Report - 1ststreams.xyz/?p=470

Report Overview

Visited public
2025-05-11 18:12:21
Tags
URL
1ststreams.xyz/?p=470
Finishing URL
1ststreams.xyz/?p=470
IP / ASN
104.21.17.29
#13335 CLOUDFLARENET
Title
1ststreams.xyz/?p=470

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sugaryif.com	unknown	2025-05-05	2025-05-11	2025-05-11	1.1 kB	44 kB	88.85.68.219
grumpyhopesucceeding.com	unknown	2024-07-18	2025-05-11	2025-05-11	454 B	611 B	172.240.108.68
1ststreams.xyz	unknown	2025-04-24	2025-05-11	2025-05-11	5.7 kB	406 kB	104.21.17.29
www.antiadblocksystems.com	201777	2020-04-18	2020-04-18	2025-05-11	468 B	38 kB	95.173.205.14
www.thadaxizu.pro	unknown	2025-04-08	2025-05-09	2025-05-09	481 B	70 kB	45.133.44.2
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-05-07	498 B	8.1 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-11	medium	grumpyhopesucceeding.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	1ststreams.xyz/?p=470	ScriptElement	338 B	2025-05-11	2025-05-11
Pretty URL 1ststreams.xyz/?p=470 IP 104.21.17.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-11 18:12 Last Seen2025-05-11 18:12 Times Seen1 Hash df4c2708bb13af17cb993148457a2bb6 4adf1bb1f29c6f84cafea3836fc1cc7437f72d31 0b5e6eec3ae2e0086175b7f967719f3acec982b4fc60f1403eede52600c93abd Loading...

	1ststreams.xyz/?p=470	ScriptElement	868 B	2025-05-11	2025-05-11
Pretty URL 1ststreams.xyz/?p=470 IP 104.21.17.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-11 18:12 Last Seen2025-05-11 18:12 Times Seen1 Hash 81c96581bd360d7498a3c56c4898bdac 65174b997587a77990d848b9cb0492c66e313dab 62609abca2eca46593aca753b0e8a1f68f05639ebe6718c8974d779dfb9c2cd7 Loading...

	about:blank	JavascriptURL	5 B	2023-03-07	2025-06-06
Pretty URL about:blank IP 0.0.0.0 ASN #0 Introduced by javascriptURL Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-06 16:43 Times Seen26944 Hash 68934a3e9455fa72420237eb05902327 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa Loading...

	sugaryif.com/cLD.9t6ibk2P5VleSqWGQn9eNNjbMM0/MXTAYz5-NAiq0d2aMszyQAxFNcjnk/3L	ScriptElement	42 kB	2025-05-11	2025-05-11
Pretty URL sugaryif.com/cLD.9t6ibk2P5VleSqWGQn9eNNjbMM0/MXTAYz5-NAiq0d2aMszyQAxFNcjnk/3L IP 88.85.68.219 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-11 18:12 Last Seen2025-05-11 18:12 Times Seen1 Hash a56757b877fae9ce0a32ef3bf9131445 5603c774212a985aba8e063c6c774682b4c02b87 238457db5e3309d7acde3e86ea7f928e9064cd53a443df3531ebc07b348a98d9 Loading...

	www.antiadblocksystems.com/rfyCVV/phandlebars.min.js	ScriptElement	37 kB	2025-05-11	2025-05-11
Pretty URL www.antiadblocksystems.com/rfyCVV/phandlebars.min.js IP 95.173.205.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-11 18:12 Last Seen2025-05-11 18:12 Times Seen1 Hash 03b9262708b5ceeee40b02929e680cd3 8ac9edb34da1558da2051180aa960409fa64366e b1d7e5515d00440f8ec46adaa4924d8423fecfa06724902be88517aca51d2eac Loading...

HTTP Transactions (18)

URL IP Response Size

1ststreams.xyz/?p=470

104.21.17.29

200 OK

34 kB

URL User Request GET
1ststreams.xyz/?p=470
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
HTML document, ASCII text, with very long lines (8856)
Size
34 kB (33799 bytes)
Hash
34c375f888ad995a549d2346280b625d
b8ee8cfeadce70e032cec9de36c412667365319a
90d3021d5784b7c2c2fc2841750a13ba33d2d566285fdb4aadb34e173af06a4d

HTTP Headers

GET /?p=470 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:11:59 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
x-pingback: https://1ststreams.xyz/xmlrpc.php
link: <https://1ststreams.xyz/index.php?rest_route=/>; rel="https://api.w.org/", <https://1ststreams.xyz/index.php?rest_route=/wp/v2/posts/470>; rel="alternate"; title="JSON"; type="application/json", <https://1ststreams.xyz/?p=470>; rel=shortlink
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=OSbp94QWc6LixIcgQkQJoVUzaqHHfn2Vw2k8hg7gO62yAcYGaHpJQ1KPwquT2JAh4%2FvkUuESKRx0ozL7927uko4RsV87wnlv%2FLzcrbZZMM1TS8IowMEeSpVf6BqSbCXk4g%3D%3D"}]}
content-encoding: br
cf-ray: 93e3a4564b1d7128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1ststreams.xyz/wp-content/themes/newspaperly/js/script.js?ver=20160720

104.21.17.29

200 OK

3.9 kB

URL GET
1ststreams.xyz/wp-content/themes/newspaperly/js/script.js?ver=20160720
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.9 kB (3858 bytes)
Hash
61caf6e2f693a88ed96e1b413b90bb41
804f26a285cbf49c2aab613ddd5ed1c3889f9c20
affd9edd5dc26a271a81e36bade23368d81e7c628a7bb39901ec92376d296705

HTTP Headers

GET /wp-content/themes/newspaperly/js/script.js?ver=20160720 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/?p=470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:12:00 GMT
content-type: text/javascript
server: cloudflare
last-modified: Tue, 06 May 2025 14:35:39 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dq%2B15vzOCO3g%2F5M2FNwsMsgUKmWcgmzLpzacOibT0mMEy7iJCbqW4s%2FK%2FYAFIWGfwl%2FoGmHDezZoC4hyQBQJxV1cbWSwtRki0jJ5zTb1wiAA5v8LIhNhrim4G3DQ5H6VFQ%3D%3D"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-encoding: br
cf-ray: 93e3a45b4bd57128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1ststreams.xyz/wp-content/themes/newspaperly/js/accessibility.js?ver=20160720

104.21.17.29

200 OK

1.2 kB

URL GET
1ststreams.xyz/wp-content/themes/newspaperly/js/accessibility.js?ver=20160720
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
JavaScript source, ASCII text
Size
1.2 kB (1227 bytes)
Hash
939a91c88e6489b5280aef04d84f7316
dd2ef96b41e865ae0637a3506904c07a0826a871
3607065629dc85c928677d972f541e82f7da6aa6d645f3e8e90fd1f1dfaa53b8

HTTP Headers

GET /wp-content/themes/newspaperly/js/accessibility.js?ver=20160720 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/?p=470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:12:00 GMT
content-type: text/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 06 May 2025 14:35:39 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1F%2F0apvmxkj8r0IbjQ7HO76nvOrdnaw9I516w9MB2XNDv8fkG6JyKaPVYWTK8kzDFqWY7xLKyEIGTEbTT3yTaDpN%2FrwDcn4Z%2Ba5t8HOaObwdAsP1kaiVmq5cB9YpPOdOGg%3D%3D"}]}
content-encoding: br
cf-ray: 93e3a45b4bf17128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1ststreams.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1

104.21.17.29

200 OK

116 kB

URL GET
1ststreams.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.8.1
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
ASCII text, with very long lines (55654)
Size
116 kB (116363 bytes)
Hash
dfe67cbbac3da53fdbbaed71c91db428
8c82643ef63a8389c1b800b7c5d0af9d684b8b24
597ddfdee7171750c16ec5aafd392cf992e9c53386d6bb6061d48e30334f09e9

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.8.1 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/?p=470
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:11:59 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 25 Mar 2025 12:48:38 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zi23%2BoraZ0E5r3un5Hvh%2FnaFI%2BjnhVP%2FMDklhbz0b1yPTLEWMe9EoqqlF339knDzQuN7ypGj800ZaeYhhD4kL4wg3BHTZm4mUbL8Ob49YHardwzHHvOnivTnxy%2B%2BTsvLgA%3D%3D"}]}
content-encoding: br
cf-ray: 93e3a45aeb397128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1ststreams.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

104.21.17.29

200 OK

88 kB

URL GET
1ststreams.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/?p=470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:11:59 GMT
content-type: text/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Mon, 28 Aug 2023 17:14:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=IDEDFKOyeF3qEN4zmtpaTq%2BhBQLFj4OC308tRexAHAwXmbR%2B2G%2BngMdRQyf0e3nfWzW5fLYPnAZSYgAMiEC%2FFmH9InXUb4aQ4Rzn3au6DwsWEHmYkC%2BdxJ2lxPDMtlinVQ%3D%3D"}]}
content-encoding: br
cf-ray: 93e3a45b2b9c7128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1ststreams.xyz/wp-content/themes/newspaperly/js/jquery.flexslider.js?ver=20150423

104.21.17.29

200 OK

55 kB

URL GET
1ststreams.xyz/wp-content/themes/newspaperly/js/jquery.flexslider.js?ver=20150423
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
55 kB (54630 bytes)
Hash
d164ed31a1f030cca772428fbc4a353b
f6791145eb6527492ffe8d147b12571a88a26b76
9f9b8303b4fdf50f85f63fb85b80e9be5d88f6de1e7440bf03380cb9d717ce4a

HTTP Headers

GET /wp-content/themes/newspaperly/js/jquery.flexslider.js?ver=20150423 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/?p=470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:12:00 GMT
content-type: text/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 06 May 2025 14:35:39 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=G1ZtXU7SM0R5kzwOTWkKFdLNk33x1bflEQYEnG%2F2M6LuAAucW4%2FAichHySmPwrxK33KOHlYEtgXllh0o3opamaww4aL0uD9IkT%2F20Qj9995kAwBGl3Ko5BOMeRBrPa8%2BTg%3D%3D"}]}
content-encoding: br
cf-ray: 93e3a45b4bd27128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.antiadblocksystems.com/rfyCVV/phandlebars.min.js

95.173.205.14

200 OK

37 kB

URL GET
www.antiadblocksystems.com/rfyCVV/phandlebars.min.js
IP
95.173.205.14:443
ASN
#60068 Datacamp Limited

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerLet's Encrypt
Subject1431218181.rsc.cdn77.org
Fingerprint4B:43:4E:B5:B5:BA:2E:82:19:24:8B:92:64:26:1A:32:35:74:80:1B
ValidityWed, 16 Apr 2025 04:51:43 GMT - Tue, 15 Jul 2025 04:51:42 GMT

File type
JavaScript source, ASCII text, with very long lines (1568)
Size
37 kB (37188 bytes)
Hash
03b9262708b5ceeee40b02929e680cd3
8ac9edb34da1558da2051180aa960409fa64366e
b1d7e5515d00440f8ec46adaa4924d8423fecfa06724902be88517aca51d2eac

HTTP Headers

GET /rfyCVV/phandlebars.min.js HTTP/1.1
Host: www.antiadblocksystems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1ststreams.xyz
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:12:00 GMT
content-type: application/x-javascript
popads-node: wb4
expires: Fri, 16 May 2025 19:18:13 GMT
access-control-allow-origin: https://1ststreams.xyz
link: <https://antiadblocksystems.com/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwgBX63NDQGBDAG5TAoMAfdbkwIADAGckiEfAbcgAAAA
x-77-nzt-ray: 2a494a15b7758c3894e820684889913b
x-77-cache: HIT
x-77-age: 168795
vary: Accept-Encoding, Origin
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: osloNO
X-Firefox-Spdy: h2

www.thadaxizu.pro/ecc874/e04e718753fa.js

45.133.44.2

200 OK

70 kB

URL GET
www.thadaxizu.pro/ecc874/e04e718753fa.js
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerLet's Encrypt
Subjectwww.thadaxizu.pro
Fingerprint80:50:90:33:56:ED:80:53:BF:5B:C4:F8:E9:3A:1A:E9:AC:BD:2E:C0
ValidityThu, 08 May 2025 07:09:01 GMT - Wed, 06 Aug 2025 07:09:00 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
70 kB (69997 bytes)
Hash
b835445a252ecbcaf8217556a6363640
8d1836edd6a3bc2e963c97fd83d82bd235eaf691
6e828b4b4e10e2482ca29b77335856674c6d78f4a841767fd75f66b1416b5808

HTTP Headers

GET /ecc874/e04e718753fa.js HTTP/1.1
Host: www.thadaxizu.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://1ststreams.xyz
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:12:00 GMT
content-type: application/javascript; charset=utf-8
server: nginx
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
cache-control: max-age=172800
content-encoding: gzip
expires: Tue, 13 May 2025 18:12:00 GMT
x-cdn-host-id: ah0543
x-proxy-cache: HIT
X-Firefox-Spdy: h2

1ststreams.xyz/wp-content/themes/newspaperly/style.css?ver=6.8.1

104.21.17.29

200 OK

49 kB

URL GET
1ststreams.xyz/wp-content/themes/newspaperly/style.css?ver=6.8.1
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
ASCII text, with very long lines (1694)
Size
49 kB (49429 bytes)
Hash
996f1baec316d292be6fd3e770ed5d05
f10387f3566c49e52c3b5658d72bbed09cfb322f
1cdeec3c09765614cb41103a6a816966d5fb67d80e13c1ee36ae83fb08e3d3d6

HTTP Headers

GET /wp-content/themes/newspaperly/style.css?ver=6.8.1 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/?p=470
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:11:59 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 06 May 2025 14:35:39 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=yD%2FqMgMbUU%2BEF1SWWvZ%2FK%2FY6VAqK2vGAtUKdf0BDrOeatRdjgf6%2Fn5lyMbUiESv4qx5U3TshkcgHb6NvSnefUz7gORaZMIBPNgB%2BbGsys4jG2WUrJ4ybuAYNjYAL8Jxouw%3D%3D"}]}
content-encoding: br
cf-ray: 93e3a45b0b6d7128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1ststreams.xyz/wp-content/themes/newspaperly/css/font-awesome.min.css?ver=6.8.1

104.21.17.29

200 OK

31 kB

URL GET
1ststreams.xyz/wp-content/themes/newspaperly/css/font-awesome.min.css?ver=6.8.1
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /wp-content/themes/newspaperly/css/font-awesome.min.css?ver=6.8.1 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/?p=470
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:11:59 GMT
content-type: text/css
server: cloudflare
last-modified: Tue, 06 May 2025 14:35:39 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vQJOwktInDxnUh59dTvzjeyUUTJlUCEn46FEJCFjwLIXK6ggrCZEv3%2BKYSBK0LHW5HtHuBjsB%2B3kH1M5PjVxvgrdOFf1tCLM5Sy8UnY4Yx6NlzeoS0xufp20ZoWV%2Blj7nw%3D%3D"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-encoding: br
cf-ray: 93e3a45aeb407128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=6.8.1

142.250.74.10

200 OK

7.4 kB

URL GET
fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=6.8.1
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text
Size
7.4 kB (7392 bytes)
Hash
cdced9b05b1b31aa78f77d35f48b4242
b0a82f24b48d18793daeab07e78236e64bebb9e4
1a8835f34fa015500488385bd6ff7786127780400ab55227a2e4aaff06e7ae3e

HTTP Headers

GET /css?family=Lato%3A300%2C400%2C700%2C900%7CMerriweather%3A400%2C700&ver=6.8.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 11 May 2025 18:12:00 GMT
date: Sun, 11 May 2025 18:12:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1ststreams.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

104.21.17.29

200 OK

14 kB

URL GET
1ststreams.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/?p=470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:12:00 GMT
content-type: text/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ejuSuyhJOAhu4uO0i1i9EWXNeJhYZoNFI5MW6%2BtZBUbGqFqrCaD3XA%2FQYuJQ8lBSw7DbO1b2F6lF2pIQmH00WleRbv0mtjQpU4cwrCbxoUejt8fG%2BfLEIJWJ5rROtiMGIg%3D%3D"}]}
content-encoding: br
cf-ray: 93e3a45b3bb37128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

1ststreams.xyz/wp-content/themes/newspaperly/js/navigation.js?ver=20170823

104.21.17.29

200 OK

3.0 kB

URL GET
1ststreams.xyz/wp-content/themes/newspaperly/js/navigation.js?ver=20170823
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
ASCII text
Size
3.0 kB (2967 bytes)
Hash
49493316c090bb3d7cca5bc09031037c
b77b6525d82691c3d4ca05948e846500ea0cb1d3
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

HTTP Headers

GET /wp-content/themes/newspaperly/js/navigation.js?ver=20170823 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/?p=470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:12:00 GMT
content-type: text/javascript
server: cloudflare
last-modified: Tue, 06 May 2025 14:35:39 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UZchHGyl0VNjLDPF0Ofd7YlgZLPt69Al6xjnhu5ZTZP3K9GYwP7aVqrugrOpNFkEEzh3IrB2t1h8L82weAhmbTTHONXpnn%2BJ8tUr1VP3HtaKA4VsniIL9YCJIEwSe2QX3g%3D%3D"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-encoding: br
cf-ray: 93e3a45b3bb77128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sugaryif.com/cLD.9t6ibk2P5VleSqWGQn9eNNjbMM0/MXTAYz5-NAiq0d2aMszyQAxFNcjnk/3L

88.85.68.219

200 OK

42 kB

URL GET
sugaryif.com/cLD.9t6ibk2P5VleSqWGQn9eNNjbMM0/MXTAYz5-NAiq0d2aMszyQAxFNcjnk/3L
IP
88.85.68.219:443
ASN
#35415 Webzilla B.V.

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerLet's Encrypt
Subjectsugaryif.com
Fingerprint63:FD:61:1B:D3:A5:AF:A9:68:54:0B:44:B0:85:74:DB:49:30:03:FD
ValidityMon, 05 May 2025 13:04:24 GMT - Sun, 03 Aug 2025 13:04:23 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (22055)
Size
42 kB (42225 bytes)
Hash
a56757b877fae9ce0a32ef3bf9131445
5603c774212a985aba8e063c6c774682b4c02b87
238457db5e3309d7acde3e86ea7f928e9064cd53a443df3531ebc07b348a98d9

HTTP Headers

GET /cLD.9t6ibk2P5VleSqWGQn9eNNjbMM0/MXTAYz5-NAiq0d2aMszyQAxFNcjnk/3L HTTP/1.1
Host: sugaryif.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 11 May 2025 18:12:00 GMT
content-type: application/javascript
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
last-modified: Sun, 11 May 2025 18:12:00 GMT
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE3NDY5ODE0OTIsInpvbmVzIjp7IjYyMzE4MTYiOls2MjMxODE2LDEsMTc0Njk4MTQ5Ml0sIjYyMzM4MzMiOls2MjMzODMzLDEsMTc0Njk4NzAwMF0sIjYyMzM4NDIiOls2MjMzODQyLDEsMTc0Njk4MTQ5Ml0sIjYzNDE2OTYiOls2MzQxNjk2LDEsMTc0Njk4NzEyMF19fQ==; max-age=1778523120; path=/
uniqCookie=dffea7382b69c80d84628d8f36e4e84e; max-age=1749579120; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

1ststreams.xyz/wp-includes/js/comment-reply.min.js?ver=6.8.1

104.21.17.29

200 OK

3.0 kB

URL GET
1ststreams.xyz/wp-includes/js/comment-reply.min.js?ver=6.8.1
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
ASCII text, with very long lines (2991)
Size
3.0 kB (3026 bytes)
Hash
e4a49df71f8b98c1d9f9d8fce74d89e8
b95fcda0c8c26305ad94e80343d0cfca8a048a10
9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.8.1 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/?p=470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:12:00 GMT
content-type: text/javascript
server: cloudflare
last-modified: Thu, 06 Feb 2025 17:27:26 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=OKXtlBBeCSf9NMtBPHnPN%2F3NU5GM3Qjvwavw0BkvPJnta%2BR5nEGOHvLbU7BzcLq93NDkWxQ15zdcSLkkB3YMV98lGWlWuPwwPVf383H6YtRg50GHxb7TUbrXqjD7fQxUDA%3D%3D"}]}
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-encoding: br
cf-ray: 93e3a45b5bfd7128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sugaryif.com/YL2.xMpNZOW_5Q0RZSGTF-0VYWTX9Yy_camblckdP-TfIg3hNiz_NkilOmDnN-lpZqmrUsz_ZujvEw5xO-TzQAxBNCj_cE4FNGDHM-5JMKzLNMi_MOWPEQwRY-jTkU5V

88.85.68.219

200 OK

0 B

URL POST
sugaryif.com/YL2.xMpNZOW_5Q0RZSGTF-0VYWTX9Yy_camblckdP-TfIg3hNiz_NkilOmDnN-lpZqmrUsz_ZujvEw5xO-TzQAxBNCj_cE4FNGDHM-5JMKzLNMi_MOWPEQwRY-jTkU5V
IP
88.85.68.219:443
ASN
#35415 Webzilla B.V.

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerLet's Encrypt
Subjectsugaryif.com
Fingerprint63:FD:61:1B:D3:A5:AF:A9:68:54:0B:44:B0:85:74:DB:49:30:03:FD
ValidityMon, 05 May 2025 13:04:24 GMT - Sun, 03 Aug 2025 13:04:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /YL2.xMpNZOW_5Q0RZSGTF-0VYWTX9Yy_camblckdP-TfIg3hNiz_NkilOmDnN-lpZqmrUsz_ZujvEw5xO-TzQAxBNCj_cE4FNGDHM-5JMKzLNMi_MOWPEQwRY-jTkU5V HTTP/1.1
Host: sugaryif.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 54
Origin: https://1ststreams.xyz
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 11 May 2025 18:12:00 GMT
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
x-content-type-options: nosniff
X-Firefox-Spdy: h2

grumpyhopesucceeding.com/4d45427c6b7b3f9d91d25748f98bb0cc/invoke.js

172.240.108.68

403 Forbidden

0 B

URL GET
grumpyhopesucceeding.com/4d45427c6b7b3f9d91d25748f98bb0cc/invoke.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerLet's Encrypt
Subjectgrumpyhopesucceeding.com
FingerprintED:82:10:98:8C:D6:8A:83:E8:D8:BE:07:73:85:5B:35:86:13:34:9B
ValiditySun, 16 Mar 2025 21:59:37 GMT - Sat, 14 Jun 2025 21:59:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4d45427c6b7b3f9d91d25748f98bb0cc/invoke.js HTTP/1.1
Host: grumpyhopesucceeding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Sun, 11 May 2025 18:12:00 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 6
Host: grumpyhopesucceeding.com

1ststreams.xyz/wp-content/themes/newspaperly/js/skip-link-focus-fix.js?ver=20170823

104.21.17.29

200 OK

685 B

URL GET
1ststreams.xyz/wp-content/themes/newspaperly/js/skip-link-focus-fix.js?ver=20170823
IP
104.21.17.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1ststreams.xyz/?p=470
Certificate
IssuerGoogle Trust Services
Subject1ststreams.xyz
Fingerprint94:CC:7E:92:92:9E:46:B5:A7:09:5D:F5:DB:CE:26:B8:19:FC:E2:88
ValidityThu, 24 Apr 2025 13:05:18 GMT - Wed, 23 Jul 2025 14:02:41 GMT

File type
ASCII text
Size
685 B (685 bytes)
Hash
93d421fd7576b0ca9c359ffe2fa16113
eacce35258f14fcd79bea2bc23f4140d25874322
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

HTTP Headers

GET /wp-content/themes/newspaperly/js/skip-link-focus-fix.js?ver=20170823 HTTP/1.1
Host: 1ststreams.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1ststreams.xyz/?p=470
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 11 May 2025 18:12:00 GMT
content-type: text/javascript
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 06 May 2025 14:35:39 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ID8RfGopls%2FJpKfdYhfvfpGydthxnTEcH02Uvb7%2F0xVhbnXYVwN8bFfmdlmnIUVA6MozTadysNG%2FfKkFhTk3Mrjw%2BtkualgDX%2BvCzLvofN9NFlA95k9TXh%2BelbR3BQ0tdw%3D%3D"}]}
content-encoding: br
cf-ray: 93e3a45b3bd17128-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type