rfhzvn.cfd Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://b1-tb-offers.buzz/yMGOOejF?s=7&t=wa Page URL
2. https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	yMGOOejF Show response b1-tb-offers.buzz/	3 KB 1 KB	270ms 199ms	Document text/html	2606:4700:3032::ac43:9da9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://b1-tb-offers.buzz/yMGOOejF?s=7&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:9da9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e225e04851ade29a67ca3f297106efa9aaad9b98119eeefd47853a7915118224 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e0faed23eb39b83-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 03 Jul 2023 14:05:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDDLX7hynOyoxlYwkNHuyRXfy%2FFgRdeVdsBFZz0Z9XKrHeL0kyfr%2BS4m92oGWac5zMhDG%2B5iwv5fMcBJSM5ezryAGfTYn3ZFnVJmeUqK2FGRucrh0fSy319FIqS6ffY9K6OsxOldWUi4I27LKX9KcA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.1/	94 KB 94 KB	88ms 22ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Requested by Host: b1-tb-offers.buzz URL: https://b1-tb-offers.buzz/yMGOOejF?s=7&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://b1-tb-offers.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 30 Jun 2023 14:17:29 GMT x-content-type-options nosniff age 258472 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95786 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 29 Jun 2024 14:17:29 GMT
GET		jquery.min.js aisle-gove-ld3b.buzz/js/	0 0
GET		jquery.min.js aisle-gove-ld1b.buzz/js/	0 0
GET H2	200	jquery.min.js Show response rfhzvn.cfd/js/	29 B 553 B	156ms 87ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rfhzvn.cfd/js/jquery.min.js?1688393121&_=1688393121978 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92b98afb1032fda85be6aaa0c0973e08e4befcf31a2dd86858005005d039114e Request headers accept-language de-DE,de;q=0.9 Referer https://b1-tb-offers.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:05:22 GMT cf-cache-status MISS last-modified Mon, 08 May 2023 14:46:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64590b53-1d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydm99E7GpRgmxrbD%2BGn%2BMkTvn%2Brmc2D3KpoBmTWAFO5%2Bh6tIO34hvB45bufserUZTTSlEKDaUaS9Jfi8WdcKKVuOuPPvJztALh7eRCPP7X7Kpb%2FlOUc9x1SFHJGq8liJNuXOqDYHc0W3"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 accept-ranges bytes cf-ray 7e0faed4dc0137cc-FRA alt-svc h3=":443"; ma=86400 content-length 29 expires Tue, 04 Jul 2023 02:05:22 GMT
GET H2	200	Primary Request yMGOO96E Show response rfhzvn.cfd/	79 KB 18 KB	90ms 89ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Requested by Host: b1-tb-offers.buzz URL: https://b1-tb-offers.buzz/yMGOOejF?s=7&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e07e1eb47cea7362ffb399ea613147abe2c9c63ced9bb62b25603063d8207ea Request headers Referer https://b1-tb-offers.buzz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e0faed56ca137cc-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 03 Jul 2023 14:05:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orYjBlVjLnF5ZthvuC85azGElgP3zl%2BoJo9fXbiRFwY93AFNHl0VBgyy36QnOyRD%2F5MPai6kULY29vGGifXM9n35v%2F0y5F0AIYON9C4wOuJNawhrXx4LXtrTHqdJtr0w6uSEGHjfcmT5"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.1/	94 KB 94 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 30 Jun 2023 14:17:29 GMT x-content-type-options nosniff age 258473 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95786 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 29 Jun 2024 14:17:29 GMT
GET H2	200	sweetalert2@11 Show response cdn.jsdelivr.net/npm/	66 KB 19 KB	78ms 21ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/sweetalert2@11 Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d836e0e75cb17daeea67c0922aab0dc47b6987c5077606f3c5717d00db72247a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 03 Jul 2023 14:05:22 GMT x-content-type-options nosniff content-encoding br age 16394 x-jsd-version 11.7.12 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 19486 x-served-by cache-fra-eddf8230132-FRA x-jsd-version-type version etag W/"109b9-+rpF2xPZ/NuPuP6MI/GG7UC13uQ" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	293DIUA.jpg i.imgur.com/	51 KB 51 KB	67ms 23ms	Image image/jpeg	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/293DIUA.jpg Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 919d768ccd78568004c698ce3e8731db23b773deeec3a5195cbb3bebd575f4d1 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:05:22 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD12-P2 age 1185110 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 52185 x-served-by cache-iad-kjyo7100036-IAD, cache-fra-etou8220077-FRA last-modified Mon, 19 Jun 2023 20:53:31 GMT server cat factory 1.0 x-timer S1688393122.327388,VS0,VE1 etag "3f891bdcfa13caa1d2d0564897a69d99" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id uNPosT2A4wnLUBrJzc0jlRga5EtASgmlKz7fBDFJLxC3eIoT6dLT9Q== x-cache-hits 19, 1
GET H2	200	ettte.jpg 1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/	34 KB 35 KB	99ms 23ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-RuIA2JO0NW0/YKKccmd5SdI/AAAAAAAAB28/NihG0SeSJtkp1P9DCvM00yeYhey77iPXwCLcBGAsYHQ/s600/ettte.jpg Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 6db87b82ec9f8123a70efd7a43fae49cfee29fa186c512e31f022615bf185395 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 10:21:48 GMT x-content-type-options nosniff age 13414 content-disposition inline;filename="ettte.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35100 x-xss-protection 0 server fife etag "v771" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Tue, 04 Jul 2023 10:21:48 GMT
GET H2	200	WechatIMG101.jpeg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkPHVmrPTgJbR1AIql97gXDjruWaNoUA0OnwI8u9GW6dMA8mfo2B_SAyTpbAkhKGKaw2JsHTn7kKzsr1LOxya6XKsp9aZ4YK9lOvaEhvxVZx8EcRyYN8Qp1EYAMXeLokFPRQZt4WUxlKi-RnrV...	19 KB 19 KB	346ms 266ms	Image image/jpeg	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkPHVmrPTgJbR1AIql97gXDjruWaNoUA0OnwI8u9GW6dMA8mfo2B_SAyTpbAkhKGKaw2JsHTn7kKzsr1LOxya6XKsp9aZ4YK9lOvaEhvxVZx8EcRyYN8Qp1EYAMXeLokFPRQZt4WUxlKi-RnrVnlIdzMGnkqnAbrBlTLmZZW-2PNdSh5nh15e4370ohQ/s200/WechatIMG101.jpeg Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 62fc8e840163bc0625649a8702d0b12d2ca67c27cd6bfad0d6a364fbbe77f8d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:05:22 GMT x-content-type-options nosniff server fife etag "v7f" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="WechatIMG101.jpeg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19316 x-xss-protection 0 expires Tue, 04 Jul 2023 14:05:22 GMT
GET H2	200	WechatIMG100.jpeg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPUn58QK13XCZ4yp6b5H05SQgRSVpDwRpO1RIARD5MvH1t1vIJ8Ly3uvNuZJKdPQ8kjqB8mIWvjdzFNmLA5ca7qMHULzmQqViP_b1oQ3IbvIE9q-fy1BsxpzxJ_PBwy70nuJ1w-1L0QhTzojr7...	23 KB 23 KB	386ms 307ms	Image image/jpeg	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPUn58QK13XCZ4yp6b5H05SQgRSVpDwRpO1RIARD5MvH1t1vIJ8Ly3uvNuZJKdPQ8kjqB8mIWvjdzFNmLA5ca7qMHULzmQqViP_b1oQ3IbvIE9q-fy1BsxpzxJ_PBwy70nuJ1w-1L0QhTzojr77sVdL1cV3Beg_GrV3lkvQHU3uyZnfVviriAcmNCI_g/s374/WechatIMG100.jpeg Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash b1eeeda8e1938e92fbd93a6d12f320a63d8311e3d63738a6b4d4ee7d305a3085 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:05:22 GMT x-content-type-options nosniff server fife etag "v7f" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="WechatIMG100.jpeg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23391 x-xss-protection 0 expires Tue, 04 Jul 2023 14:05:22 GMT
GET H2	200	1679643128398.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLdR_2PQqB59BLBJszfUC5NPs2Y3aiVmK9ECpdzSwTNxMSdDnUEzcyVFRn4tO0OyWI4Yue0fhU6i3g0z7CU4ECbFwxvQ0Z2lGyQjWurvMRWWgksF58WYrXRvjzKCm-sdO1QRKC131vTHwOEC_o...	145 KB 146 KB	353ms 274ms	Image image/jpeg	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLdR_2PQqB59BLBJszfUC5NPs2Y3aiVmK9ECpdzSwTNxMSdDnUEzcyVFRn4tO0OyWI4Yue0fhU6i3g0z7CU4ECbFwxvQ0Z2lGyQjWurvMRWWgksF58WYrXRvjzKCm-sdO1QRKC131vTHwOEC_oQXBu18kymC70yDuwtz9f3PVCOGTRkH3JiHyxVskh9g/s958/1679643128398.jpg Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 2dcf4c5a6cbf37978c2758e2c3e4944e173127ef14df7985c0c334eee93ca566 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:05:22 GMT x-content-type-options nosniff server fife etag "v256e7" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="1679643128398.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 148936 x-xss-protection 0 expires Tue, 04 Jul 2023 14:05:22 GMT
GET H2	200	Whatsapp%2BDP%2BGirl%2B%252812%2529.jpg 1.bp.blogspot.com/-M9UfqNnbCLg/XjZcNnlB6sI/AAAAAAAANf4/QzxPat0qhac_W7sZu9BxzkEFYiwZPwjSgCLcBGAsYHQ/s1600/	21 KB 21 KB	120ms 47ms	Image image/jpeg	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-M9UfqNnbCLg/XjZcNnlB6sI/AAAAAAAANf4/QzxPat0qhac_W7sZu9BxzkEFYiwZPwjSgCLcBGAsYHQ/s1600/Whatsapp%2BDP%2BGirl%2B%252812%2529.jpg Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash ddd79e024592b5ecf9edac3c1bb0bb33cb1c42124af3169b634b912885f3b625 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 11:05:40 GMT x-content-type-options nosniff age 10782 content-disposition inline;filename="Whatsapp DP Girl (12).jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21272 x-xss-protection 0 server fife etag "v3623" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Tue, 04 Jul 2023 11:05:40 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	1603ms 845ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?f188e79734dd20aaa8174ff4dfbfb68e Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 9df395dc62934c211200085bd3829d693cf9c660d6b3d32fde86a52f19ec2d51 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Mon, 03 Jul 2023 14:05:23 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag c0a2a2ddf068c82fe4eb245e3a37a321 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11254
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	1149ms 388ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?3a2f34694f3b89bec4ca29246663dda0 Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 3b09675444c0879a1209222d4bc8df9c78ebe61f3d13e75b63ec8490d1066aaa Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Mon, 03 Jul 2023 14:05:23 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 82860628a5fffbd19047e2b8a9372d7c P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11254
GET H3	200	yMGOO96E Show response rfhzvn.cfd/	79 KB 18 KB	79ms 78ms	Script text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3812af87ac5dfee13cb242789b8dde9dfc6917847b72d9a85ed77f12e154e908 Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/yMGOO96E?st=7&t=wa User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:05:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW4avFkJ4LjwCCUB7KGMlsHiB0Qhlg18T5Qu3j6zyWmGYnX1IqP8LrzpACmZNbPJ3xFV%2Fx6%2BgT4W40i7hbmSmthXKlyAUSsUcqA6dYgxECFnflmCz6n9%2BNfHh%2F1WM1u7DE08XAz1UlIP"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 7e0faed69ea303d8-FRA alt-svc h3=":443"; ma=86400
GET H2	404	jquery.min.js icubaz.cfd/js/	0 0	415ms 338ms	Script text/html	2606:4700:3030::6815:d4a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://icubaz.cfd/js/jquery.min.js?1688393122&_=1688393122279 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:d4a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
GET H2	200	jquery.min.js Show response qkslxb.cfd/js/	29 B 558 B	152ms 78ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qkslxb.cfd/js/jquery.min.js?1688393122&_=1688393122280 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92b98afb1032fda85be6aaa0c0973e08e4befcf31a2dd86858005005d039114e Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:05:22 GMT cf-cache-status MISS last-modified Mon, 08 May 2023 14:46:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64590b53-1d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gq%2ByQPRWwWDSfGToNjvnSgN8wf%2FwlZY3gaXvXA%2BBmJH3apZOo9p05yC%2B72YhQmPmYpr67J2qO9Pjql%2BbgjC1Wm%2BAWxsgvnddH6yTbiyeps%2BlEFSmZJkR8K599g9c0xeYBny8v%2BNFIWwq"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 accept-ranges bytes cf-ray 7e0faed7b880903c-FRA alt-svc h3=":443"; ma=86400 content-length 29 expires Tue, 04 Jul 2023 02:05:22 GMT
GET H2	200	jquery.min.js Show response xukhfe.cfd/js/	29 B 555 B	402ms 338ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xukhfe.cfd/js/jquery.min.js?1688393122&_=1688393122281 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92b98afb1032fda85be6aaa0c0973e08e4befcf31a2dd86858005005d039114e Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:05:22 GMT cf-cache-status MISS last-modified Wed, 10 May 2023 07:40:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "645b4a67-1d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oov02uNqfFOv8c3Aw6JIEwcWHyWO1wE9Tv%2FbH1nj1Lrvy7WPOhIodBzW%2Bd05fSDs5XzE4%2B4VFxsimmZJaOce%2FgH3ANND%2F8YazUiMdt%2FXckOjbNSLEkskk5F3pwkkezsuyY4ip%2FY3AOhy"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 accept-ranges bytes cf-ray 7e0faed7a8578ffe-FRA alt-svc h3=":443"; ma=86400 content-length 29 expires Tue, 04 Jul 2023 02:05:22 GMT
GET H2	200	bootstrap.min.js Show response ajax.googleapix.com/bootstrap/libs/	1 KB 1 KB	379ms 313ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapix.com/bootstrap/libs/bootstrap.min.js?_=1688393122282 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a25c4bd3e6b542e9dfd1fa9d565b9324d9fab60b6e88afbd916d40a6d3aec7ca Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 14:05:22 GMT content-encoding br cf-cache-status MISS last-modified Mon, 03 Jul 2023 14:05:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FaI3rmU%2BPEU3oA9WM2L%2BSanfOYS3o1KpolOcHwYHe6LZCT3oM70cYC6T90HI%2FR4BTEtskRrsZ5%2Frf2HsiFnHao4ir%2BxBkDXQjfFpagjlftfxzRC3SwRikHxycIQITVip%2Fxx%2Fv4NKL5r71EZ23XA9Iqu"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 7e0faed7db6a30f0-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	369ms 369ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=404591213&si=3a2f34694f3b89bec4ca29246663dda0&su=https%3A%2F%2Fb1-tb-offers.buzz%2F&v=1.3.0&lv=1&sn=14919&r=0&ww=1600&u=https%3A%2F%2Frfhzvn.cfd%2FyMGOO96E%3Fst%3D7%26t%3Dwa%231688393122938&tt=Die%20Auszahlungen%20zur%20Armutsbek%C3%A4mpfung%20haben%20begonnen Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Mon, 03 Jul 2023 14:05:24 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	382ms 382ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=590450716&si=f188e79734dd20aaa8174ff4dfbfb68e&su=https%3A%2F%2Fb1-tb-offers.buzz%2F&v=1.3.0&lv=1&sn=14919&r=0&ww=1600&u=https%3A%2F%2Frfhzvn.cfd%2FyMGOO96E%3Fst%3D7%26t%3Dwa%231688393122938&tt=Die%20Auszahlungen%20zur%20Armutsbek%C3%A4mpfung%20haben%20begonnen Requested by Host: rfhzvn.cfd URL: https://rfhzvn.cfd/yMGOO96E?st=7&t=wa Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Mon, 03 Jul 2023 14:05:24 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 11 KB	1027ms 1027ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?6fa809bf645b77705eb42935c3b09b08 Requested by Host: b1-tb-offers.buzz URL: https://b1-tb-offers.buzz/yMGOOejF?s=7&t=wa Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 15a0edfa991f8680f5480c7e5ba4098a435548bd173f3ae6d4e2bf9db7eecbaa Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Mon, 03 Jul 2023 14:05:28 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 85b175660af1535b330833da7040fa8e Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11256
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	376ms 376ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1240182288&si=6fa809bf645b77705eb42935c3b09b08&su=https%3A%2F%2Fb1-tb-offers.buzz%2F&v=1.3.0&lv=1&sn=14926&r=0&ww=1600&u=https%3A%2F%2Frfhzvn.cfd%2FyMGOO96E%3Fst%3D7%26t%3Dwa%231688393122938&tt=Die%20Auszahlungen%20zur%20Armutsbek%C3%A4mpfung%20haben%20begonnen Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://rfhzvn.cfd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Mon, 03 Jul 2023 14:05:30 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

aisle-gove-ld3b.buzz

URL

https://aisle-gove-ld3b.buzz/js/jquery.min.js?1688393121&_=1688393121976

Domain

aisle-gove-ld1b.buzz

URL

https://aisle-gove-ld1b.buzz/js/jquery.min.js?1688393121&_=1688393121977

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| set_Cookie function| get_Cookie function| $ function| jQuery object| _hmt function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| prevent function| rset_Cookie function| rget_Cookie number| st string| landingDomain string| _0xod2 object| _0xod2_ object| _0x346c function| _0x4853 object| DOMString object| objServer function| deadline function| enviar function| tip_text function| messageToSend number| counter number| counter2 number| seconds object| adsLink function| sharecount function| hh1 function| jp function| fh number| testtimeyouarefastest string| baiduid boolean| _bdhm_loaded_3a2f34694f3b89bec4ca29246663dda0 object| mini_tangram_log_epy7fd boolean| _bdhm_loaded_f188e79734dd20aaa8174ff4dfbfb68e object| mini_tangram_log_eyybt3

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.b1-tb-offers.buzz/	1970-01-20 12:59:53	Name: godomainl Value: rfhzvn.cfd
			rfhzvn.cfd/	1970-01-20 13:43:05	Name: reg Value: 1
			.rfhzvn.cfd/	1970-01-20 12:59:53	Name: godomain Value: qkslxb.cfd
			.hm.baidu.com/	1970-01-20 22:35:53	Name: HMACCOUNT_BFESS Value: 70E5AD0FFE624D5F
			.rfhzvn.cfd/	1970-01-20 21:45:29	Name: Hm_lvt_3a2f34694f3b89bec4ca29246663dda0 Value: 1688393124
			.rfhzvn.cfd/	1969-12-31 23:59:59	Name: Hm_lpvt_3a2f34694f3b89bec4ca29246663dda0 Value: 1688393124
			.rfhzvn.cfd/	1970-01-20 21:45:29	Name: Hm_lvt_f188e79734dd20aaa8174ff4dfbfb68e Value: 1688393124
			.rfhzvn.cfd/	1969-12-31 23:59:59	Name: Hm_lpvt_f188e79734dd20aaa8174ff4dfbfb68e Value: 1688393124

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://icubaz.cfd/js/jquery.min.js?1688393122&_=1688393122279 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
aisle-gove-ld1b.buzz
aisle-gove-ld3b.buzz
ajax.googleapis.com
ajax.googleapix.com
b1-tb-offers.buzz
blogger.googleusercontent.com
cdn.jsdelivr.net
hm.baidu.com
i.imgur.com
icubaz.cfd
qkslxb.cfd
rfhzvn.cfd
xukhfe.cfd
aisle-gove-ld1b.buzz
aisle-gove-ld3b.buzz
103.235.46.191
146.75.120.193
2606:4700:3030::6815:d4a
2606:4700:3032::ac43:9da9
2a00:1450:4001:809::2001
2a00:1450:4001:810::2001
2a00:1450:4001:830::200a
2a04:4e42:400::485
2a06:98c1:3120::3
2a06:98c1:3121::3
15a0edfa991f8680f5480c7e5ba4098a435548bd173f3ae6d4e2bf9db7eecbaa
2dcf4c5a6cbf37978c2758e2c3e4944e173127ef14df7985c0c334eee93ca566
3812af87ac5dfee13cb242789b8dde9dfc6917847b72d9a85ed77f12e154e908
3b09675444c0879a1209222d4bc8df9c78ebe61f3d13e75b63ec8490d1066aaa
3e07e1eb47cea7362ffb399ea613147abe2c9c63ced9bb62b25603063d8207ea
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
62fc8e840163bc0625649a8702d0b12d2ca67c27cd6bfad0d6a364fbbe77f8d8
6db87b82ec9f8123a70efd7a43fae49cfee29fa186c512e31f022615bf185395
919d768ccd78568004c698ce3e8731db23b773deeec3a5195cbb3bebd575f4d1
92b98afb1032fda85be6aaa0c0973e08e4befcf31a2dd86858005005d039114e
9df395dc62934c211200085bd3829d693cf9c660d6b3d32fde86a52f19ec2d51
a25c4bd3e6b542e9dfd1fa9d565b9324d9fab60b6e88afbd916d40a6d3aec7ca
b1eeeda8e1938e92fbd93a6d12f320a63d8311e3d63738a6b4d4ee7d305a3085
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d836e0e75cb17daeea67c0922aab0dc47b6987c5077606f3c5717d00db72247a
ddd79e024592b5ecf9edac3c1bb0bb33cb1c42124af3169b634b912885f3b625
e225e04851ade29a67ca3f297106efa9aaad9b98119eeefd47853a7915118224