUKGCxeRxHcvKF3SG4cordEZOfb3XxDljBx79BSS-P4ZKTYaV5TMM6ESg42ogtiYQvSnSPNdZMMliHIXYfY5BHtI7GePI4nvvaUKMWgUXA8g2P6LYcDdbseLVhi1Oytel3ZWAp_SFafjdh2Pd5ndiuaDEtEUko9AjYW8foSFPLKQpxZitt_w7K4XOtT1ox4LO7ZHPY_xwO51W7ZNe2EHeVirGCFLRwjlCKG-vZUnoWmPnZ38w1Q6vut2HMcbO3dTtp4Nis1M53yzbhk724el9ryGVN_EQIyg819g1isYtgyTzYj1zmcoWIWSE5SGoKQEpSAoM4KyqLaYNC1T3WXS5IGziK1FdKuJyvpjuqWyPk8IqB5Bs2pTpB-bWwiz5ckwMmyiakeDrJrQgFXj9ID8vz4b6_qDJxjw_UbHDxzu29TudDzHsX0atNtO2HW6fqfntNwujKggzNJ8jkMxI0-_8DtSMSNW8TUCugsjdxGKZdD8edCyAl2vMEwehDTmUgo61NRI2kxpn5sm4wWYqpBmx5DdsMbygDw335T3PrkDHu6dfuzODaGukOoKH4lfCfryzuSyKsnmZVUa8tPFNBOxGNJ6i65kNOPL997mN0ql2dpZM_r-tbAG6nTnKjfZOZowkfQN-eGMYIzrVaVDTn5eM9d4cCk362dyneTpuUuvr67FqebGCJVMQWuBTzRCMSMnftuf3xB35QMIPYXOK8T5HlkYhJoiTG_CpEf8jSLQ8qgnSC2UeTXRreCoKMWMnP_qO0i-d_r-6trtb4LroEEFw__14VE-0bT-AxXV2NxBX1ug2S0kcYVCVyhkBSpHMPnyJEv13uk_F1QCaU0Cqa3NQGr55eGojdhvtFuB63e7Po98FrnMbbms17Z5z6M93-t5bWRmtn7-4af_BAAA__8_U7lMBwUAAA== HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:17 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 2
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 3e34798a63b8ca0fc50565bdc7f15030
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css
200 OK 3.5 kB URL
cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text
First Seen 2024-09-26
Last Seen 2025-08-02
Times Seen 315
Size 3.5 kB (3487 bytes)
MD5 f9f1955433320a3b43c5741f2bde9a3d
SHA1 3b70c2a57fad02833bf227d8b6a0391ac8b98432
SHA256 cbb99d697521db3b645225c1b50873e6aa8a39c91afcc7c8dd756746b8bf2645
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/interstitial/bottom_banner/1/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65aa8501-d9f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 0
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=yMcE6Yqy%2BWOYApf9iIau0%2FEWntOCk82ujKBWh2ukR8HZJnYuzOS9FrsG0gb3GJPo8fLF%2B5Hw%2Fvt0GdDZtK0OwzWQBeVjYx%2BbNgcQE1L2Kc9%2B3zNt"}]}
cf-ray: 94fc42305c541c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css&l=3487&fd=230
200 OK 0 B URL
praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css&l=3487&fd=230
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject praystakeinstinct.com
Fingerprint EB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
Validity Tue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fcss%2Fstyle.css&l=3487&fd=230 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16337114=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:17 GMT
Content-Length: 0
Connection: keep-alive
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js
200 OK 28 kB URL
dismounttaxigloomy.com/47e256568502d808b0f4997433da285b/invoke.js
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (27472), with no line terminators
First Seen 2025-06-06
Last Seen 2025-06-15
Times Seen 4
Size 28 kB (27472 bytes)
MD5 3da3cd1d771ea694397fe634ae9441b6
SHA1 9aafdfe98f8d5ea3d95e74b711896660240ef66a
SHA256 963e11f631db48af73a916435c3aedf93448b250931ab0ccf247e532f9713954
Certificate Info
Issuer Let's Encrypt
Subject dismounttaxigloomy.com
Fingerprint 46:C3:99:A3:AC:26:11:91:79:0C:0F:9E:C0:CC:8A:D7:80:E5:7C:12
Validity Sun, 27 Apr 2025 21:14:01 GMT - Sat, 26 Jul 2025 21:14:00 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /47e256568502d808b0f4997433da285b/invoke.js HTTP/1.1
Host: dismounttaxigloomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:15 GMT
Content-Type: application/javascript
Content-Length: 11554
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 11
Host: dismounttaxigloomy.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d8cb3a6ac99381f47298212f60dc04b7
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET nannyirrationalacquainted.com/76/b1/e6/76b1e60a07741106ab551c8186791238.js
200 OK 65 kB URL
nannyirrationalacquainted.com/76/b1/e6/76b1e60a07741106ab551c8186791238.js
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (64936), with no line terminators
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 65 kB (64936 bytes)
MD5 d88ad6d5e72fe911974fb33b7996f2e3
SHA1 c2e056e12d1dc02c42148a62a34217dc4bf03596
SHA256 b499bf0631b2f0c2ac24f51ac89dc61b158292ef2ccea7b864c340d06bdaefba
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
Validity Sun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /76/b1/e6/76b1e60a07741106ab551c8186791238.js HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:15 GMT
Content-Type: application/javascript
Content-Length: 23613
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 12
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b20bfbc7483d3dd633638b3782a1d107
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.storageimagedisplay.com/si/79/2e/e8/792ee83e80b5394e4d3a5125e432eb70/1701650147.png
200 OK 14 kB URL
cdn.storageimagedisplay.com/si/79/2e/e8/792ee83e80b5394e4d3a5125e432eb70/1701650147.png
IP / ASN
45.133.44.2
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
First Seen 2023-12-04
Last Seen 2025-08-02
Times Seen 605
Size 14 kB (13731 bytes)
MD5 b39effc8e82a1a83041a3282200f2d32
SHA1 4dd606913c72d9728485151e85d6f4a431f6215b
SHA256 e5375e1f3bac974f8fed58b80f75290dd66b7d71873f9c489aefab684f725fdf
Certificate Info
Issuer Let's Encrypt
Subject cdn.storageimagedisplay.com
Fingerprint 7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
Validity Sun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT
GET /si/79/2e/e8/792ee83e80b5394e4d3a5125e432eb70/1701650147.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: image/png
content-length: 13731
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 00:35:56 GMT
etag: "656d1eec-35a3"
expires: Mon, 16 Jun 2025 19:33:17 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET unseenreport.com/pxf.gif?uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=c331f53d8cb1f5b6cb7f7b13f9d18a13&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19
200 OK 0 B URL
unseenreport.com/pxf.gif?uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=c331f53d8cb1f5b6cb7f7b13f9d18a13&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject *.unseenreport.com
Fingerprint 70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
Validity Sat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=c331f53d8cb1f5b6cb7f7b13f9d18a13&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jun 2025 19:33:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c8e0a736b9efc3dd01aa773d748b6cae
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js
200 OK 957 B URL
cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text
First Seen 2023-12-07
Last Seen 2025-08-02
Times Seen 326
Size 957 B (957 bytes)
MD5 41051a33fb99370ee2aeae5227abec51
SHA1 f1b81c1d24d27bea43a09f308ae28668453704fb
SHA256 67f07ddfdc4a81dc7ae4f83c332eb76107442caf0230e307d6398bae7663aa0d
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/interstitial/bottom_banner/1/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: application/javascript
content-length: 957
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "65aa8501-3bd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XbgKR5izXiIDt47kU5Dae89bCtS8fHvp37iqBUyejzJo0yKkiGDHVtSMWtsWNquOBwqX%2Br08zDnMacSG7MTg41AdYPtc7bvtGbTdzuDtUoTIGGWu"}]}
cf-ray: 94fc42306c771c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js
200 OK 957 B URL
cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/js/script.js
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text
First Seen 2023-12-07
Last Seen 2025-08-02
Times Seen 326
Size 957 B (957 bytes)
MD5 41051a33fb99370ee2aeae5227abec51
SHA1 f1b81c1d24d27bea43a09f308ae28668453704fb
SHA256 67f07ddfdc4a81dc7ae4f83c332eb76107442caf0230e307d6398bae7663aa0d
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/interstitial/bottom_banner/1/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: application/javascript
content-length: 957
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: "65aa8501-3bd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 0
cf-cache-status: HIT
priority: u=3,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vbdFu0UfxJCjLtdMemSEna8PUXgqAU7sl88rHU9%2FAVwRH%2FK9JlLINNteogx1Mmxp3Z2l7RHJiTs%2BEyQhFIajsvvL6bZKYiIatokNFLok6t0nNLzV"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94fc4231df4e569d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET caresaybetteann.pages.dev/wp-content/themes/news-press-release/js/build/custom.js?ver=2.5
200 OK 3.2 kB URL
caresaybetteann.pages.dev/wp-content/themes/news-press-release/js/build/custom.js?ver=2.5
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with CRLF line terminators
First Seen 2025-04-16
Last Seen 2025-06-28
Times Seen 4
Size 3.2 kB (3248 bytes)
MD5 7ec010f397f4aafafaf8a2b0e2aed55e
SHA1 b75d9da46f5dae775e0a26f0519ce44f493ba257
SHA256 f1f5612cea0aa0811a070fdf386fa82feac4aa5a86bae5082b97b3a1dda34c70
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/themes/news-press-release/js/build/custom.js?ver=2.5 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: application/javascript
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a0d8b71f930d7ddf6d923f5e619e145c"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kEHe9sSFlytopru53b8s5NqbVWTfCLZAin0b7jiHNpkvxLbaorEy6lXU3DF34%2FLYN1XdMgtvqwlFMQVjF4LI4pl8fwnkZlPfJvQwF0mzLFGj7mGXtOoEknavvzPMmAPY2IiAZhLerNu5ry%2Fa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b280f56c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4551&min_rtt=1583&rtt_var=3278&sent=57&recv=23&lost=0&retrans=0&sent_bytes=38201&recv_bytes=5411&delivery_rate=1654310&cwnd=20400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=699&x=1", cfExtPri, cfHdrFlush;dur=0
GET caresaybetteann.pages.dev/wp-content/themes/news-press-release/js/build/owl.carousel.js?ver=2.6.0
200 OK 90 kB URL
caresaybetteann.pages.dev/wp-content/themes/news-press-release/js/build/owl.carousel.js?ver=2.6.0
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (360)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 4079
Size 90 kB (89992 bytes)
MD5 ccdf893e7d8b26933af0c336bcc3943e
SHA1 ac575ba3377f95ef22bad865ec35b0b3dcb0dfe0
SHA256 db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/themes/news-press-release/js/build/owl.carousel.js?ver=2.6.0 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: application/javascript
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5abc8447b60c0584f011360d8a4ab367"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mcLtbqCefajhGaZq39oETxS8RnRIQA0DJ46gj%2BX0MvGQRDp1%2BosF6%2FzJRbUD%2B8zYntNSQrTYuR9dhof28fJUPb4y%2Bkpd4QUn4ovJjCm5li2RlkWRv%2Fxn4v2nvqdBuC6WoIT2XJnAehTEKAN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b280b56c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6820&min_rtt=6627&rtt_var=2871&sent=23&recv=18&lost=0&retrans=0&sent_bytes=4458&recv_bytes=5187&delivery_rate=72463&cwnd=12000&unsent_bytes=0&cid=c58715e005e4cf5b&ts=510&x=1", cfExtPri, cfHdrFlush;dur=0
GET caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYX7KVElMYYaJe8bpLHnCwDKhdTmyIJcdvfu.woff2
200 OK 21 kB URL
caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYX7KVElMYYaJe8bpLHnCwDKhdTmyIJcdvfu.woff2
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 21440, version 1.0
First Seen 2023-05-07
Last Seen 2025-06-28
Times Seen 37
Size 21 kB (21440 bytes)
MD5 04ef253b2515a147cacc833b2e9a8992
SHA1 5b3f4c1e95cdccc023ec0167d6aed61b51e07110
SHA256 eb496bd284b6b6dbf81957431de8760656781243ee1f06ae380e2165577e37f6
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/fonts/ibm-plex-sans/zYX7KVElMYYaJe8bpLHnCwDKhdTmyIJcdvfu.woff2 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://caresaybetteann.pages.dev/wp-content/fonts/fb6d14462284b92c7e38e757c60e3b4e.css?ver=1.0
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:15 GMT
content-type: font/woff2
content-length: 21440
cf-ray: 94fc42204e0d56c9-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "a78310099a45f38f88a9c5097ee62370"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FyOd3tHUjhZhS%2F6%2BbpYwAct9%2FD5RzU2ysCaGcjRjWg8V3yt4OFdeGjVFo%2BdvB946YcvEFr%2BU03naFCOjBkZi2sktVkfxWfxsF%2Fod3AwY8pEeiaX72%2FxXS9GO0eNeeu8eknwMCXkra6yjg2O%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4135&min_rtt=889&rtt_var=3912&sent=711&recv=48&lost=0&retrans=0&sent_bytes=791793&recv_bytes=8099&delivery_rate=4581038&cwnd=419400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=1460&x=1", cfExtPri, cfHdrFlush;dur=0
GET cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css
200 OK 79 kB URL
cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/css/animate.css
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text
First Seen 2024-01-20
Last Seen 2025-08-02
Times Seen 4044
Size 79 kB (78689 bytes)
MD5 3d4123dbfb33d27a5cfdfcfa91df6783
SHA1 e7d0eeeec54b848f0bc3da8685fa3bc88429d660
SHA256 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/interstitial/bottom_banner/1/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65aa8501-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oHLKOKdJu53Mc2j0y4%2FA6GjdylTJdxyiWigz9esLB0%2FuZqK4dyn%2FwYFE2w78O8f1tEBw96mKOUrmhAu1OJlcAui1%2FECbTlDu8WDEZlWeeZmQ2YNY"}]}
cf-ray: 94fc422ecac01c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js&l=957&fd=449
200 OK 0 B URL
praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js&l=957&fd=449
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject praystakeinstinct.com
Fingerprint EB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
Validity Tue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js&l=957&fd=449 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16337114=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:18 GMT
Content-Length: 0
Connection: keep-alive
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET shotgunchancecruel.com/impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3s0thx-_4MdBhBE8KLiT7umeL3MIxri6mC-TSEANUl1VPVtOTVdb1R-bUTAYIjmOoOKx55ndrMYl6C0XQWYFhYWA42kP2Uv-gwiepWcHVl_o9327n6eb53n7rS_G2QEJkNH9S-f1UCpFTzbrbu2lazLmurC1C1drnlt3T9WuybgVnKptVMnkr3p-UHdfrr0pWF-fbLie63quV1uVRkR64-QchUx2ul6969aDRt1rBtgw_7232RIsdcDzA3ICks_-9zh6H5JNEQ9-PCtsP9XJK28MMkVTbZDz7XfjfqyLGIOjNjIOonh7wYa2M0K-XYKOtxcOoPPNygFCOSNLzzxCGG8vZCLMtw6VhgoiRsiPo8inEGoKSadg-hYk_4MAjOPCRcSDuxe0KeiNQ5RW6Iwc-_svyGJGjj16CvHg_hklN2pXtMpSqWOLjaiE3JhC9qZIsl2kwyXIYhcs_RySPyTus8cRD-69pXPZr-XC9CH5_ossFH6nHUQrnLrtlaBD2ythi9IVr-13vEB0uNuI5oOS0RRKjECtg6y6pIMscpAlDgZ8vxa4nYB51G9FXc7abkCDgIvQ7XYarku7rI2MVS5GSJMRmBqBmdvbCV9P-3lzMzWZ2MpiZptjbyf7MFFey_fbnheMvbuHnDlls6KMPSTmJvpyBJP9ArtewvJl2HRGnHc-Q85LFIKgsAQFJSgkQZESFHm5xZVt2PIuVzYLvUVtLKpfTnTaG9MtnfZETEDNCIaXmzL52N4CS5cnw8jyia4SDdNyQkNejpMD8v_q3zjXHzxBX-zX2q3QEy2Xuu124Hlui4bNpsc6XqfV7noNvwMrS0i7NJ_jUM7I0y_8jkTOiJN_jZDuwqpdMLkMmj0PWpSg6yWG8QNGB0IpSYeGWkXrCe0JW-ciB9clkvQY0hvOWB2Q5-ab8t4ndyDY3unH_jzATInElPhI_krQU3cml3VBNi_rwpKfLiapHMghrbboSkpTsXzvbXGj0IavnbWj719jFVC1O1eFTc_RmMu4Z8kPZyTnwqxqwwT5ec1eE-GlzK6fyUycJecuvb66NkiMsFbqeApaGXxiwOSMnPhtf35C_JUPIM0UJisxyPbIIiD1FCy5CZsc6beawKgjTpg4KLJyYhrh0UMlZ-T8V99Bib3T91fXbn8TXgcNS1jxrxeP-omh1ReoLMf2DnrGAU1vIR6UyE2JXJWgagSbLU_SxOyd_nMhJVTOJFTG2QyVUV8ejtrK_VrkiwZz3U675fmdSHh-wFnU7ARd3qKu7wukdrZ-_uGn_wQAAP__J789vgcFAAA=
200 OK 0 B URL
shotgunchancecruel.com/impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3s0thx-_4MdBhBE8KLiT7umeL3MIxri6mC-TSEANUl1VPVtOTVdb1R-bUTAYIjmOoOKx55ndrMYl6C0XQWYFhYWA42kP2Uv-gwiepWcHVl_o9327n6eb53n7rS_G2QEJkNH9S-f1UCpFTzbrbu2lazLmurC1C1drnlt3T9WuybgVnKptVMnkr3p-UHdfrr0pWF-fbLie63quV1uVRkR64-QchUx2ul6969aDRt1rBtgw_7232RIsdcDzA3ICks_-9zh6H5JNEQ9-PCtsP9XJK28MMkVTbZDz7XfjfqyLGIOjNjIOonh7wYa2M0K-XYKOtxcOoPPNygFCOSNLzzxCGG8vZCLMtw6VhgoiRsiPo8inEGoKSadg-hYk_4MAjOPCRcSDuxe0KeiNQ5RW6Iwc-_svyGJGjj16CvHg_hklN2pXtMpSqWOLjaiE3JhC9qZIsl2kwyXIYhcs_RySPyTus8cRD-69pXPZr-XC9CH5_ossFH6nHUQrnLrtlaBD2ythi9IVr-13vEB0uNuI5oOS0RRKjECtg6y6pIMscpAlDgZ8vxa4nYB51G9FXc7abkCDgIvQ7XYarku7rI2MVS5GSJMRmBqBmdvbCV9P-3lzMzWZ2MpiZptjbyf7MFFey_fbnheMvbuHnDlls6KMPSTmJvpyBJP9ArtewvJl2HRGnHc-Q85LFIKgsAQFJSgkQZESFHm5xZVt2PIuVzYLvUVtLKpfTnTaG9MtnfZETEDNCIaXmzL52N4CS5cnw8jyia4SDdNyQkNejpMD8v_q3zjXHzxBX-zX2q3QEy2Xuu124Hlui4bNpsc6XqfV7noNvwMrS0i7NJ_jUM7I0y_8jkTOiJN_jZDuwqpdMLkMmj0PWpSg6yWG8QNGB0IpSYeGWkXrCe0JW-ciB9clkvQY0hvOWB2Q5-ab8t4ndyDY3unH_jzATInElPhI_krQU3cml3VBNi_rwpKfLiapHMghrbboSkpTsXzvbXGj0IavnbWj719jFVC1O1eFTc_RmMu4Z8kPZyTnwqxqwwT5ec1eE-GlzK6fyUycJecuvb66NkiMsFbqeApaGXxiwOSMnPhtf35C_JUPIM0UJisxyPbIIiD1FCy5CZsc6beawKgjTpg4KLJyYhrh0UMlZ-T8V99Bib3T91fXbn8TXgcNS1jxrxeP-omh1ReoLMf2DnrGAU1vIR6UyE2JXJWgagSbLU_SxOyd_nMhJVTOJFTG2QyVUV8ejtrK_VrkiwZz3U675fmdSHh-wFnU7ARd3qKu7wukdrZ-_uGn_wQAAP__J789vgcFAAA=
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject shotgunchancecruel.com
Fingerprint 57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
Validity Sun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT
GET /impr.gif?sid=H4sIAAAAAAAC_1RTzYscxRuu3s0thx-_4MdBhBE8KLiT7umeL3MIxri6mC-TSEANUl1VPVtOTVdb1R-bUTAYIjmOoOKx55ndrMYl6C0XQWYFhYWA42kP2Uv-gwiepWcHVl_o9327n6eb53n7rS_G2QEJkNH9S-f1UCpFTzbrbu2lazLmurC1C1drnlt3T9WuybgVnKptVMnkr3p-UHdfrr0pWF-fbLie63quV1uVRkR64-QchUx2ul6969aDRt1rBtgw_7232RIsdcDzA3ICks_-9zh6H5JNEQ9-PCtsP9XJK28MMkVTbZDz7XfjfqyLGIOjNjIOonh7wYa2M0K-XYKOtxcOoPPNygFCOSNLzzxCGG8vZCLMtw6VhgoiRsiPo8inEGoKSadg-hYk_4MAjOPCRcSDuxe0KeiNQ5RW6Iwc-_svyGJGjj16CvHg_hklN2pXtMpSqWOLjaiE3JhC9qZIsl2kwyXIYhcs_RySPyTus8cRD-69pXPZr-XC9CH5_ossFH6nHUQrnLrtlaBD2ythi9IVr-13vEB0uNuI5oOS0RRKjECtg6y6pIMscpAlDgZ8vxa4nYB51G9FXc7abkCDgIvQ7XYarku7rI2MVS5GSJMRmBqBmdvbCV9P-3lzMzWZ2MpiZptjbyf7MFFey_fbnheMvbuHnDlls6KMPSTmJvpyBJP9ArtewvJl2HRGnHc-Q85LFIKgsAQFJSgkQZESFHm5xZVt2PIuVzYLvUVtLKpfTnTaG9MtnfZETEDNCIaXmzL52N4CS5cnw8jyia4SDdNyQkNejpMD8v_q3zjXHzxBX-zX2q3QEy2Xuu124Hlui4bNpsc6XqfV7noNvwMrS0i7NJ_jUM7I0y_8jkTOiJN_jZDuwqpdMLkMmj0PWpSg6yWG8QNGB0IpSYeGWkXrCe0JW-ciB9clkvQY0hvOWB2Q5-ab8t4ndyDY3unH_jzATInElPhI_krQU3cml3VBNi_rwpKfLiapHMghrbboSkpTsXzvbXGj0IavnbWj719jFVC1O1eFTc_RmMu4Z8kPZyTnwqxqwwT5ec1eE-GlzK6fyUycJecuvb66NkiMsFbqeApaGXxiwOSMnPhtf35C_JUPIM0UJisxyPbIIiD1FCy5CZsc6beawKgjTpg4KLJyYhrh0UMlZ-T8V99Bib3T91fXbn8TXgcNS1jxrxeP-omh1ReoLMf2DnrGAU1vIR6UyE2JXJWgagSbLU_SxOyd_nMhJVTOJFTG2QyVUV8ejtrK_VrkiwZz3U675fmdSHh-wFnU7ARd3qKu7wukdrZ-_uGn_wQAAP__J789vgcFAAA= HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:18 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 2
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 79d9c477f2c2be4cff01832c8f0802c1
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET caresaybetteann.pages.dev/wp-content/plugins/advanced-random-posts-widget/assets/css/arpw-frontend.css?ver=6.5.5
200 OK 275 B URL
caresaybetteann.pages.dev/wp-content/plugins/advanced-random-posts-widget/assets/css/arpw-frontend.css?ver=6.5.5
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text
First Seen 2023-04-07
Last Seen 2025-07-25
Times Seen 216
Size 275 B (275 bytes)
MD5 31fa362afc4b606b43d57b651c9fc23e
SHA1 0c55dca81d9ddcba2c03582e981fc0d7a3ce6c55
SHA256 c097810c5c2818c403e04fffc03a639cde42bdecb0c53323119cd7f77f8394fa
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/plugins/advanced-random-posts-widget/assets/css/arpw-frontend.css?ver=6.5.5 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: text/css; charset=utf-8
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"89495a62273346014c21c363f32c166b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xyBBiR6BHBdOUud%2F7oxv%2FFnF39wgdFRo1IVrFaSwY1ZGLBKUItEn85SB3fKNM1GzsaF6HmCVEbTpqjvZ3IEFkTOVdEYPtIWO0b88ggkIQbC2S8HeSGkmKalcMrKqeV6wgzRsFL9%2BXoq9m6dU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b1ff256c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4853&min_rtt=1583&rtt_var=3566&sent=54&recv=22&lost=0&retrans=0&sent_bytes=36121&recv_bytes=5365&delivery_rate=872529&cwnd=20400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=673&x=1", cfExtPri, cfHdrFlush;dur=0
GET caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYX7KVElMYYaJe8bpLHnCwDKhdTmrINcdvfu.woff2
200 OK 21 kB URL
caresaybetteann.pages.dev/wp-content/fonts/ibm-plex-sans/zYX7KVElMYYaJe8bpLHnCwDKhdTmrINcdvfu.woff2
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 20836, version 1.0
First Seen 2023-05-03
Last Seen 2025-06-28
Times Seen 59
Size 21 kB (20836 bytes)
MD5 9e51318603ddc868a463fbffea41cc32
SHA1 daacb3386e54ee4162ce2278ba90162bc922d530
SHA256 db4ff84a87323090f28887bd003613decc12e854ceae8948fef71d14bb9c55e7
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/fonts/ibm-plex-sans/zYX7KVElMYYaJe8bpLHnCwDKhdTmrINcdvfu.woff2 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://caresaybetteann.pages.dev/wp-content/fonts/fb6d14462284b92c7e38e757c60e3b4e.css?ver=1.0
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1; pp_main_c331f53d8cb1f5b6cb7f7b13f9d18a13=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:16 GMT
content-type: font/woff2
content-length: 20836
cf-ray: 94fc42262dbe56c9-OSL
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "a44cf76166b93fffcc236ec0a3bcd55d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooFvJN7uSMNrFa5l4bwfaiiiaJKISCu9SM4YiECs956xOrixjIkw9JtDW0xp8O%2Be%2BaVjeYjmXf7z%2BoT1cshuB9mc80m0FRbWTKEToFvLJYxGJSkc%2F2NWErx0%2BUlO8cFWRoPtd5MoUMZGY%2BdD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3423&min_rtt=889&rtt_var=2360&sent=798&recv=58&lost=0&retrans=0&sent_bytes=889720&recv_bytes=10257&delivery_rate=60712&cwnd=419400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=2396&x=1", cfExtPri, cfHdrFlush;dur=0
GET nannyirrationalacquainted.com/sbar.json?key=76b1e60a07741106ab551c8186791238&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
200 OK 7.1 kB URL
nannyirrationalacquainted.com/sbar.json?key=76b1e60a07741106ab551c8186791238&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JSON text data
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 7.1 kB (7055 bytes)
MD5 2323ab10c1005ef36769f17387ac85fb
SHA1 ecd4b71968484f7375be81445592baf9e94ce896
SHA256 16a7a70b6cf0e858508b607ff695d2b0ef0d0bd7f64dbddd34133162c74d3818
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
Validity Sun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=76b1e60a07741106ab551c8186791238&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16337114=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:16 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
custom-referer: https://caresaybetteann.pages.dev
access-control-allow-origin: https://caresaybetteann.pages.dev
access-control-allow-credentials: true
set-cookie: uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; expires=Sat, 21 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
uncs=2; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
u_pl22919410=1; expires=Sun, 15 Jun 2025 19:33:16 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 195
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1160a2f6129fe976c3344b635af89efd
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg
200 OK 1.3 kB URL
cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2023-04-07
Last Seen 2025-08-02
Times Seen 2011
Size 1.3 kB (1279 bytes)
MD5 369850b9873659adf0951d845f57dba1
SHA1 a64257186daa33b6b318943a457b6cf8d80b26b6
SHA256 9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/interstitial/bottom_banner/1/img/close.svg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: image/svg+xml
content-length: 1279
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
etag: "65aa8501-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 442753
cf-cache-status: HIT
priority: u=4,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=q%2B%2Fqthz2ZZ4ZX%2F33Zz1tgXV3aL2oAIdwwxpzYHXjaTM7%2FQtEnPzpOP8qKEujqkdnnC9UUHPSNvzwgAVVaNdSOIShHR4XO0fXzyVOF0GIAoJnmG%2BJ"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 94fc42310b84712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP / ASN
142.250.74.35
#15169 GOOGLE
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
First Seen 2025-01-08
Last Seen 2025-08-02
Times Seen 97630
Size 40 kB (40128 bytes)
MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint E1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
Validity Mon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 406466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET experttrafficcounter.com/stats
200 OK 40 B URL
experttrafficcounter.com/stats
IP / ASN
3.65.59.59
#16509 AMAZON-02
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text, with no line terminators
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 40 B (40 bytes)
MD5 5baac77cd29d25aaeb10ee931008e5d0
SHA1 94ebc2f6cc58234ffcdb8971fa872e4ebf2206ae
SHA256 be4e1899f672fb41230b3928d3001a526bfcbdf48af1d94c5718d663be5134d4
Certificate Info
Issuer Amazon
Subject experttrafficcounter.com
Fingerprint CE:93:F6:82:20:C2:20:51:6E:53:85:EC:03:9C:48:F0:13:0B:67:D7
Validity Tue, 29 Apr 2025 00:00:00 GMT - Thu, 28 May 2026 23:59:59 GMT
GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://caresaybetteann.pages.dev
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; expires=Tue, 12 Jun 2035 19:33:14 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
GET cdn.storageimagedisplay.com/cti/96/3a/3a/963a3a83f074f5329d85d512def3e421/1707813675.png
200 OK 128 kB URL
cdn.storageimagedisplay.com/cti/96/3a/3a/963a3a83f074f5329d85d512def3e421/1707813675.png
IP / ASN
45.133.44.2
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
First Seen 2024-02-14
Last Seen 2025-07-27
Times Seen 510
Size 128 kB (128359 bytes)
MD5 4f16ce4e40909eda7bb22f5f73d06049
SHA1 5975a733f4231ac9f0ae476a4be97f1b7e7ad6bb
SHA256 a6159f3d5a1a2ecf48e7d529a1afe6d2117621ea3cdf536bbfde8f203e1af461
Certificate Info
Issuer Let's Encrypt
Subject cdn.storageimagedisplay.com
Fingerprint 7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
Validity Sun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT
GET /cti/96/3a/3a/963a3a83f074f5329d85d512def3e421/1707813675.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:16 GMT
content-type: image/png
content-length: 128359
server: nginx/1.21.6
last-modified: Tue, 13 Feb 2024 08:41:24 GMT
etag: "65cb2b34-1f567"
expires: Mon, 16 Jun 2025 19:33:16 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdn.storageimagedisplay.com/si/f4/90/38/f49038f6df185b46cc6e646a1ee94772/1709778664.png
200 OK 153 kB URL
cdn.storageimagedisplay.com/si/f4/90/38/f49038f6df185b46cc6e646a1ee94772/1709778664.png
IP / ASN
45.133.44.2
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type PNG image data, 720 x 480, 8-bit/color RGBA, non-interlaced
First Seen 2025-05-22
Last Seen 2025-06-22
Times Seen 90
Size 153 kB (152797 bytes)
MD5 d40bfa96aea99dda66bc72a16f22c531
SHA1 8e0d56bca2496d24affaf889b701b7c80ab38ae5
SHA256 9c344984870bc844be51223e5c127bfb94cd1730c8cdd7bf2761ecd1d523f59a
Certificate Info
Issuer Let's Encrypt
Subject cdn.storageimagedisplay.com
Fingerprint 7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
Validity Sun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT
GET /si/f4/90/38/f49038f6df185b46cc6e646a1ee94772/1709778664.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: image/png
content-length: 152797
server: nginx/1.21.6
last-modified: Thu, 07 Mar 2024 02:31:12 GMT
etag: "65e926f0-254dd"
expires: Mon, 16 Jun 2025 19:33:17 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html&l=1544&fd=504
200 OK 0 B URL
praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html&l=1544&fd=504
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject praystakeinstinct.com
Fingerprint EB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
Validity Tue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html&l=1544&fd=504 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16337114=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:17 GMT
Content-Length: 0
Connection: keep-alive
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP / ASN
142.250.74.35
#15169 GOOGLE
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
First Seen 2025-01-08
Last Seen 2025-08-02
Times Seen 97630
Size 40 kB (40128 bytes)
MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint E1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
Validity Mon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 406466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP / ASN
142.250.74.35
#15169 GOOGLE
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
First Seen 2025-01-08
Last Seen 2025-08-02
Times Seen 97630
Size 40 kB (40128 bytes)
MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint E1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
Validity Mon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 406466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET caresaybetteann.pages.dev/wp-content/fonts/fb6d14462284b92c7e38e757c60e3b4e.css?ver=1.0
200 OK 30 kB URL
caresaybetteann.pages.dev/wp-content/fonts/fb6d14462284b92c7e38e757c60e3b4e.css?ver=1.0
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text
First Seen 2025-06-14
Last Seen 2025-06-16
Times Seen 2
Size 30 kB (30116 bytes)
MD5 064ad0e576776d69ed8ea03a67cca63e
SHA1 60d2821ba66a4b8c3fd661cca638f28a23983d1e
SHA256 ab92022154aff1cacf95249e3477c4ddfdafe00ec6ac3b6f969f930b9f131e81
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/fonts/fb6d14462284b92c7e38e757c60e3b4e.css?ver=1.0 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: text/css; charset=utf-8
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"69785207e1f65b5299b4dabd74a776e5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3JMI4%2FAoGtwp7a6y2KPgw34%2F%2Bab9Hf6hN82L6KU%2BL4%2BvHWG4Ef%2B5He%2BDxoRYsCS1PEPRNdh0Icqsrt7BhmPlxr4JdW1BP%2BWnIHV3K97Bpt%2BbpOLs%2FrZctTejLbax6mJpGSXO%2F5TTMKcdKolT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b1ff056c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3667&min_rtt=1583&rtt_var=2690&sent=71&recv=26&lost=0&retrans=0&sent_bytes=51286&recv_bytes=5549&delivery_rate=3934554&cwnd=20400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=764&x=1", cfExtPri, cfHdrFlush;dur=0
GET caresaybetteann.pages.dev/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
200 OK 14 kB URL
caresaybetteann.pages.dev/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (13479)
First Seen 2023-05-09
Last Seen 2025-08-02
Times Seen 159569
Size 14 kB (13577 bytes)
MD5 9ffeb32e2d9efbf8f70caabded242267
SHA1 3ad0c10e501ac2a9bfa18f9cd7e700219b378738
SHA256 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: application/javascript
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ff416357a541c2641e2808b797569af3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wlh%2BzJ27LqoyrkOQuaOFcj8JopyzPk3LPei1yVLOgDPyl9ST6d7R%2BA8vtatWIl12QxVkgCLsExXXrkP11rcGI%2FtsjA13sj5kfSaexTQczHDwhpwCJJFpikWmoO%2FKuEQTJSSNLzada9yLIMSR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b1ff456c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4853&min_rtt=1583&rtt_var=3566&sent=50&recv=22&lost=0&retrans=0&sent_bytes=31426&recv_bytes=5365&delivery_rate=872529&cwnd=20400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=673&x=1", cfExtPri, cfHdrFlush;dur=0
GET recordedthereby.com/sfp.js
200 OK 85 kB URL
recordedthereby.com/sfp.js
IP / ASN
185.196.197.72
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
First Seen 2025-01-25
Last Seen 2025-06-27
Times Seen 2209
Size 85 kB (85380 bytes)
MD5 108625937affa4b38bb17cea65510d72
SHA1 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
SHA256 c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0
Certificate Info
Issuer Let's Encrypt
Subject recordedthereby.com
Fingerprint 43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
Validity Mon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:16 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 6133caffb8bad5536e659dc1009e2f19
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html
200 OK 1.5 kB URL
cdn.show-sb.com/sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html
IP / ASN
104.21.95.140
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type HTML document, ASCII text
First Seen 2023-12-18
Last Seen 2025-08-02
Times Seen 331
Size 1.5 kB (1544 bytes)
MD5 972f68410d9349904f897739b33e12cc
SHA1 e41130dbad60e81ad2665bb7407a50888aae8150
SHA256 90c062931018d386488b555fd261405457f9744db31512ff5780d49769d7b0d0
Certificate Info
Issuer Google Trust Services
Subject show-sb.com
Fingerprint DF:A8:5A:11:E9:7E:8B:0E:2E:08:20:FB:02:FE:C4:E3:E7:97:E8:3A
Validity Thu, 12 Jun 2025 07:26:41 GMT - Wed, 10 Sep 2025 08:25:04 GMT
GET /sb/au/78/74/fd/7874fd62186fc577273fa59756d17076/1744381737.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: text/html
server: cloudflare
last-modified: Fri, 11 Apr 2025 14:28:57 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=82OE47%2FfKdUMV2NouEMK7c%2Fnpt51l3L1LGJH8LHO3Ia3ZDKh%2FEWTcf%2FjAhgw1%2F%2FqbmK011oLQKb5y900dsNfhP9eYG6d86p6tnDEVEo%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 94fc422b2d25712f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html&l=1544&fd=504
200 OK 0 B URL
praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html&l=1544&fd=504
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject praystakeinstinct.com
Fingerprint EB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
Validity Tue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F78%2F74%2Ffd%2F7874fd62186fc577273fa59756d17076%2F1744381737.html&l=1544&fd=504 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16337114=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:17 GMT
Content-Length: 0
Connection: keep-alive
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js
200 OK 90 kB URL
cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65451)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 2980
Size 90 kB (89492 bytes)
MD5 561acb3e541133bbdd2c0c19f8ee35a1
SHA1 ffd1353cf3f77d25f801c84d8208613eb0d3d548
SHA256 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/interstitial/bottom_banner/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: application/javascript
content-length: 89492
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "65aa8501-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 442752
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=8pijppA7r6Zb1Jm3jYa%2FO6SiUyEICnTmb3syhDN3AYMJOJJNdlGTHJn6sJM9Vixa6BRpQ4VsNVcCU7mw2YBm%2BUwihV2yxUxM9E%2Be%2FARfjoDZZSiz"}]}
cf-ray: 94fc422f6b891c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
200 OK 28 kB URL
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
IP / ASN
142.250.74.10
#15169 GOOGLE
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text, with very long lines (1572)
First Seen 2025-06-02
Last Seen 2025-08-02
Times Seen 400
Size 28 kB (27925 bytes)
MD5 8ce20b90f602eca81760f51e82ec3323
SHA1 4e3bcb53083c31091d592bad676a2f9745c9db25
SHA256 14f74125fcc00d0afabf2d2db11f273fccb72581fbbb0986895e12e06c3a831f
Certificate Info
Issuer Google Trust Services
Subject upload.video.google.com
Fingerprint FF:78:1F:2C:E7:6A:27:90:8B:25:07:97:DD:25:4A:FA:6F:1F:0F:31
Validity Mon, 19 May 2025 08:42:52 GMT - Mon, 11 Aug 2025 08:42:51 GMT
GET /css2?family=Roboto:wght@100;300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Jun 2025 19:33:17 GMT
date: Sat, 14 Jun 2025 19:33:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js&l=957&fd=247
200 OK 0 B URL
praystakeinstinct.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js&l=957&fd=247
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject praystakeinstinct.com
Fingerprint EB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
Validity Tue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Finterstitial%2Fbottom_banner%2F1%2Fjs%2Fscript.js&l=957&fd=247 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; uid_id2=cbe3874f-da07-48a7-b6aa-173814e8d02f:1:1; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1; u_pl16337114=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:18 GMT
Content-Length: 0
Connection: keep-alive
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET caresaybetteann.pages.dev/
200 OK 37 kB URL
caresaybetteann.pages.dev/
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Resource Info
File type HTML document, Unicode text, UTF-8 text, with very long lines (8639), with CRLF, LF line terminators
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 37 kB (37237 bytes)
MD5 fe7260d58e061722c34067608e5767d1
SHA1 3b727818c080014a903e41605218d7396048cb55
SHA256 32278bc82b4434065c9d41dd57a0997abd9da9c67f8b017cda725b1fdce05d69
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET / HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:13 GMT
content-type: text/html; charset=utf-8
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vd6kRMvITHSonF4SwtFSadmiQ1H%2BHvwmqHFTs6CW%2FFOz%2Btn25zmznrjjXw8V%2BMWmkcYEusWAOXBNcOkg5KLl2MBd4OwoLqk8KSf8pj0idoe5LuNZfpA3BjSXq0cCZNsNXiejelxGMiej2hb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc4216ea5f5696-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5858&min_rtt=521&rtt_var=10686&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3318&recv_bytes=1270&delivery_rate=6445103&cwnd=254&unsent_bytes=0&cid=7780847068e30597&ts=250&x=0"
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP / ASN
142.250.74.35
#15169 GOOGLE
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
First Seen 2025-01-08
Last Seen 2025-08-02
Times Seen 97630
Size 40 kB (40128 bytes)
MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint E1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
Validity Mon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 406466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET recordedthereby.com/sfp.js
200 OK 85 kB URL
recordedthereby.com/sfp.js
IP / ASN
185.196.197.72
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
First Seen 2025-01-25
Last Seen 2025-06-27
Times Seen 2209
Size 85 kB (85380 bytes)
MD5 108625937affa4b38bb17cea65510d72
SHA1 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
SHA256 c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0
Certificate Info
Issuer Let's Encrypt
Subject recordedthereby.com
Fingerprint 43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
Validity Mon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:14 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d39b8de978e43b54edf933979663333d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET capaciousdrewreligion.com/advertisers.js
200 OK 0 B URL
capaciousdrewreligion.com/advertisers.js
IP / ASN
185.196.197.71
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject capaciousdrewreligion.com
Fingerprint 4C:9A:D1:39:AD:B4:C8:D5:6E:A1:5A:54:6F:88:D5:0F:D1:C6:5A:06
Validity Fri, 02 May 2025 21:09:09 GMT - Thu, 31 Jul 2025 21:09:08 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:16 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 4a2fed779b393c76ae5102438abae75e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css
200 OK 3.5 kB URL
cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/css/style.css
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text
First Seen 2024-09-26
Last Seen 2025-08-02
Times Seen 315
Size 3.5 kB (3487 bytes)
MD5 f9f1955433320a3b43c5741f2bde9a3d
SHA1 3b70c2a57fad02833bf227d8b6a0391ac8b98432
SHA256 cbb99d697521db3b645225c1b50873e6aa8a39c91afcc7c8dd756746b8bf2645
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/interstitial/bottom_banner/1/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65aa8501-d9f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=tJ8sewc2N%2BALZp8Dd3LvkqlByFKv8OoFi1vztJzZStZxpiRm8rZXv6EOPZe%2FZTOcELaq%2Bc1CPeLUA%2Fob6RWIDiy%2FNZqKJM6JeqAASDv5BY%2BJUXHS"}]}
cf-ray: 94fc422edacc1c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET invadedisheartentrail.com/pixel/sbs?c=1
200 OK 0 B URL
invadedisheartentrail.com/pixel/sbs?c=1
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject invadedisheartentrail.com
Fingerprint 95:61:8E:B5:87:C3:51:FF:61:D7:15:A0:D3:84:2F:F7:62:3D:AF:A5
Validity Tue, 29 Apr 2025 21:47:10 GMT - Mon, 28 Jul 2025 21:47:09 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: invadedisheartentrail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:18 GMT
Content-Length: 0
Connection: keep-alive
Host: invadedisheartentrail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP / ASN
142.250.74.35
#15169 GOOGLE
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
First Seen 2025-01-08
Last Seen 2025-08-02
Times Seen 97630
Size 40 kB (40128 bytes)
MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint E1:0C:8D:E3:24:8F:B1:9F:BA:8E:CF:BE:4B:8F:D6:6A:39:8A:9D:7A
Validity Mon, 19 May 2025 08:42:51 GMT - Mon, 11 Aug 2025 08:42:50 GMT
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 10 Jun 2025 02:38:52 GMT
expires: Wed, 10 Jun 2026 02:38:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 406466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET caresaybetteann.pages.dev/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
200 OK 113 kB URL
caresaybetteann.pages.dev/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type ASCII text, with very long lines (59701)
First Seen 2024-04-03
Last Seen 2025-08-02
Times Seen 8085
Size 113 kB (113381 bytes)
MD5 51a8390b47aa0582cf2d9c96c5addee2
SHA1 b16a640874025d085c38119a1a02a3460f83f2de
SHA256 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.5 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: text/css; charset=utf-8
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"9643bcd9e0073506ea0bed1be3828c42"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iav9uN1aUq8EfIGvA7r43WTzYcJv2w2ZSQODkXi1E45EB0%2B%2BD4gh%2FXuKUo4Vvk4KjoE1neqJ5zTThXkQ8QExg%2FsQGcLFyAzIZqEwASUypvCUg7uiWx8Gh%2BqYa%2F8%2BlH6I94OBMhNHn7vsNE4D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b0fdb56c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3142&min_rtt=1583&rtt_var=1462&sent=120&recv=31&lost=0&retrans=0&sent_bytes=105316&recv_bytes=5787&delivery_rate=3299695&cwnd=33600&unsent_bytes=0&cid=c58715e005e4cf5b&ts=1044&x=1", cfExtPri, cfHdrFlush;dur=0
GET caresaybetteann.pages.dev/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
200 OK 88 kB URL
caresaybetteann.pages.dev/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65447)
First Seen 2023-11-03
Last Seen 2025-08-02
Times Seen 153883
Size 88 kB (87553 bytes)
MD5 826eb77e86b02ab7724fe3d0141ff87c
SHA1 79cd3587d565afe290076a8d36c31c305a573d18
SHA256 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: application/javascript
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4faaa9d1e8ac6b951abd4ab674ea9ec1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O5mWg9%2BfJKx%2BiJDx4%2F4Bz2B9d2j3HKQbfbYAlM%2FWzVJFkCgH7WEIjfgEKLwCmXB%2B5WOMYbKzrmNg5nd2HrhERQAjokE7pIsF%2FE59aBClTypn45RPeEiprVvBOSV%2Fv82tmuzNjdNI15Qn9JUh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b1ff356c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3261&min_rtt=1583&rtt_var=2203&sent=91&recv=28&lost=0&retrans=0&sent_bytes=72234&recv_bytes=5642&delivery_rate=7318916&cwnd=20400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=941&x=1", cfExtPri, cfHdrFlush;dur=0
GET caresaybetteann.pages.dev/wp-content/themes/news-press-release/js/all.min.js?ver=6.1.1
200 OK 1.7 MB URL
caresaybetteann.pages.dev/wp-content/themes/news-press-release/js/all.min.js?ver=6.1.1
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65312), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-01
Times Seen 1308
Size 1.7 MB (1726697 bytes)
MD5 3eb7db313e3360b03c1bff2b39ed8210
SHA1 a66b7d1c1a2e10130ec1087ada0fdf375b759b90
SHA256 c1b79a046062699d13f8f357fe188c26f595c3166016b3010efed03189a400d3
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/themes/news-press-release/js/all.min.js?ver=6.1.1 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:15 GMT
content-type: application/javascript
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"56d04904d30781f131a50ea39b9d9ea3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MIWQsOrKwuXQScK%2FI0fk51NDRC08ZCOCAPhwRHYj5nsi%2Bx4h%2FJ42KFG6ZIVFLQwC4m22HNDELrVgGC%2BVMETKigCUy0SNueCxtbyfTGVlls5VGHymgJfVCrfSVFjvTz%2BT1dlLsir5%2Fy%2BvdRZI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b280256c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2555&min_rtt=889&rtt_var=1338&sent=167&recv=41&lost=0&retrans=0&sent_bytes=149877&recv_bytes=7754&delivery_rate=1574780&cwnd=33600&unsent_bytes=0&cid=c58715e005e4cf5b&ts=1361&x=1", cfExtPri, cfHdrFlush;dur=0
GET nannyirrationalacquainted.com/76/b1/e6/76b1e60a07741106ab551c8186791238.js
200 OK 65 kB URL
nannyirrationalacquainted.com/76/b1/e6/76b1e60a07741106ab551c8186791238.js
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (64945), with no line terminators
First Seen 2025-06-14
Last Seen 2025-06-15
Times Seen 3
Size 65 kB (64945 bytes)
MD5 3413d5725335d2aa215dbe4a541649b2
SHA1 d692cc99073d37c6c18aaed0af3797ee2284ea95
SHA256 0ec6cc0aeba8540a4183ccd4d4ebc03a004f1ce7b39e71cc00ed8bb3782ae20c
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
Validity Sun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /76/b1/e6/76b1e60a07741106ab551c8186791238.js HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:15 GMT
Content-Type: application/javascript
Content-Length: 23614
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 19
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e126daf7e5bd398bc177e87d3b51b6cf
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET nannyirrationalacquainted.com/watch.292559168941.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&tz=0&dev=e&res=14.3095&rb=&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
307 Temporary Redirect 5.0 kB URL
nannyirrationalacquainted.com/watch.292559168941.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&tz=0&dev=e&res=14.3095&rb=&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
IP / ASN
172.240.108.84
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 5.0 kB (4996 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 02:A2:15:3C:6C:15:16:0E:78:8F:56:09:21:EA:27:04:2D:EC:D5:E2
Validity Sun, 20 Apr 2025 00:43:48 GMT - Sat, 19 Jul 2025 00:43:47 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.292559168941.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&tz=0&dev=e&res=14.3095&rb=&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:15 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
custom-referer: https://caresaybetteann.pages.dev
access-control-allow-origin: https://caresaybetteann.pages.dev
access-control-allow-credentials: true
location: https://nannyirrationalacquainted.com/watch.292559168941.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929655&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=b457f26122798edb0f06d3eced607fbede590ca7ca6fb37e3aa12a33dbd16b3acd8e5ee5f2e3ec51b0744508f7c6700e8ebe865c2303e9e278142ecc1b27eaf9e6d85d948eab0a89482883a5b26ca55c0ecbbbc092171a0681&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
set-cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; expires=Sat, 14 Jun 2025 19:34:15 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 1
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7d77599f5915e24bd7684a1fa563f4f5
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg
200 OK 1.3 kB URL
cdn.creative-stat1.com/sb/ssp/interstitial/bottom_banner/1/img/close.svg
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2023-04-07
Last Seen 2025-08-02
Times Seen 2011
Size 1.3 kB (1279 bytes)
MD5 369850b9873659adf0951d845f57dba1
SHA1 a64257186daa33b6b318943a457b6cf8d80b26b6
SHA256 9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/interstitial/bottom_banner/1/img/close.svg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: image/svg+xml
content-length: 1279
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:45 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "65aa8501-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 442753
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2rBiaaoaLSe6wIKhDmUh%2FfY1Kn6PNcvoXCas5%2FoKIAXV%2F8WIhRqZ5jQbqdTlOunUEOKIT7VRJ3x9NKX5mllxBNxMiUZ6NHGDOOIfC1AB4xyiIahw"}]}
cf-ray: 94fc422f5b7e1c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET unseenreport.com/pxf.gif?uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=76b1e60a07741106ab551c8186791238&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19
200 OK 0 B URL
unseenreport.com/pxf.gif?uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=76b1e60a07741106ab551c8186791238&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject *.unseenreport.com
Fingerprint 70:62:DC:6C:0A:F4:AA:56:4E:74:DC:EF:DA:CC:60:5A:C4:34:CE:F2
Validity Sat, 17 May 2025 22:34:21 GMT - Fri, 15 Aug 2025 22:34:20 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=76b1e60a07741106ab551c8186791238&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 14 Jun 2025 19:33:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e52b35b5906354742423f21b5cea535d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET shotgunchancecruel.com/pixel/sbs?c=1
200 OK 0 B URL
shotgunchancecruel.com/pixel/sbs?c=1
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject shotgunchancecruel.com
Fingerprint 57:F1:91:12:31:BB:80:19:FF:41:09:D0:8D:7B:40:3F:77:DF:B2:B3
Validity Sun, 20 Apr 2025 02:16:11 GMT - Sat, 19 Jul 2025 02:16:10 GMT
GET /pixel/sbs?c=1 HTTP/1.1
Host: shotgunchancecruel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:18 GMT
Content-Length: 0
Connection: keep-alive
Host: shotgunchancecruel.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET dismounttaxigloomy.com/c3/31/f5/c331f53d8cb1f5b6cb7f7b13f9d18a13.js
200 OK 104 kB URL
dismounttaxigloomy.com/c3/31/f5/c331f53d8cb1f5b6cb7f7b13f9d18a13.js
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-06-14
Last Seen 2025-06-14
Times Seen 1
Size 104 kB (104453 bytes)
MD5 a6669b833ee06d6bd223aba87674d0f8
SHA1 433d796d1706938a93feecc240385cf59626bd75
SHA256 0730e66a21476985722c53503369ba5587cf502370fd5a7342f9ab3522c94b5f
Certificate Info
Issuer Let's Encrypt
Subject dismounttaxigloomy.com
Fingerprint 46:C3:99:A3:AC:26:11:91:79:0C:0F:9E:C0:CC:8A:D7:80:E5:7C:12
Validity Sun, 27 Apr 2025 21:14:01 GMT - Sat, 26 Jul 2025 21:14:00 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /c3/31/f5/c331f53d8cb1f5b6cb7f7b13f9d18a13.js HTTP/1.1
Host: dismounttaxigloomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:14 GMT
Content-Type: application/javascript
Content-Length: 32756
Connection: keep-alive
content-encoding: gzip
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 10
Host: dismounttaxigloomy.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e0b1b2709a08c0422ae35d8486c03fc2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET caresaybetteann.pages.dev/wp-content/themes/news-press-release/js/modal-accessibility.min.js?ver=2.5
200 OK 6.2 kB URL
caresaybetteann.pages.dev/wp-content/themes/news-press-release/js/modal-accessibility.min.js?ver=2.5
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text, with very long lines (6113)
First Seen 2025-04-16
Last Seen 2025-06-28
Times Seen 4
Size 6.2 kB (6167 bytes)
MD5 a429fa220db68f1799e05ce9be4396dc
SHA1 8cc0d1a5e42a5039ef07ba66a0437c76a1119638
SHA256 f9808397fe69fde5bf4ce20b1312fc389ce5ebcdf73b3cf84af56ce6fd76a05d
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/themes/news-press-release/js/modal-accessibility.min.js?ver=2.5 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: application/javascript
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"1fef1e04644d26a0ab407035ad2c5970"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FcT8oyoostyltU1GMTyvkxJmXs0nExIp%2BSulz4QRI0wlexhqkfNUo69WEz7ncEEJjnFPpFEcbEE0V4KOR8zkQjM0Obuq92%2BUWC03lCBdNPa6EvwLj9Ii49TgMLP1REOhy4RFquMJNmLBFnR9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b280a56c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4186&min_rtt=1583&rtt_var=3189&sent=59&recv=24&lost=0&retrans=0&sent_bytes=39997&recv_bytes=5457&delivery_rate=1103730&cwnd=20400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=701&x=1", cfExtPri, cfHdrFlush;dur=0
GET recordedthereby.com/sfp.js
200 OK 85 kB URL
recordedthereby.com/sfp.js
IP / ASN
185.196.197.72
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
First Seen 2025-01-25
Last Seen 2025-06-27
Times Seen 2209
Size 85 kB (85380 bytes)
MD5 108625937affa4b38bb17cea65510d72
SHA1 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
SHA256 c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0
Certificate Info
Issuer Let's Encrypt
Subject recordedthereby.com
Fingerprint 43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
Validity Mon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:15 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 849a8a6165c69c15cec104ed01edb0b2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET praystakeinstinct.com/watch.715140583301.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&tz=0&dev=e&res=14.3095&rb=&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
307 Temporary Redirect 5.0 kB URL
praystakeinstinct.com/watch.715140583301.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&tz=0&dev=e&res=14.3095&rb=&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606835
Size 5.0 kB (5004 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject praystakeinstinct.com
Fingerprint EB:32:11:47:9B:33:13:C9:D7:C7:F1:D3:1F:81:A6:05:E1:9D:89:CC
Validity Tue, 29 Apr 2025 22:08:44 GMT - Mon, 28 Jul 2025 22:08:43 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.715140583301.js?key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&tz=0&dev=e&res=14.3095&rb=&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1 HTTP/1.1
Host: praystakeinstinct.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
Origin: https://caresaybetteann.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sat, 14 Jun 2025 19:33:16 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
custom-referer: https://caresaybetteann.pages.dev
access-control-allow-origin: https://caresaybetteann.pages.dev
access-control-allow-credentials: true
location: https://praystakeinstinct.com/watch.715140583301.js?dev=e&key=47e256568502d808b0f4997433da285b&kw=%5B%22home%22%2C%22-%22%2C%22ajay%22%2C%22lorrie%22%5D&pst=1749929656&rb=&refer=https%3A%2F%2Fcaresaybetteann.pages.dev%2F&res=14.3095&rmtc=t&shu=62b9af5e9b0f359ad0d85ce498fe778a8edb978b5490bef9913ba651c928ff7947a8d40e077bf269388ba84503b17f3efa5b95c5f1917f4bc656b447d7629656338878f7c43a1f5dbd57514637662b7e1206ff6fb035fde3a6&tz=0&uuid=cbe3874f-da07-48a7-b6aa-173814e8d02f%3A1%3A1
set-cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjMzNzExNCwiayI6IjQ3ZTI1NjU2ODUwMmQ4MDhiMGY0OTk3NDMzZGEyODViIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg0OTA0LCJwaWQiOjk1ODkzLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjMsImFpZCI6NSwicHQiOjQsInBrIjoicGt6Z2Rpc2RzIiwiY3BrcyI6eyIyOCI6IjM3ZWIzYzg4MDE5Yjg1OGZhYWZhMmZiMWQ5ODIwNDRlIiwiMjkiOiI3NmIxZTYwYTA3NzQxMTA2YWI1NTFjODE4Njc5MTIzOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY2FyZXNheWJldHRlYW5uLnBhZ2VzLmRldi8iLCJhciI6W119fQ.y9k0h-mA5XhKYqwl1GGbnU-cebjFbb3ujPAI9Do14v0; expires=Sat, 14 Jun 2025 19:34:16 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 1
Host: praystakeinstinct.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7101eaab0b2a337d462ccf77fea32d9b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.storageimagedisplay.com/si/f4/90/38/f49038f6df185b46cc6e646a1ee94772/1709778664.png
200 OK 153 kB URL
cdn.storageimagedisplay.com/si/f4/90/38/f49038f6df185b46cc6e646a1ee94772/1709778664.png
IP / ASN
45.133.44.2
#39572 DataWeb Global Group B.V.
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type PNG image data, 720 x 480, 8-bit/color RGBA, non-interlaced
First Seen 2025-05-22
Last Seen 2025-06-22
Times Seen 90
Size 153 kB (152797 bytes)
MD5 d40bfa96aea99dda66bc72a16f22c531
SHA1 8e0d56bca2496d24affaf889b701b7c80ab38ae5
SHA256 9c344984870bc844be51223e5c127bfb94cd1730c8cdd7bf2761ecd1d523f59a
Certificate Info
Issuer Let's Encrypt
Subject cdn.storageimagedisplay.com
Fingerprint 7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
Validity Sun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT
GET /si/f4/90/38/f49038f6df185b46cc6e646a1ee94772/1709778664.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Jun 2025 19:33:17 GMT
content-type: image/png
content-length: 152797
server: nginx/1.21.6
last-modified: Thu, 07 Mar 2024 02:31:12 GMT
etag: "65e926f0-254dd"
expires: Mon, 16 Jun 2025 19:33:17 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET caresaybetteann.pages.dev/wp-content/plugins/wp-meta-and-date-remover/assets/js/inspector.js?ver=1.1
200 OK 4.3 kB URL
caresaybetteann.pages.dev/wp-content/plugins/wp-meta-and-date-remover/assets/js/inspector.js?ver=1.1
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Requested by https://caresaybetteann.pages.dev/
Resource Info
File type JavaScript source, ASCII text
First Seen 2024-07-13
Last Seen 2025-08-01
Times Seen 363
Size 4.3 kB (4316 bytes)
MD5 c39c8ea6659fbf8cdded118913e96ea3
SHA1 f48f56843097b2a6efa40877954b8de444765111
SHA256 cff9ed2f1fc208cdb20cc7bae599161e38c10a95ab6e6801a7047f358f03b007
Certificate Info
Issuer Google Trust Services
Subject caresaybetteann.pages.dev
Fingerprint 9A:79:91:84:62:87:3C:66:6E:E4:30:AD:20:62:9A:A1:40:7E:7D:2E
Validity Fri, 16 May 2025 14:34:47 GMT - Thu, 14 Aug 2025 15:32:13 GMT
GET /wp-content/plugins/wp-meta-and-date-remover/assets/js/inspector.js?ver=1.1 HTTP/1.1
Host: caresaybetteann.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://caresaybetteann.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Jun 2025 19:33:14 GMT
content-type: application/javascript
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0cf7c94149a31844e9e0caed728f4751"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qtchhPQe%2BMUx8tk%2FwTOUCjsTy66HnP5U067a3Go%2F7YFjZbdlZzIPkCsnOMu38%2F9f8O%2FqLLdYjbRjOpvoG5mKn27bNTpZ4m7FFUThQe8R8HDZHxMQm3ujHTorXEP2g0Wb4dqrLiwV%2BvaBaWPU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 94fc421b1ffd56c9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6261&min_rtt=2343&rtt_var=3273&sent=44&recv=19&lost=0&retrans=0&sent_bytes=27044&recv_bytes=5230&delivery_rate=19737&cwnd=20400&unsent_bytes=0&cid=c58715e005e4cf5b&ts=513&x=1", cfExtPri, cfHdrFlush;dur=0
