| ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js | 142.250.74.170 | 200 OK | 31 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP142.250.74.170:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:27:35 GMT
expires: Sat, 10 May 2025 02:27:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 16286
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/images/logo.png | 45.141.156.113 | 200 OK | 27 kB |
URL GET HTTP/2goheruds.xyz/2/files/images/logo.png IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typePNG image data, 3613 x 837, 8-bit/color RGBA, non-interlaced Hash6dbd4cf1b21aceda886cbc606941f19f 5027ef4c4fe9edb85caca6825fae724a48b35688 3e59b10052f76fac8fcad3662a9c154806854a8f5f45f2ec4649203712a81793
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /2/files/images/logo.png HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: image/png
content-length: 27222
last-modified: Sat, 04 May 2024 09:56:44 GMT
etag: "6636065c-6a56"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| | 45.141.156.113 | 200 OK | 11 kB |
URL User Request GET HTTP/2IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typegzip compressed data, from Unix Hash27b2e678a982a2ea4d996cf8e5e99a7f eabd66c8f19db15aa23f7f86066efc466094f6bd f16c0d79ecb61284916e67ee94e583e711c55ab1231af2cb09b16c351ff55308
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /2/7.html HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: text/html
last-modified: Sat, 04 May 2024 09:56:43 GMT
vary: Accept-Encoding
etag: W/"6636065b-3b5c"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/images/icon_1.png | 45.141.156.113 | 200 OK | 1.1 kB |
URL GET HTTP/2goheruds.xyz/2/files/images/icon_1.png IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hashd4d69630de198f952456bd95946cff99 63666fc0c400af0789069bcf8fb5ec3092e3c7b5 3bc79b2b43c6496e7be7ea2cc22838c9e14bd7d4ab27d049d8a01a6423607e87
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /2/files/images/icon_1.png HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: image/png
content-length: 1137
last-modified: Sat, 04 May 2024 09:56:44 GMT
etag: "6636065c-471"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/images/icon_2.png | 45.141.156.113 | 200 OK | 2.4 kB |
URL GET HTTP/2goheruds.xyz/2/files/images/icon_2.png IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hashfd22397dfe5d6d7349164ce82847fd53 dcc678c0c3c6d91d88b021081f280377fa65ee01 3c6902c5acb08e21fef1afb46bcf770245b6b942f0613d8063a5032065c4d317
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /2/files/images/icon_2.png HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: image/png
content-length: 2431
last-modified: Sat, 04 May 2024 09:56:44 GMT
etag: "6636065c-97f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/images/together.png | 45.141.156.113 | 200 OK | 13 kB |
URL GET HTTP/2goheruds.xyz/2/files/images/together.png IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typePNG image data, 300 x 69, 8-bit/color RGBA, non-interlaced Hash8d83d6935654a967d1f4ea40514ac20d be33a079fa8c663596aa676a941fe2f90761e752 0775e8b55c2afa00085a61be539d65c123055ace00e957eeee28200859fb8780
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /2/files/images/together.png HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: image/png
content-length: 12762
last-modified: Sat, 04 May 2024 09:56:44 GMT
etag: "6636065c-31da"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/images/atten.png | 45.141.156.113 | 200 OK | 2.5 kB |
URL GET HTTP/2goheruds.xyz/2/files/images/atten.png IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typePNG image data, 100 x 89, 8-bit/color RGBA, non-interlaced Hash73ee5f5a65419cdae683e3ce557667c5 c63479fd67f9bcf0ff867e518ed12dbb223929fb beaf85377ddd403e8beb6772e27ef87608e0da79d09e3080798c339d9b822135
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /2/files/images/atten.png HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: image/png
content-length: 2453
last-modified: Sat, 04 May 2024 09:56:44 GMT
etag: "6636065c-995"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/images/icon_3.png | 45.141.156.113 | 200 OK | 1.0 kB |
URL GET HTTP/2goheruds.xyz/2/files/images/icon_3.png IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typePNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced Hash118f0c5583f13e7f2e42ac3c34d54a4a aca14f746b4889df053494c8fa043f8a4b22a511 746872277e95c813f0720fb138d445af664d09b0e9968bb2dfc453a4f30f75da
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /2/files/images/icon_3.png HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: image/png
content-length: 1010
last-modified: Sat, 04 May 2024 09:56:44 GMT
etag: "6636065c-3f2"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/images/icon_4.png | 45.141.156.113 | 200 OK | 1.3 kB |
URL GET HTTP/2goheruds.xyz/2/files/images/icon_4.png IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typePNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced Hashd4ce6e3f44d5ddcc50f3f1e88107b886 1b1969cff7e88bce4b1196551d6a44bef0ef6dcf 2d21436c30be8369abd4dcbf6b26d1c5d9db2f039c398d5c8aeba3db93d7d7a5
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /2/files/images/icon_4.png HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: image/png
content-length: 1288
last-modified: Sat, 04 May 2024 09:56:44 GMT
etag: "6636065c-508"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/images/action_1.gif | 45.141.156.113 | 200 OK | 69 B |
URL GET HTTP/2goheruds.xyz/2/files/images/action_1.gif IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typeGIF image data, version 89a, 16 x 16 Hash3ae573d079dcd1d2da4086f2c0c72c45 e7c9dabec81379373476ed23168dcecb9b8c56aa 9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /2/files/images/action_1.gif HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: image/gif
content-length: 69
last-modified: Sat, 04 May 2024 09:56:43 GMT
etag: "6636065b-45"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/images/action_2.gif | 45.141.156.113 | 200 OK | 377 B |
URL GET HTTP/2goheruds.xyz/2/files/images/action_2.gif IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typeGIF image data, version 89a, 16 x 16 Hashc10bdec858cb0cf9e6cc5865d5925746 697c095ed5509e5a5af0c5ebf2380662aeffc531 b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /2/files/images/action_2.gif HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: image/gif
content-length: 377
last-modified: Sat, 04 May 2024 09:56:43 GMT
etag: "6636065b-179"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/images/action_3.gif | 45.141.156.113 | 200 OK | 234 B |
URL GET HTTP/2goheruds.xyz/2/files/images/action_3.gif IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typeGIF image data, version 89a, 16 x 16 Hash9ce99ec458daf212f9812a90f3fadd13 9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1 b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /2/files/images/action_3.gif HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: image/gif
content-length: 234
last-modified: Sat, 04 May 2024 09:56:44 GMT
etag: "6636065c-ea"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/script/myjs.js | 45.141.156.113 | 200 OK | 6.7 kB |
URL GET HTTP/2goheruds.xyz/2/files/script/myjs.js IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typegzip compressed data, from Unix Hash783777e6e65749c38b3684578c07bc65 c400914da28a5a860bb6f58f03b3497cef8e50e3 85c14037b7f042bf0ac336cec50bed6a4d927b10cea26470cfa6712fbdceff69
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /2/files/script/myjs.js HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: application/javascript
last-modified: Sat, 04 May 2024 09:56:44 GMT
vary: Accept-Encoding
etag: W/"6636065c-6e92"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goheruds.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 525560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goheruds.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 525560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goheruds.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 525560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goheruds.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 525560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2 | 172.67.142.245 | 200 OK | 77 kB |
URL GET HTTP/2use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2 IP172.67.142.245:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /releases/v4.7.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goheruds.xyz
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 06:59:02 GMT
content-type: application/font-woff2
content-length: 77160
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 42074
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqRcOgIQmUFwUYUV0EHbFc8yCC8BYf4nB1tZJ7W5jhtGf81ZrZhwpNKGujYKzExi3IzVD3rEtwvVtK2fL8no3E1H0jdwxzJ96Tbrm56m%2Bz8dTMrxbYrdY2Rv%2BCWCAMWsk6rKANW%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180b5329f75684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/images/favicon.png | 45.141.156.113 | 200 OK | 8.6 kB |
URL GET HTTP/2goheruds.xyz/2/files/images/favicon.png IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typePNG image data, 100 x 99, 8-bit/color RGBA, non-interlaced Hashc0b2a7a01b35e3f59eeacd4b91763b3c 1f649ec2ccfaca14d173f972da45a445e0471e8e 48f3ab486da957035f63cc1aae2f95219dbaa2de0499fe874c1a386b280ef8ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /2/files/images/favicon.png HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Cookie: GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:02 GMT
content-type: image/png
content-length: 8557
last-modified: Sat, 04 May 2024 09:56:44 GMT
etag: "6636065c-216d"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css | 142.250.74.35 | 200 OK | 4.0 kB |
URL GET HTTP/2www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css IP142.250.74.35:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeASCII text, with very long lines (20367), with no line terminators Hash72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 19:04:03 GMT
expires: Tue, 06 May 2025 19:04:03 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 302099
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqJ0Hz8ni9nrsAXHpntm0qqHgqQCw/m=el_main | 142.250.74.42 | 200 OK | 73 kB |
URL GET HTTP/2translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqJ0Hz8ni9nrsAXHpntm0qqHgqQCw/m=el_main IP142.250.74.42:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (2297) Hashbf47475b5b52d458f577a3413e6643a5 97bc58b845b8be59fb4914a52f22ab23e83e60f1 3a4153a0531933048ae28d84e5426a3d725e89b6d41e6206c03cc5965280d8a4
GET /_/translate_http/_/js/k=translate_http.tr.no.ScQnttr3jIk.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfqJ0Hz8ni9nrsAXHpntm0qqHgqQCw/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 72582
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:15:50 GMT
expires: Fri, 09 May 2025 17:15:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 May 2024 17:11:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 49392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg | 142.250.74.131 | 200 OK | 3.3 kB |
URL GET HTTP/3fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP142.250.74.131:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeSVG Scalable Vector Graphics image Hash2bd5c073a88b83ed74db88282a56ddfb d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650 ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 23:45:27 GMT
expires: Fri, 09 May 2025 23:45:27 GMT
cache-control: public, max-age=31536000
age: 26015
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.35 | 200 OK | 1.8 kB |
URL GET HTTP/3www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.35:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=BgM/d=0/rs=AN8SPfq0d33yBxzMYYqNCamwNK0h9W1I4w/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 16:55:18 GMT
expires: Thu, 08 May 2025 16:55:18 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 137024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback | 142.250.74.42 | | 1.4 kB |
URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP142.250.74.42:0
Hasha3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 10 May 2024 06:59:02 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=514=umUmLg00wdHmxTQ0fjXXipsq5huoWH3g1O9pdTzsvgeb_vW2LHvauPdDnNqxVnQivQu-XauUUCVmc3U3z2oFGHVqUA7__AlVRSQzwU2TJk0PSfq6lksIJAM7-QXeEF7tnWZU8vOj0IhBx0R7E-fDHk8P3uhKxRroeUHt5QhUR2w; expires=Sat, 09-Nov-2024 06:59:02 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Fri, 10 May 2024 06:59:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| threatdetect.org/fonts/?font=aHR0cHM6Ly9nb2hlcnVkcy54eXovMi83Lmh0bWw= | 188.114.96.1 | 200 OK | 15 kB |
URL GET HTTP/2threatdetect.org/fonts/?font=aHR0cHM6Ly9nb2hlcnVkcy54eXovMi83Lmh0bWw= IP188.114.96.1:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subjectthreatdetect.org FingerprintF6:23:B8:9E:08:03:83:36:F4:82:1C:31:29:E6:F5:FC:ED:66:02:14 ValidityThu, 18 Apr 2024 10:28:31 GMT - Wed, 17 Jul 2024 10:28:30 GMT
Hash8f0192624a2564a90da048e507829d86 ab93a737d0acc6588366263c2918673299bd7f4b 9af2cf9ae165da5620ad5aa4c7e5622ec43ddac7e0f2d9f8e1a0be3cb087159f
GET /fonts/?font=aHR0cHM6Ly9nb2hlcnVkcy54eXovMi83Lmh0bWw= HTTP/1.1
Host: threatdetect.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goheruds.xyz
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 06:59:02 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XQRQl108%2Bi5UBSGq8G8Nv%2FnMfyptWHCluVM09HLdJybmExiTiKH3WqTh6gxtRFqUfhUgKqKIL2VsF0Xg0Nn1ZpGKhewEC81Jkeva4SBLpmVD5DLxO46qoMOXRRnvQULh9ZGT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180b524ee01c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.42 | 200 OK | 0 B |
URL POST HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.42:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://goheruds.xyz/
Origin: https://goheruds.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://goheruds.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 10 May 2024 06:59:12 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.42 | 200 OK | 131 B |
URL POST HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.42:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goheruds.xyz/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1183
Origin: https://goheruds.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://goheruds.xyz
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 10 May 2024 06:59:12 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css | 172.67.142.245 | 200 OK | 30 kB |
URL GET HTTP/2use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css IP172.67.142.245:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (30343) Hash36082410df2ef7f83932219089dc1443 7961402d7d01e19387fe609a38454b0bc8c6cca4 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
GET /releases/v4.7.0/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/f182237388.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 06:59:02 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"36082410df2ef7f83932219089dc1443"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 826354
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FTOXHlxvNJHq0OHbU6dWRu2CG7J2ag418nCBbhLfxDJxWsiLpabAaTfo9v7QYfbw1ZLxNuB8AoLBD6uhuHJHp1wNfz1MXctv%2By7IRoSW3CrBmzVJiPRSIyhGkJn%2Fs0ovTt1KkvR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180b5258ca5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| translate.google.com/translate_a/element.js?cb=googleTranslateElementInit | 142.250.74.142 | 200 OK | 89 kB |
URL GET HTTP/2translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP142.250.74.142:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0 ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT
File typeJavaScript source, ASCII text, with very long lines (2064) Hash7d87881970bfeb88e706ac20ffcebdfe f5edafdd2a651f1b3d6569118fa46acaf703d8a7 b6a5be0580975bea06c4f15de1c15226509b00f0286508fd76c4173b1e9a2ba7
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 May 2024 06:59:02 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/f182237388.css | 172.67.142.245 | 200 OK | 1.0 kB |
URL GET HTTP/2use.fontawesome.com/f182237388.css IP172.67.142.245:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (1054), with no line terminators Hash38ab6981f2d275f63d6a5e13e551e2ae fed5822d1194a5965a5012005fa4dafd5be9ae2e b029b512b28b1f42efe25a07a756b0d6bd97a071e0845129c8fae7fe288c18a8
GET /f182237388.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 06:59:02 GMT
content-type: text/css
etag: W/"c34c69a9993e345a33d3899b6f063f04"
last-modified: Fri, 22 Sep 2023 01:40:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 6072
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FafshocYiUlYDlfoLBt2qMsdERiS%2Fn9AVFMDCZJ2qXH6MRHYhNOM%2BxBR50T%2F5uBN%2B5fexso3PB0irPSGk92WstSdM7eDp9y3%2FrzwqLVWh4OrjQxV8HzQpVDl2WQ2BNWZ5%2BBtc%2Bq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180b51e8465684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/styles/default.css | 45.141.156.113 | 200 OK | 8.6 kB |
URL GET HTTP/2goheruds.xyz/2/files/styles/default.css IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typeASCII text, with very long lines (9676), with no line terminators Hash3756cefa618febccfef305d22d11a2a2 e7e08ba24a2e0abab536d1503eedcf16ebb57ab1 49982b36996817bd0df79b3bfeef286e58e109051b1994c2a17051c4a9481ed0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /2/files/styles/default.css HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: text/css
last-modified: Sat, 04 May 2024 09:56:44 GMT
vary: Accept-Encoding
etag: W/"6636065c-216d"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/script/smart.js | 45.141.156.113 | 200 OK | 2.2 kB |
URL GET HTTP/2goheruds.xyz/2/files/script/smart.js IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typeJavaScript source, ASCII text, with very long lines (2304), with no line terminators Hash79218c8e4d6b9589da61b4daddd1d721 c8bdf2b44db9327ac24f0d02e2aa0bfc69097ab5 db4e31aaf6f2022d9cd8c052537ee237b0b69cd49ab27d6d29913bf401b1ea5a
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /2/files/script/smart.js HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: application/javascript
last-modified: Sat, 04 May 2024 09:56:44 GMT
vary: Accept-Encoding
etag: W/"6636065c-896"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| goheruds.xyz/2/files/script/lang.js | 45.141.156.113 | 200 OK | 1.2 kB |
URL GET HTTP/2goheruds.xyz/2/files/script/lang.js IP45.141.156.113:443 ASN#206776 Ophidian Network Limited
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerLet's Encrypt Subjectgoheruds.xyz Fingerprint82:9A:E1:88:4A:53:CF:AA:97:29:95:C3:4A:EA:7A:4D:3D:58:B7:71 ValiditySat, 04 May 2024 08:52:23 GMT - Fri, 02 Aug 2024 08:52:22 GMT
File typeJavaScript source, ASCII text, with very long lines (1223), with no line terminators Hash00d68d5fcbe959205761ae2eb92bda5a e70670eba70fd9428d8ee7d8acacea623bd72d4f 994454fb2f960994c4f0721e63734138eb06498b18f1236e39d4c66de579b054
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /2/files/script/lang.js HTTP/1.1
Host: goheruds.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/2/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 06:59:01 GMT
content-type: application/javascript
last-modified: Sat, 04 May 2024 09:56:44 GMT
vary: Accept-Encoding
etag: W/"6636065c-485"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap | 142.250.74.106 | 200 OK | 35 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap IP142.250.74.106:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1572) Hash182576db773a08b463febf1b07aa0e2f b868a708dae6373057a7732089e6093b67243774 626507f0b1a1d350bed3be0e5776dbcaad507a31356d23ba5ad189c1230a3c59
GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 06:59:01 GMT
date: Fri, 10 May 2024 06:59:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/f182237388.js | 172.67.142.245 | 200 OK | 9.5 kB |
URL GET HTTP/2use.fontawesome.com/f182237388.js IP172.67.142.245:443
Requested byhttps://goheruds.xyz/2/7.html CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (9731), with no line terminators Hash2cacb88151a513dc4eaf4bde78faff7b a4c63129b001af45bd8c1e60a462a87edd9be8e9 2cfdf34668c0492fe9303c1210943aa7f4a5353e4674812bb96c79542802ebf7
GET /f182237388.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goheruds.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 06:59:01 GMT
content-type: text/javascript
etag: W/"642925e489914ab3dd425cb843636667"
last-modified: Fri, 22 Sep 2023 01:40:28 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 6973
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zUsgADZl9LlRzPklmsenNK4eV034xVVBs5qN2QFwY%2BzEZYYtX131FL%2FFMdhwJ9bVrLCZ9Y944v9ykydbqv9mWEJIpOlU8zM15L8Noy3VDgBAz8wGMeMRj%2Fbd5CZrqu5j0AyfmDpa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88180b508e005684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|