| melodic-splashy-freckle.glitch.me/ | 18.235.65.101 | | 1.3 kB |
URL melodic-splashy-freckle.glitch.me/ IP18.235.65.101:0
File typeHTML document, ASCII text Hashb5bc707d03576424b46820c0fa1f8612 76448d8d80744a41ba2d632decfdae6037d484f5 4a8bda0fbf5dcce82f6edb89d91c450aed837c8059f153282f3c89502f0e8c57
GET / HTTP/1.1
Host: melodic-splashy-freckle.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 06:55:02 GMT
content-type: text/html; charset=utf-8
content-length: 1332
x-amz-id-2: lQ/EG+4xh3rKMxPfR7DzRpKVMm4eOd9mEfGYRC5cH8HHtmKm7Hrb0oF26pGX6E5Lj+LAPI3Pl84=
x-amz-request-id: P0Q7VH4HEKZ65PW7
last-modified: Wed, 24 Apr 2024 02:27:43 GMT
etag: "b5bc707d03576424b46820c0fa1f8612"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: I9dVm1pK120tHitFOK6x4N_DN5cknJU8
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2
|
|
| melodic-splashy-freckle.glitch.me/favicon.ico | 18.235.65.101 | | 3.7 kB |
URL melodic-splashy-freckle.glitch.me/favicon.ico IP18.235.65.101:0
File typeHTML document, ASCII text Hashce0366d3c0ef2d5187efc621c5e7fb00 83f60d035e88968d24178360639a8ad6cc08dc26 2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c
GET /favicon.ico HTTP/1.1
Host: melodic-splashy-freckle.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://melodic-splashy-freckle.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Wed, 24 Apr 2024 06:55:02 GMT
content-length: 3674
cache-control: max-age=0
X-Firefox-Spdy: h2
|
|
| lknfjahjshjhd.net/cdn-cgi/challenge-platform/scripts/jsd/main.js | 188.114.96.1 | 302 Found | 0 B |
URL GET HTTP/3lknfjahjshjhd.net/cdn-cgi/challenge-platform/scripts/jsd/main.js IP188.114.96.1:443
Requested byhttps://lknfjahjshjhd.net/yasonda93883/w.html#google@google.com CertificateIssuerGoogle Trust Services LLC Subjectlknfjahjshjhd.net Fingerprint3D:35:E5:10:CD:61:53:E6:57:43:F4:FC:3D:AF:B1:3A:65:D9:39:53 ValidityTue, 23 Apr 2024 12:18:49 GMT - Mon, 22 Jul 2024 12:18:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: lknfjahjshjhd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: C2hEBTDX1Os1H4NpJoEg8ZBXIUQ=IlqxZFB0f-X8GveNq_pTIK3SK74; gWgMsxuUY1R9x7L1YoxsqzL_QFU=1713941671; 49ehPVBhik9mwJvew7KkeuuWdg8=1714028071; zqMUwvcNCGjKwly0WLcSaJxAX5g=tOc42CfHLWcVFYrrSJzBDDuRTjs; p9P-kWOLXragU-fx7Cz7vbFz7kk=lkLPZiL_UVgRTxwDers97UXe5XU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Wed, 24 Apr 2024 06:55:02 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ICIaV41BJHMxKdDhNsEeEHufx9s72hnQ%2B9UFOmZs2yPL3L%2FG%2Fqz7%2BUbPITRRHEpLBtaRa%2Fasv811sAGO2KYUALgcorUY5wv1ePwoM2l1%2F8C7rZuwMgKkwUgtwsPLUtNdtFXRSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87942f7a487e0b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lknfjahjshjhd.net/yasonda93883/w.html | 188.114.96.1 | | 0 B |
URL lknfjahjshjhd.net/yasonda93883/w.html IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectlknfjahjshjhd.net Fingerprint3D:35:E5:10:CD:61:53:E6:57:43:F4:FC:3D:AF:B1:3A:65:D9:39:53 ValidityTue, 23 Apr 2024 12:18:49 GMT - Mon, 22 Jul 2024 12:18:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /yasonda93883/w.html HTTP/1.1
Host: lknfjahjshjhd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
fEPalBhvZlvVeTbCySEw32hmBTE: 43282447
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp:
X-Requested-TimeStamp-Expire:
X-Requested-TimeStamp-Combination:
X-Requested-Type: GET
X-Requested-Type-Combination: GET
EU5Fi9G-sOqQEB8oAmvVZKqQ: 74yzq1BpdZxleELdYgjhKkHXZIk
Content-type: application/x-www-form-urlencoded
Content-Length: 22
Origin: https://lknfjahjshjhd.net
DNT: 1
Connection: keep-alive
Referer: https://lknfjahjshjhd.net/yasonda93883/w.html
Cookie: C2hEBTDX1Os1H4NpJoEg8ZBXIUQ=IlqxZFB0f-X8GveNq_pTIK3SK74; gWgMsxuUY1R9x7L1YoxsqzL_QFU=1713941671; 49ehPVBhik9mwJvew7KkeuuWdg8=1714028071; zqMUwvcNCGjKwly0WLcSaJxAX5g=tOc42CfHLWcVFYrrSJzBDDuRTjs; p9P-kWOLXragU-fx7Cz7vbFz7kk=lkLPZiL_UVgRTxwDers97UXe5XU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Wed, 24 Apr 2024 06:55:02 GMT
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
set-cookie: 1x3Lop6fqmPO7cYUM6RVVOCyoVU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; path=/; expires=Thu, 25-Apr-24 06:55:02 GMT; Max-Age=86400;
13nnvh6FGCunCXsVU_AoQz7-m4o=1713941702; path=/; expires=Thu, 25-Apr-24 06:55:02 GMT; Max-Age=86400;
ZGL7A6ZVyMm2RdLtKcZgakAAfN8=1714028102; path=/; expires=Thu, 25-Apr-24 06:55:02 GMT; Max-Age=86400;
7d2d_7XcIKMDJEH1m8mEtPGMQKo=738TBseHr8M9mZUqDD6OP2VuQx8; path=/; expires=Thu, 25-Apr-24 06:55:02 GMT; Max-Age=86400;
9Oq5puCaQZQjsMNsOcVpZmjVS98=RSLbUAbgvedFBMUVPAapjSAsY5w; path=/; expires=Thu, 25-Apr-24 06:55:02 GMT; Max-Age=86400;
x-frame-options: SAMEORIGIN
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ciZy0k%2BKQ3qEbd50rPR2UVSZmsqh9%2BsUhaQJHnr0kqC3J8c96d%2BoW2SuHDvhWRkaHUi1FsPpP6GrvoK8j7icgHOwnaJmQ6Zk%2FHxkA%2FdFfC82SkY3cSySR32mTfxcXFSEmCWtdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942f7a38780b02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lknfjahjshjhd.net/cdn-cgi/challenge-platform/scripts/jsd/main.js | 188.114.96.1 | 302 Found | 0 B |
URL GET HTTP/3lknfjahjshjhd.net/cdn-cgi/challenge-platform/scripts/jsd/main.js IP188.114.96.1:443
Requested byhttps://lknfjahjshjhd.net/yasonda93883/w.html#google@google.com CertificateIssuerGoogle Trust Services LLC Subjectlknfjahjshjhd.net Fingerprint3D:35:E5:10:CD:61:53:E6:57:43:F4:FC:3D:AF:B1:3A:65:D9:39:53 ValidityTue, 23 Apr 2024 12:18:49 GMT - Mon, 22 Jul 2024 12:18:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: lknfjahjshjhd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: C2hEBTDX1Os1H4NpJoEg8ZBXIUQ=IlqxZFB0f-X8GveNq_pTIK3SK74; gWgMsxuUY1R9x7L1YoxsqzL_QFU=1713941671; 49ehPVBhik9mwJvew7KkeuuWdg8=1714028071; zqMUwvcNCGjKwly0WLcSaJxAX5g=tOc42CfHLWcVFYrrSJzBDDuRTjs; p9P-kWOLXragU-fx7Cz7vbFz7kk=lkLPZiL_UVgRTxwDers97UXe5XU; 1x3Lop6fqmPO7cYUM6RVVOCyoVU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; 13nnvh6FGCunCXsVU_AoQz7-m4o=1713941702; ZGL7A6ZVyMm2RdLtKcZgakAAfN8=1714028102; 7d2d_7XcIKMDJEH1m8mEtPGMQKo=738TBseHr8M9mZUqDD6OP2VuQx8; 9Oq5puCaQZQjsMNsOcVpZmjVS98=RSLbUAbgvedFBMUVPAapjSAsY5w; 0GLeU8OftatpALL5I2tJE-OGy0c=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; uI-TCG88uToRFqgHeij0suPAGwM=1713941701; -jHIcnTmqpJT6nfe9BibSSvisL0=1714028101; pgKmnf7qZlxFRCXQcLcDox9VkeQ=0BqkjqCSDUug5GC7k4-KhyRBbtQ; YS-i2ezew0D86nFiDxhlcigK9ek=3YpvXIkpttO3YJXpjkd_7srJ1Eg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 24 Apr 2024 06:55:03 GMT
content-length: 0
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CkhdpigKvq85BGeiREtqxUTcniYRmagyzn5xjWdDQNqB8UcWja3Ylfwdq2bDBY9PA3G1p3CYDiehYJrYnfQHO4%2BfvGXosa3kYk4Io2SHlrjb7t5500THP7Gr03yBPoYKN%2FS9xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87942f7c4d6256bf-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lknfjahjshjhd.net/cdn-cgi/challenge-platform/h/b/jsd/r/87942f7b4c9a56bf | 188.114.96.1 | 200 OK | 0 B |
URL POST HTTP/3lknfjahjshjhd.net/cdn-cgi/challenge-platform/h/b/jsd/r/87942f7b4c9a56bf IP188.114.96.1:443
Requested byhttps://lknfjahjshjhd.net/yasonda93883/w.html#google@google.com CertificateIssuerGoogle Trust Services LLC Subjectlknfjahjshjhd.net Fingerprint3D:35:E5:10:CD:61:53:E6:57:43:F4:FC:3D:AF:B1:3A:65:D9:39:53 ValidityTue, 23 Apr 2024 12:18:49 GMT - Mon, 22 Jul 2024 12:18:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/challenge-platform/h/b/jsd/r/87942f7b4c9a56bf HTTP/1.1
Host: lknfjahjshjhd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12206
Origin: https://lknfjahjshjhd.net
DNT: 1
Connection: keep-alive
Referer: https://lknfjahjshjhd.net/yasonda93883/w.html
Cookie: C2hEBTDX1Os1H4NpJoEg8ZBXIUQ=IlqxZFB0f-X8GveNq_pTIK3SK74; gWgMsxuUY1R9x7L1YoxsqzL_QFU=1713941671; 49ehPVBhik9mwJvew7KkeuuWdg8=1714028071; zqMUwvcNCGjKwly0WLcSaJxAX5g=tOc42CfHLWcVFYrrSJzBDDuRTjs; p9P-kWOLXragU-fx7Cz7vbFz7kk=lkLPZiL_UVgRTxwDers97UXe5XU; 1x3Lop6fqmPO7cYUM6RVVOCyoVU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; 13nnvh6FGCunCXsVU_AoQz7-m4o=1713941702; ZGL7A6ZVyMm2RdLtKcZgakAAfN8=1714028102; 7d2d_7XcIKMDJEH1m8mEtPGMQKo=738TBseHr8M9mZUqDD6OP2VuQx8; 9Oq5puCaQZQjsMNsOcVpZmjVS98=RSLbUAbgvedFBMUVPAapjSAsY5w; 0GLeU8OftatpALL5I2tJE-OGy0c=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; uI-TCG88uToRFqgHeij0suPAGwM=1713941701; -jHIcnTmqpJT6nfe9BibSSvisL0=1714028101; pgKmnf7qZlxFRCXQcLcDox9VkeQ=0BqkjqCSDUug5GC7k4-KhyRBbtQ; YS-i2ezew0D86nFiDxhlcigK9ek=3YpvXIkpttO3YJXpjkd_7srJ1Eg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:55:03 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=vfX25sOj5jpZvgOHveXHvEHysdrLtWbOpPYHu5Wy4.w-1713941703-1.0.1.1-HpXuvWXv7bAxiELAUFsQa03m.hNHPrSvyoYzJrUBYqwJ3QBM082_D7P8xX2Iu0xlHk6iSO3Vw0oG7Q73xZPLVw; path=/; expires=Thu, 24-Apr-25 06:55:03 GMT; domain=.lknfjahjshjhd.net; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2BvOrxr589L0kQQHU%2FBn%2FhXlJgKMfln7fAQnyKjmSs2aK76ALU2Glynuk5gzVRd%2BpA2akbhLAcqj5dwEAx9tc9EJGMGG12OCbvJZkFvhQLMFDzA1YZJm4bXL9gcGuUSBRk1fpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942f7d6eb956bf-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lknfjahjshjhd.net/yasonda93883/w.html | 188.114.96.1 | | 1.1 kB |
URL lknfjahjshjhd.net/yasonda93883/w.html IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectlknfjahjshjhd.net Fingerprint3D:35:E5:10:CD:61:53:E6:57:43:F4:FC:3D:AF:B1:3A:65:D9:39:53 ValidityTue, 23 Apr 2024 12:18:49 GMT - Mon, 22 Jul 2024 12:18:48 GMT
File typeHTML document, ASCII text, with very long lines (1125), with CRLF line terminators Hashc6a6103e6f93f209865c8deb40485899 4add9ac8a8d020656c4218fba11d04cdb885bae6 67e513d572418dcc7c06e3fe71f7f9d0b0e4cd5d661b7a552a2f47cf7f4947c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /yasonda93883/w.html HTTP/1.1
Host: lknfjahjshjhd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melodic-splashy-freckle.glitch.me/
DNT: 1
Connection: keep-alive
Cookie: C2hEBTDX1Os1H4NpJoEg8ZBXIUQ=IlqxZFB0f-X8GveNq_pTIK3SK74; gWgMsxuUY1R9x7L1YoxsqzL_QFU=1713941671; 49ehPVBhik9mwJvew7KkeuuWdg8=1714028071; zqMUwvcNCGjKwly0WLcSaJxAX5g=tOc42CfHLWcVFYrrSJzBDDuRTjs; p9P-kWOLXragU-fx7Cz7vbFz7kk=lkLPZiL_UVgRTxwDers97UXe5XU; 1x3Lop6fqmPO7cYUM6RVVOCyoVU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; 13nnvh6FGCunCXsVU_AoQz7-m4o=1713941702; ZGL7A6ZVyMm2RdLtKcZgakAAfN8=1714028102; 7d2d_7XcIKMDJEH1m8mEtPGMQKo=738TBseHr8M9mZUqDD6OP2VuQx8; 9Oq5puCaQZQjsMNsOcVpZmjVS98=RSLbUAbgvedFBMUVPAapjSAsY5w; 0GLeU8OftatpALL5I2tJE-OGy0c=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; uI-TCG88uToRFqgHeij0suPAGwM=1713941701; -jHIcnTmqpJT6nfe9BibSSvisL0=1714028101; pgKmnf7qZlxFRCXQcLcDox9VkeQ=0BqkjqCSDUug5GC7k4-KhyRBbtQ; YS-i2ezew0D86nFiDxhlcigK9ek=3YpvXIkpttO3YJXpjkd_7srJ1Eg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 06:55:03 GMT
content-type: text/html
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2FI7JYJRh3wqBF9Aj0nFqH0MUYnOMoLTk5QaZqqtkxT6bvrpBFCLKR7wki3nN5Aardp7MpCgESERK%2B9o3m3jJ2OkEpvhIrrK21NdWQLbOrDxd1IIP8K71dye5KbGdkJVpU1rSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942f7b4c9a56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lknfjahjshjhd.net/favicon.ico | 188.114.96.1 | 403 Forbidden | 146 B |
URL GET HTTP/3lknfjahjshjhd.net/favicon.ico IP188.114.96.1:443
Requested byhttps://lknfjahjshjhd.net/yasonda93883/w.html#google@google.com CertificateIssuerGoogle Trust Services LLC Subjectlknfjahjshjhd.net Fingerprint3D:35:E5:10:CD:61:53:E6:57:43:F4:FC:3D:AF:B1:3A:65:D9:39:53 ValidityTue, 23 Apr 2024 12:18:49 GMT - Mon, 22 Jul 2024 12:18:48 GMT
File typeHTML document, ASCII text, with no line terminators Hashbcfacc6f2d2ee7cd5e014be08612f93e 7bb6f49a83b5186d5f8598e852bfbeee102d8a4d ef1a3d1af87d9d441ef37f001f2ffb6900ef0a7a4884a5ef165bc2b09e224b38
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: lknfjahjshjhd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lknfjahjshjhd.net/yasonda93883/w.html
Cookie: C2hEBTDX1Os1H4NpJoEg8ZBXIUQ=IlqxZFB0f-X8GveNq_pTIK3SK74; gWgMsxuUY1R9x7L1YoxsqzL_QFU=1713941671; 49ehPVBhik9mwJvew7KkeuuWdg8=1714028071; zqMUwvcNCGjKwly0WLcSaJxAX5g=tOc42CfHLWcVFYrrSJzBDDuRTjs; p9P-kWOLXragU-fx7Cz7vbFz7kk=lkLPZiL_UVgRTxwDers97UXe5XU; 1x3Lop6fqmPO7cYUM6RVVOCyoVU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; 13nnvh6FGCunCXsVU_AoQz7-m4o=1713941702; ZGL7A6ZVyMm2RdLtKcZgakAAfN8=1714028102; 7d2d_7XcIKMDJEH1m8mEtPGMQKo=738TBseHr8M9mZUqDD6OP2VuQx8; 9Oq5puCaQZQjsMNsOcVpZmjVS98=RSLbUAbgvedFBMUVPAapjSAsY5w; 0GLeU8OftatpALL5I2tJE-OGy0c=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; uI-TCG88uToRFqgHeij0suPAGwM=1713941701; -jHIcnTmqpJT6nfe9BibSSvisL0=1714028101; pgKmnf7qZlxFRCXQcLcDox9VkeQ=0BqkjqCSDUug5GC7k4-KhyRBbtQ; YS-i2ezew0D86nFiDxhlcigK9ek=3YpvXIkpttO3YJXpjkd_7srJ1Eg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 06:55:03 GMT
content-type: text/html
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
pragma: public
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vMpkKz5CWxo0fVaM1M%2BX5%2BJ%2Fb4drRCK9wJBQ%2BHU8yBxuRfpHpaTbdkvEqRckNcPObHPUi91G0QMjxXifrKFaNyLpWm6PBAmAjuXFUNdn8qWIWMV8W%2Fj4tkTXw5pDG2JYtYdZYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87942f7c3d5a56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lknfjahjshjhd.net/yasonda93883/w.html | 188.114.96.1 | 403 Forbidden | 1.3 kB |
URL User Request GET HTTP/3lknfjahjshjhd.net/yasonda93883/w.html IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectlknfjahjshjhd.net Fingerprint3D:35:E5:10:CD:61:53:E6:57:43:F4:FC:3D:AF:B1:3A:65:D9:39:53 ValidityTue, 23 Apr 2024 12:18:49 GMT - Mon, 22 Jul 2024 12:18:48 GMT
File typeHTML document, ASCII text, with very long lines (1280), with no line terminators Hash474cba443727ee0aaa345461f24fb5f8 3443effcd2b52c1b24eefc2e7a2423aad3f6edc3 b6e49160558bc7df4363a94ed342362cd86518dc94438306f3e2bc184b25260b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /yasonda93883/w.html HTTP/1.1
Host: lknfjahjshjhd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://melodic-splashy-freckle.glitch.me/
DNT: 1
Connection: keep-alive
Cookie: C2hEBTDX1Os1H4NpJoEg8ZBXIUQ=IlqxZFB0f-X8GveNq_pTIK3SK74; gWgMsxuUY1R9x7L1YoxsqzL_QFU=1713941671; 49ehPVBhik9mwJvew7KkeuuWdg8=1714028071; zqMUwvcNCGjKwly0WLcSaJxAX5g=tOc42CfHLWcVFYrrSJzBDDuRTjs; p9P-kWOLXragU-fx7Cz7vbFz7kk=lkLPZiL_UVgRTxwDers97UXe5XU; 1x3Lop6fqmPO7cYUM6RVVOCyoVU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; 13nnvh6FGCunCXsVU_AoQz7-m4o=1713941702; ZGL7A6ZVyMm2RdLtKcZgakAAfN8=1714028102; 7d2d_7XcIKMDJEH1m8mEtPGMQKo=738TBseHr8M9mZUqDD6OP2VuQx8; 9Oq5puCaQZQjsMNsOcVpZmjVS98=RSLbUAbgvedFBMUVPAapjSAsY5w; 0GLeU8OftatpALL5I2tJE-OGy0c=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; uI-TCG88uToRFqgHeij0suPAGwM=1713941701; -jHIcnTmqpJT6nfe9BibSSvisL0=1714028101; pgKmnf7qZlxFRCXQcLcDox9VkeQ=0BqkjqCSDUug5GC7k4-KhyRBbtQ; YS-i2ezew0D86nFiDxhlcigK9ek=3YpvXIkpttO3YJXpjkd_7srJ1Eg
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Wed, 24 Apr 2024 06:55:03 GMT
content-type: text/html
x-content-type-options: nosniff, nosniff
x-xss-protection: 1; mode=block, 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2FI7JYJRh3wqBF9Aj0nFqH0MUYnOMoLTk5QaZqqtkxT6bvrpBFCLKR7wki3nN5Aardp7MpCgESERK%2B9o3m3jJ2OkEpvhIrrK21NdWQLbOrDxd1IIP8K71dye5KbGdkJVpU1rSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942f7b4c9a56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lknfjahjshjhd.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js | 188.114.96.1 | 200 OK | 7.8 kB |
URL GET HTTP/3lknfjahjshjhd.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js IP188.114.96.1:443
Requested byhttps://lknfjahjshjhd.net/yasonda93883/w.html#google@google.com CertificateIssuerGoogle Trust Services LLC Subjectlknfjahjshjhd.net Fingerprint3D:35:E5:10:CD:61:53:E6:57:43:F4:FC:3D:AF:B1:3A:65:D9:39:53 ValidityTue, 23 Apr 2024 12:18:49 GMT - Mon, 22 Jul 2024 12:18:48 GMT
File typeJavaScript source, ASCII text, with very long lines (7828), with no line terminators Hashe5118843e2bce9f25d4ef28eaea8ab2a 225c5fa33841c2f8324895e51dc15135ed44a0be 76724d8a7fd93fb3a460517c620f9f63db433638b1dcdca0b16ab47fe5393bf6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: lknfjahjshjhd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: C2hEBTDX1Os1H4NpJoEg8ZBXIUQ=IlqxZFB0f-X8GveNq_pTIK3SK74; gWgMsxuUY1R9x7L1YoxsqzL_QFU=1713941671; 49ehPVBhik9mwJvew7KkeuuWdg8=1714028071; zqMUwvcNCGjKwly0WLcSaJxAX5g=tOc42CfHLWcVFYrrSJzBDDuRTjs; p9P-kWOLXragU-fx7Cz7vbFz7kk=lkLPZiL_UVgRTxwDers97UXe5XU; 1x3Lop6fqmPO7cYUM6RVVOCyoVU=xGvcNAUiktZj2YWAIWEVXrdZ9fc; 13nnvh6FGCunCXsVU_AoQz7-m4o=1713941702; ZGL7A6ZVyMm2RdLtKcZgakAAfN8=1714028102; 7d2d_7XcIKMDJEH1m8mEtPGMQKo=738TBseHr8M9mZUqDD6OP2VuQx8; 9Oq5puCaQZQjsMNsOcVpZmjVS98=RSLbUAbgvedFBMUVPAapjSAsY5w; 0GLeU8OftatpALL5I2tJE-OGy0c=RlMmlDqDAXMD2-sDZQQTD_9Mt2w; uI-TCG88uToRFqgHeij0suPAGwM=1713941701; -jHIcnTmqpJT6nfe9BibSSvisL0=1714028101; pgKmnf7qZlxFRCXQcLcDox9VkeQ=0BqkjqCSDUug5GC7k4-KhyRBbtQ; YS-i2ezew0D86nFiDxhlcigK9ek=3YpvXIkpttO3YJXpjkd_7srJ1Eg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:55:03 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VGZYLeZIjSQqhrmL2QrBWw%2BMLLeBfLQ4mreyHEhhZQLD2Br1a4JzwV8dw3Dk3dnH%2BEkNhk1z8PZEV81v5SuUnRf1QkKly7446yOx2qoXifdLyN1p7XsNjXmnfPSYfqUpIqpvYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942f7c6d9356bf-OSL
alt-svc: h3=":443"; ma=86400
|
|