Report - discoverylands.com

Report Overview

Submitted URL
discoverylands.com
IP
172.67.198.10
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-07 15:02:37
Access
public
Website Title
Rust Gifts
Final URL
discoverylands.com/#case
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
discoverylands.com	unknown	2021-03-08	2021-03-13	2024-03-23	4.4 kB	351 kB	104.21.68.192
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-06	434 B	29 kB	104.17.25.14
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-07	415 B	114 kB	151.101.2.137
i.imgur.com	5110	2009-01-09	2012-05-21	2024-05-06	2.6 kB	224 kB	151.101.236.193

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	discoverylands.com	Sinkholed
2024-05-07	medium	discoverylands.com	Sinkholed
2024-05-07	medium	discoverylands.com	Sinkholed
2024-05-07	medium	discoverylands.com	Sinkholed
2024-05-07	medium	discoverylands.com	Sinkholed
2024-05-07	medium	discoverylands.com	Sinkholed
2024-05-07	medium	discoverylands.com	Sinkholed
2024-05-07	medium	discoverylands.com	Sinkholed
2024-05-07	medium	discoverylands.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-19 16:02:58 Times Seen99068 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	code.jquery.com/ui/1.11.3/jquery-ui.js	470 kB	2023-03-07	2024-05-19
Pretty URL code.jquery.com/ui/1.11.3/jquery-ui.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:14 Last Seen2024-05-19 06:48:02 Times Seen2945 Hash c811575fd210af968e09caa681917b9b 0bf0ff43044448711b33453388c3a24d99e6cc9c d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e Loading...

	discoverylands.com/	18 kB	2023-03-11	2024-05-07
Pretty URL discoverylands.com/ IP 104.21.68.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 21:16:00 Last Seen2024-05-07 17:02:39 Times Seen4 Hash b66e778fe479fdba46f021857658077b d091220083ffda7cf4081bafd34f30249cfb4524 24a5d4b6a01fd8bb39986a6220bb793e299b2f91ebe7ba8d40201ef71cb506f3 Loading...

	discoverylands.com/7eca4217ccf5b46f791eb3f61dc95c59ccd9a040de63/e2510f0789ec34d466ca2c93b80912dd50f62347185c.js	104 kB	2023-07-09	2024-05-18
Pretty URL discoverylands.com/7eca4217ccf5b46f791eb3f61dc95c59ccd9a040de63/e2510f0789ec34d466ca2c93b80912dd50f62347185c.js IP 104.21.68.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-09 06:59:05 Last Seen2024-05-18 23:12:19 Times Seen165 Hash 074203926eb9a662dd886fab202b0ac6 2d11274820e52fadab57682eb68cb9501cd3bc8a 96e810bc7bf4ca303106a6904bd513aa89eb7e83bd2c66ba4ea9ac57f3b6f5b8 Loading...

	unknown	34 B	2023-04-11	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16:40 Last Seen2024-05-19 16:02:58 Times Seen77671 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

HTTP Transactions (17)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

28 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://discoverylands.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
28 kB (27748 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 15:02:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 586219
expires: Sun, 27 Apr 2025 15:02:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5d8CqCoid6kUdVgbeT9l0%2B6aLRkK6nxWPdbInk9afFxYLY7WTdPCY3ou2Kyh28eUa6BaqIIHC2QXEfQOZQNOIFWZFxG2q0G3P5RNCOJTSD0TMxdj%2Fxc5VLhcshkZmBuWfxWxvzas"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880216c72b53b4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.3/jquery-ui.js

151.101.2.137

200 OK

114 kB

URL GET HTTP/2
code.jquery.com/ui/1.11.3/jquery-ui.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://discoverylands.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (547)
Size
114 kB (113814 bytes)
Hash
c811575fd210af968e09caa681917b9b
0bf0ff43044448711b33453388c3a24d99e6cc9c
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

HTTP Headers

GET /ui/1.11.3/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-72b1e"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 07 May 2024 15:02:04 GMT
age: 17558125
x-served-by: cache-lga21958-LGA, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 2697, 6067
x-timer: S1715094125.692646,VS0,VE0
vary: Accept-Encoding
content-length: 113814
X-Firefox-Spdy: h2

i.imgur.com/Iew2Wsm.png

151.101.236.193

200 OK

4.4 kB

URL GET HTTP/2
i.imgur.com/Iew2Wsm.png
IP
151.101.236.193:443
ASN
#54113 FASTLY

Requested by
https://discoverylands.com/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 1280 x 306, 8-bit colormap, non-interlaced
Size
4.4 kB (4382 bytes)
Hash
d9dbcadb22ae2144441b2aa579a1c858
550e5a62add2875165fab5add218369324e37abb
30331fa84f4365b2860155d92fe7d9e78bcda9f63c6a55316e9b8767a1456e37

HTTP Headers

GET /Iew2Wsm.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Jul 2021 15:13:09 GMT
etag: "d9dbcadb22ae2144441b2aa579a1c858"
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: f7xzX8WZG5FEZ9uJEBiFuNBMzQ6aIQB2CwKpE3Iomm6lYCqo9g8YuA==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 354887
date: Tue, 07 May 2024 15:02:04 GMT
x-served-by: cache-iad-kiad7000076-IAD, cache-osl6523-OSL
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 36, 0
x-timer: S1715094125.672469,VS0,VE91
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 4382
X-Firefox-Spdy: h2

i.imgur.com/rf2U8Jy.png

151.101.236.193

200 OK

4.6 kB

URL GET HTTP/2
i.imgur.com/rf2U8Jy.png
IP
151.101.236.193:443
ASN
#54113 FASTLY

Requested by
https://discoverylands.com/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit colormap, non-interlaced
Size
4.6 kB (4580 bytes)
Hash
413a26c2b3d05eaa9b165df7f16fe028
b987ea097d250735ba36929fc58732585c714a6e
885ba5b6f0b7dbd524a666f86c1e1ba92197657c19d892cfedfac5ec8255150f

HTTP Headers

GET /rf2U8Jy.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Jul 2021 15:16:46 GMT
etag: "413a26c2b3d05eaa9b165df7f16fe028"
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: ipvBZ7X2RgzWFkddZgmHY9E6bX_Qj8zzVpI6v6GYsdnNuvbq1Q78vw==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 19724
date: Tue, 07 May 2024 15:02:04 GMT
x-served-by: cache-iad-kiad7000161-IAD, cache-osl6523-OSL
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 10, 0
x-timer: S1715094125.672345,VS0,VE92
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 4580
X-Firefox-Spdy: h2

i.imgur.com/NG5z6J7.png

151.101.236.193

200 OK

3.8 kB

URL GET HTTP/2
i.imgur.com/NG5z6J7.png
IP
151.101.236.193:443
ASN
#54113 FASTLY

Requested by
https://discoverylands.com/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit colormap, non-interlaced
Size
3.8 kB (3751 bytes)
Hash
ba14ddf7ab51ed3cd0d29a1569ff93c5
4537b60c78ad48c4672f9233457b472820fab735
f32d3a068ac4b076e27dfbc00995ff361bd714f9c39b043939f59733aeb87fce

HTTP Headers

GET /NG5z6J7.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Jul 2021 15:16:30 GMT
etag: "ba14ddf7ab51ed3cd0d29a1569ff93c5"
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: hvhKPkhzZR1h5WpYCXc6YEdlpgCQK6YNzaRO0qerHUPgVtV-W9bOmA==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 607048
date: Tue, 07 May 2024 15:02:04 GMT
x-served-by: cache-iad-kcgs7200064-IAD, cache-osl6523-OSL
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 53, 0
x-timer: S1715094125.672070,VS0,VE117
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 3751
X-Firefox-Spdy: h2

i.imgur.com/oq0wvcH.png

151.101.236.193

200 OK

23 kB

URL GET HTTP/2
i.imgur.com/oq0wvcH.png
IP
151.101.236.193:443
ASN
#54113 FASTLY

Requested by
https://discoverylands.com/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 250 x 250, 8-bit colormap, non-interlaced
Size
23 kB (23076 bytes)
Hash
d178fdafcb91bb85584a1073aacf90b0
36a47d01b1ba1bc189c2fbf597037e3d540b5bd8
6fcf7cd5224d69cb24e4641c438263bf6807ac5e9ded426a2cfb90b3bb12bc84

HTTP Headers

GET /oq0wvcH.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Jul 2021 15:15:56 GMT
etag: "d178fdafcb91bb85584a1073aacf90b0"
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: frklvwJsjm_OEbgH70jA-nSNWn3497-9NPcS307uUqaFKUMvtnJnSA==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 1569260
date: Tue, 07 May 2024 15:02:04 GMT
x-served-by: cache-iad-kcgs7200170-IAD, cache-osl6523-OSL
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 123, 0
x-timer: S1715094125.675760,VS0,VE164
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 23076
X-Firefox-Spdy: h2

i.imgur.com/g2dAJ8g.png

151.101.236.193

200 OK

175 kB

URL GET HTTP/2
i.imgur.com/g2dAJ8g.png
IP
151.101.236.193:443
ASN
#54113 FASTLY

Requested by
https://discoverylands.com/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced
Size
175 kB (174576 bytes)
Hash
c108b7f9bf7fc7367d5f0d424245b199
56df7cbfc7345802da611ac8e65fbebec285f4a0
9df5b7022b6e57a517ede0bfe2d8ba3f670ad90831ffb9fdc29b1e5d261dadfd

HTTP Headers

GET /g2dAJ8g.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Jul 2021 15:12:31 GMT
etag: "c108b7f9bf7fc7367d5f0d424245b199"
x-amz-storage-class: STANDARD_IA
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: t4osqwi83Jqqd5tuYORKpBmk2Iz3EBG1PV4sliYtypKfSLp4nX5jcg==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 354888
date: Tue, 07 May 2024 15:02:05 GMT
x-served-by: cache-iad-kjyo7100112-IAD, cache-osl6523-OSL
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 29, 0
x-timer: S1715094125.974428,VS0,VE93
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 174576
X-Firefox-Spdy: h2

i.imgur.com/zxUmloj.png

151.101.236.193

200 OK

9.2 kB

URL GET HTTP/2
i.imgur.com/zxUmloj.png
IP
151.101.236.193:443
ASN
#54113 FASTLY

Requested by
https://discoverylands.com/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 300 x 300, 8-bit colormap, non-interlaced
Size
9.2 kB (9229 bytes)
Hash
07833fc459d62ef935a093539c9497ec
62cb8bdae90331667c0ce3d9695cd2dbc2e69e1c
9a71ff928b1d532b12502f65216365fe96a0fd5f4878aa57e34e3654e746e7b8

HTTP Headers

GET /zxUmloj.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 08 Jul 2021 15:11:01 GMT
etag: "07833fc459d62ef935a093539c9497ec"
x-amz-cf-pop: JFK50-P6
x-amz-cf-id: UPvkvVUXyhuIHduUw2z_Rvcve0QXPYWQOMmzQWGbDPWV8cloawW6og==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 569645
date: Tue, 07 May 2024 15:02:05 GMT
x-served-by: cache-iad-kcgs7200062-IAD, cache-osl6523-OSL
x-cache: Miss from cloudfront, HIT, MISS
x-cache-hits: 68, 0
x-timer: S1715094126.700116,VS0,VE134
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 9229
X-Firefox-Spdy: h2

discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/6bc9c2fa828a6d36044f963affba28be2becde1fdfb2.css

104.21.68.192

200 OK

3.7 kB

URL GET HTTP/3
discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/6bc9c2fa828a6d36044f963affba28be2becde1fdfb2.css
IP
104.21.68.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://discoverylands.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdiscoverylands.com
Fingerprint11:B2:8D:86:CE:C0:EE:4F:78:08:1A:DC:E3:CD:15:B9:0B:98:0F:46
ValidityFri, 03 May 2024 17:19:25 GMT - Thu, 01 Aug 2024 17:19:24 GMT

File type
gzip compressed data, max speed, from Unix
Size
3.7 kB (3749 bytes)
Hash
3837cace7fe7189f953c79da4fe6a6ea
7ee67324c482b1077ed0e5f90d451d578e33b469
2f783a9018386e11f9dd05bfd0fa185916b9b3e11df34fcee168b76508162f22

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/6bc9c2fa828a6d36044f963affba28be2becde1fdfb2.css HTTP/1.1
Host: discoverylands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 15:02:04 GMT
content-type: text/css
last-modified: Mon, 14 Feb 2022 14:17:52 GMT
etag: W/"620a6490-2965"
x-country-code: NO
x-country-name: Norway
access-control-allow-headers: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FklQw4%2B%2FIlKsLf9uCyi%2FkDrFg%2BZ9tQNAGpbHN%2FtbgckgHQ13JcL6beykBJ5wXMsk5seqPD71QiDolVcSM3DqxmKpwgNyUIhoRKYE%2B4mumW%2Fu2akSyQ4wYH8%2F8hqraPOm0E7ASns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880216c6e99cb51e-OSL
alt-svc: h3=":443"; ma=86400

discoverylands.com/

104.21.68.192

200 OK

98 kB

URL User Request GET HTTP/2
discoverylands.com/
IP
104.21.68.192:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectdiscoverylands.com
Fingerprint11:B2:8D:86:CE:C0:EE:4F:78:08:1A:DC:E3:CD:15:B9:0B:98:0F:46
ValidityFri, 03 May 2024 17:19:25 GMT - Thu, 01 Aug 2024 17:19:24 GMT

File type
HTML document, ASCII text, with very long lines (54753)
Size
98 kB (98453 bytes)
Hash
897c11ab75efaeb8cbc9ed4155e0ce41
c1fb6cac86c7ca996673e028435106621caf8524
a95b6629a47e06c989b429284fdb9ea180db6e25e5501ad7ff23a9ac0b36e1b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: discoverylands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 15:02:04 GMT
content-type: text/html
last-modified: Tue, 19 Mar 2024 20:31:06 GMT
x-country-code: NO
x-country-name: Norway
access-control-allow-headers: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADmWhwzchoYQ7tlYpjLTLLbTqloykorydj9nD50HG2gwvcE2RQmmBm02Jy4oQLu66C4hi9%2F2xkAnr0DeoLBZl5YlkDaYLPs62zorZ8oyt2SEmkYobkLG7hdpMLLX1QoD7ktKJFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880216c43ca71c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/97d01ad4524b0d0216f0c6268e6d6475ac39b2ed0c4f.css

104.21.68.192

200 OK

7.6 kB

URL GET HTTP/3
discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/97d01ad4524b0d0216f0c6268e6d6475ac39b2ed0c4f.css
IP
104.21.68.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://discoverylands.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdiscoverylands.com
Fingerprint11:B2:8D:86:CE:C0:EE:4F:78:08:1A:DC:E3:CD:15:B9:0B:98:0F:46
ValidityFri, 03 May 2024 17:19:25 GMT - Thu, 01 Aug 2024 17:19:24 GMT

File type
gzip compressed data, max speed, from Unix
Size
7.6 kB (7594 bytes)
Hash
0744c955b184a703eb4afba91f8e2085
8f5fc43cfb0f3693859a33b7afeed30ecc737577
257788b5d814dffba6a21b786066081299a5a849b45621448f2e739c7e47db49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/97d01ad4524b0d0216f0c6268e6d6475ac39b2ed0c4f.css HTTP/1.1
Host: discoverylands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 15:02:04 GMT
content-type: text/css
last-modified: Fri, 15 Apr 2022 15:36:03 GMT
etag: W/"625990e3-1722"
x-country-code: NO
x-country-name: Norway
access-control-allow-headers: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MOXaybWpCYwvoaxiqqNxvUFTXuzPFj0cGQV2NsAecnFK%2FGt6N8HzZbEet6rX7jr8f4zf47k2AQSmz1u1bcA3un7tEHoCzULvvuPIA%2B%2FbWeS8VLKbIZLy%2BxgBByWvhHw8lDzXZC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880216c6e99fb51e-OSL
alt-svc: h3=":443"; ma=86400

discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/7aada4e19a0e4f711089a7187fd504d1f81aad556ff9.css

104.21.68.192

200 OK

21 kB

URL GET HTTP/3
discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/7aada4e19a0e4f711089a7187fd504d1f81aad556ff9.css
IP
104.21.68.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://discoverylands.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdiscoverylands.com
Fingerprint11:B2:8D:86:CE:C0:EE:4F:78:08:1A:DC:E3:CD:15:B9:0B:98:0F:46
ValidityFri, 03 May 2024 17:19:25 GMT - Thu, 01 Aug 2024 17:19:24 GMT

File type
assembler source, ASCII text, with very long lines (1679), with CRLF line terminators
Size
21 kB (20749 bytes)
Hash
76b1bdbafa76a16eb077711e0852240f
4eeaffc1d6645d958efdf93b127bd345134bdee0
e72bfd5b2451298de330b65ffbf950c8f830c5d373435f26fce733e1264bef5d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/7aada4e19a0e4f711089a7187fd504d1f81aad556ff9.css HTTP/1.1
Host: discoverylands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 15:02:04 GMT
content-type: text/css
last-modified: Sat, 04 Jun 2022 16:46:02 GMT
etag: W/"629b8c4a-510d"
x-country-code: NO
x-country-name: Norway
access-control-allow-headers: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GR5vxnwOn6GjXtVPU6JBLl%2FXpfmh0DyCYovrGKbiIWILb0jFFp9oNqTF3vfex%2FWf6qcpLnKbiZZcQhrD3w%2BlagT9%2F5Ev61P8AuJMNiTpkpcWP90%2FE4NTdL4w4YAu1l81ykvYTnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880216c6e993b51e-OSL
alt-svc: h3=":443"; ma=86400

discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/f8113e48652d980efd08de56f60c7c74c17a86f00829.css

104.21.68.192

200 OK

77 kB

URL GET HTTP/3
discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/f8113e48652d980efd08de56f60c7c74c17a86f00829.css
IP
104.21.68.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://discoverylands.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdiscoverylands.com
Fingerprint11:B2:8D:86:CE:C0:EE:4F:78:08:1A:DC:E3:CD:15:B9:0B:98:0F:46
ValidityFri, 03 May 2024 17:19:25 GMT - Thu, 01 Aug 2024 17:19:24 GMT

File type
ASCII text, with very long lines (4303), with CRLF line terminators
Size
77 kB (77205 bytes)
Hash
d75bc33f0e1f113e13918a1574bed89e
ce9524469a86d2cf429390d9a2b09151906f16f5
c2815908a70bff8204d9c9dc034dd649f3f560a90112b11ddd5e0e53583bd39c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/f8113e48652d980efd08de56f60c7c74c17a86f00829.css HTTP/1.1
Host: discoverylands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 15:02:04 GMT
content-type: text/css
last-modified: Mon, 14 Feb 2022 14:17:56 GMT
etag: W/"620a6494-12d95"
x-country-code: NO
x-country-name: Norway
access-control-allow-headers: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FihuTzHok0JgroZAz2HOFMRfYC2i13J%2FMZ88Z9VgmiK27noopEfcnMY24ibCRH2avy5U%2FZd%2F0SeEN3e8Dz5xLuMrEgF6lWdVEwwkIcSZcj16g4YjHYiBCiu6VLjrb%2BWPhqcNwjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880216c6e995b51e-OSL
alt-svc: h3=":443"; ma=86400

discoverylands.com/api/js/auth.js?id=e4ad1ff

104.21.68.192

404 Not Found

162 B

URL GET HTTP/3
discoverylands.com/api/js/auth.js?id=e4ad1ff
IP
104.21.68.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://discoverylands.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdiscoverylands.com
Fingerprint11:B2:8D:86:CE:C0:EE:4F:78:08:1A:DC:E3:CD:15:B9:0B:98:0F:46
ValidityFri, 03 May 2024 17:19:25 GMT - Thu, 01 Aug 2024 17:19:24 GMT

File type
HTML document, ASCII text, with no line terminators
Size
162 B (162 bytes)
Hash
2b838659c6ea3bbc1241837a1b44840b
296c38b80b7304bd14e5b6c934fca1c32d687917
a9ac287e62f49a385bf05052b658eea54ad6811b368db66f58b581a61435c9ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/js/auth.js?id=e4ad1ff HTTP/1.1
Host: discoverylands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 07 May 2024 15:02:04 GMT
content-type: text/html
x-country-code: NO
x-country-name: Norway
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CR%2FUvBlp8nj5%2BgS2xg%2F%2Fv0TcjonWrrrXm7wrhIYegJN%2BNlmIGqeOxU3x7%2BItMSh6AqjNQ2zSomSf9Y2lZXxnXHYrO1caUOHieRcnbf3bfNoYK8rkH4qssaUc6icr3AgzgT%2BPtZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880216c6e9a8b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/1b13aa769f8b02d058bd8d61cf4f5b83127ebb9d91ef.css

104.21.68.192

200 OK

12 kB

URL GET HTTP/3
discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/1b13aa769f8b02d058bd8d61cf4f5b83127ebb9d91ef.css
IP
104.21.68.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://discoverylands.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdiscoverylands.com
Fingerprint11:B2:8D:86:CE:C0:EE:4F:78:08:1A:DC:E3:CD:15:B9:0B:98:0F:46
ValidityFri, 03 May 2024 17:19:25 GMT - Thu, 01 Aug 2024 17:19:24 GMT

File type
ASCII text, with CRLF line terminators
Size
12 kB (11972 bytes)
Hash
dacb80dabfaebd8b5c696ca29bddd59e
d10bdeb6162bb0591b13799eac711d320958d1c5
6a13129c52b4af929efe3e1fddeceb315a4f8038ad01c469f8d45d5c19483ac9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/1b13aa769f8b02d058bd8d61cf4f5b83127ebb9d91ef.css HTTP/1.1
Host: discoverylands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 15:02:04 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 15:47:18 GMT
etag: W/"64873e06-2ec4"
x-country-code: NO
x-country-name: Norway
access-control-allow-headers: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jwOT3wo0Fy93u4Ip%2FIjEeXLKwxCpCtkf1JFfhKRpeV87ZMrpMC7A5IK6N%2B5xVLCH81VKYsCAAhu3aN%2Bz2%2BIxJD1WJnMx6cEKNTBXVnpjNrIM5gRsR7yFA9xtKhwleEIIaT1n0zI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880216c6e999b51e-OSL
alt-svc: h3=":443"; ma=86400

discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/7803ec0dc5c72d42db9e7b527cb1375a68833a346f70.css

104.21.68.192

200 OK

20 kB

URL GET HTTP/3
discoverylands.com/3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/7803ec0dc5c72d42db9e7b527cb1375a68833a346f70.css
IP
104.21.68.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://discoverylands.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdiscoverylands.com
Fingerprint11:B2:8D:86:CE:C0:EE:4F:78:08:1A:DC:E3:CD:15:B9:0B:98:0F:46
ValidityFri, 03 May 2024 17:19:25 GMT - Thu, 01 Aug 2024 17:19:24 GMT

File type
ASCII text, with very long lines (1188)
Size
20 kB (19982 bytes)
Hash
2727c215f1b26015043511e9735a46f7
7d1dc9acca9b896d0e880973e33e339188fab602
dbdcded3c4261a3c9d79cb3cf9e641744ad1f2db504690f3a1a06f6b3893dda4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /3aa9a9b7bddcb3d8e3e65eb42157c15cd2eabb59a378/7803ec0dc5c72d42db9e7b527cb1375a68833a346f70.css HTTP/1.1
Host: discoverylands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 15:02:04 GMT
content-type: text/css
last-modified: Mon, 14 Feb 2022 14:17:57 GMT
etag: W/"620a6495-4e0e"
x-country-code: NO
x-country-name: Norway
access-control-allow-headers: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=etq4ddPuH4ggakQTF7aPgG6xSJcvnW%2FEZ9%2Blq0ca62HnvPihi588w%2F548qGvGLfQARK%2FqxqMnYmzxnU9xREAKoF4qoMjrOm4o9k%2FX8%2BW%2FZWUnMsTeUFIJfNofgw%2Fs0v3QXw4dyk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880216c6e996b51e-OSL
alt-svc: h3=":443"; ma=86400

discoverylands.com/7eca4217ccf5b46f791eb3f61dc95c59ccd9a040de63/e2510f0789ec34d466ca2c93b80912dd50f62347185c.js

104.21.68.192

200 OK

104 kB

URL GET HTTP/3
discoverylands.com/7eca4217ccf5b46f791eb3f61dc95c59ccd9a040de63/e2510f0789ec34d466ca2c93b80912dd50f62347185c.js
IP
104.21.68.192:443
ASN
#13335 CLOUDFLARENET

Requested by
https://discoverylands.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectdiscoverylands.com
Fingerprint11:B2:8D:86:CE:C0:EE:4F:78:08:1A:DC:E3:CD:15:B9:0B:98:0F:46
ValidityFri, 03 May 2024 17:19:25 GMT - Thu, 01 Aug 2024 17:19:24 GMT

File type

Size
104 kB (104462 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /7eca4217ccf5b46f791eb3f61dc95c59ccd9a040de63/e2510f0789ec34d466ca2c93b80912dd50f62347185c.js HTTP/1.1
Host: discoverylands.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://discoverylands.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 15:02:04 GMT
content-type: application/javascript
last-modified: Thu, 08 Jun 2023 16:13:01 GMT
etag: W/"6481fe0d-1980e"
x-country-code: NO
x-country-name: Norway
access-control-allow-headers: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mp7LJXtxOV2YVogkrLj0LOxY5rCfE6bRzgRzqz3uZKpQUs%2FVtF8naTqZceHt%2F7qMFvBTPNtJ5JECwwbzyoZyJGAhLXobfsLzXpWeZeE7oKPX8LWGDqDeumqFVMeuyMsuVqVn%2B6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880216c6f9b3b51e-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (17)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN