Report - cowboy2u4me.me/

Report Overview

Submitted URL
cowboy2u4me.me/
IP
188.42.218.242
ASN
#7979 SERVERS-COM
Submitted
2024-05-07 07:48:13
Access
public
Website Title
#1 Game
Final URL
cowboy2u4me.me/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
86

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-06	2.4 kB	648 kB	142.250.74.99
127.0.0.1:3128	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:8332	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:5938	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:3479	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:9785	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:3000	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:23399	unknown	unknown	No data	No data	385 B	0 B	0.0.0.0
127.0.0.1:8530	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:1080	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
dusunkerntor.com	unknown	unknown	No data	No data	8.3 kB	40 kB	188.42.218.242
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	1.0 kB	33 kB	142.250.74.163
127.0.0.1:6379	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:9050	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
static.informereng.com	unknown	2018-03-23	2018-06-23	2023-08-11	2.5 kB	0 B	0.0.0.0
127.0.0.1:8333	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:5601	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:9150	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:5037	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:5242	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:1194	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-06	430 B	34 kB	142.250.74.138
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20	2024-05-07	427 B	789 B	142.250.74.130
127.0.0.1:2376	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
127.0.0.1:11211	unknown	unknown	No data	No data	385 B	0 B	0.0.0.0
cowboy2u4me.me	unknown	2018-09-27	2018-12-17	2024-02-27	3.3 kB	12 kB	188.42.218.242
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-05	421 B	743 B	139.45.195.8
127.0.0.1:15672	unknown	unknown	No data	No data	385 B	0 B	0.0.0.0
127.0.0.1:3306	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	6.4 kB	105 kB	142.250.74.164
127.0.0.1:9000	unknown	unknown	No data	No data	384 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	informereng.com	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-07	medium	dusunkerntor.com	Sinkholed
2024-05-07	medium	informereng.com	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-07	medium	informereng.com	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-07	medium	informereng.com	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed
2024-05-07	medium	informereng.com	Sinkholed
2024-05-06	medium	127.0.0.1	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	dusunkerntor.com/pjs/page.js?ver=2.0.0	85 kB	2024-05-07	2024-05-07
Pretty URL dusunkerntor.com/pjs/page.js?ver=2.0.0 IP 188.42.218.242 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 09:48:20 Last Seen2024-05-07 09:48:20 Times Seen2 Hash beed7932cddfcbdd66b42c2991a7dbb7 48b87d9830c8975a3491dac9f61f482287036a8a 8c41eadd121b5efdf70b99e1dcb37929d483c1b0ff5fff67a0c2cfee9b8716ce Loading...

	unknown	37 B	2023-04-11	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-19 16:43:13 Times Seen238122 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	unknown	79 B	2023-04-11	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-05-19 16:32:21 Times Seen126638 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	cowboy2u4me.me/	0 B	2023-03-07	2024-05-19
Pretty URL cowboy2u4me.me/ IP 188.42.218.242 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 16:44:09 Times Seen37834454 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	96 kB	2023-03-07	2024-05-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-19 14:50:32 Times Seen48070 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	cowboy2u4me.me/	0 B	2023-03-07	2024-05-19
Pretty URL cowboy2u4me.me/ IP 188.42.218.242 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 16:44:09 Times Seen37834454 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p	69 B	2023-03-07	2024-05-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-19 16:33:21 Times Seen102544 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js	518 kB	2024-04-24	2024-05-15
Pretty URL www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 09:18:30 Last Seen2024-05-15 19:10:18 Times Seen9003 Hash e2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b Loading...

	www.google.com/js/bg/tKcPQSh2okjZHiZ2jIssRExVWo45mlVHOakavsOpwK4.js	18 kB	2024-04-24	2024-05-07
Pretty URL www.google.com/js/bg/tKcPQSh2okjZHiZ2jIssRExVWo45mlVHOakavsOpwK4.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 19:40:38 Last Seen2024-05-07 15:06:47 Times Seen213 Hash 042afc8f6dd96d8a86aca2f6239682fa c2321f6ccc366638b53be030076f7ae3807f9d53 b4a70f412876a248d91e26768c8b2c444c555a8e399a554739a91abec3a9c0ae Loading...

	cowboy2u4me.me/js.js	1.2 kB	2023-03-12	2024-05-18
Pretty URL cowboy2u4me.me/js.js IP 188.42.218.242 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 12:21:54 Last Seen2024-05-18 22:58:40 Times Seen209 Hash 2a1c926b3c304d241b2552921a9ed30c a177f8ee419f53c25c356c4f3515a8f890355ca3 4da5d02b957d4ba45deb5bb6dd01eb6ce256ee3eee2e4d5539c64a407cd246d3 Loading...

	dusunkerntor.com/version.js	57 B	2024-05-07	2024-05-07
Pretty URL dusunkerntor.com/version.js IP 188.42.218.242 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 09:48:20 Last Seen2024-05-07 09:48:20 Times Seen2 Hash 52031aaa15e09c9087ec8ebe1df0832a 6d3fa5cc01097b31633b9a44f9317a63a9812517 4960b4873bc568671688a7c24dc845cd97f517d4c3f4a82a5cf310d254cfadb2 Loading...

	www.google.com/recaptcha/api.js?render=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK	884 B	2024-04-24	2024-05-07
Pretty URL www.google.com/recaptcha/api.js?render=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:37:36 Last Seen2024-05-07 09:48:21 Times Seen30 Hash a97b6ef00683020a9b1e8fde48cb14b2 80cf0504cb35c897509a86ca20d0ac398f2932c2 31409482a916add187b7b2390982ca9035403aec3037ca77613a4b3ca251b2ef Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p	36 kB	2024-05-07	2024-05-07
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 09:48:20 Last Seen2024-05-07 09:48:20 Times Seen1 Hash 2595f980e7c60032ff242972283ab7b3 492e4f32412588f1ca94b1543c55b5f3c7886d2e faa3bbcc7af14be7758297b7088ca725e37bb53042567634f8b6b5347c7fab42 Loading...

		Size	First Seen	Last Seen
	#1 Eval - c6aa52404a51b2e51855d8d812e52238	64 B	2024-04-24	2024-05-07
Pretty Observations First Seen2024-04-24 19:40:38 Last Seen2024-05-07 15:06:47 Times Seen98 Hash c6aa52404a51b2e51855d8d812e52238 ee7ddc1af54c0421f7f2a26cec89ccd499861a25 825319eeb05ed675083102c989076f4a6136a3071919b69534e4851265729308 Loading...

	#2 Eval - e9cbf1bd955ae45c49b12ff0f10e8b5f	22 B	2024-04-24	2024-05-07
Pretty Observations First Seen2024-04-24 19:40:38 Last Seen2024-05-07 15:06:47 Times Seen98 Hash e9cbf1bd955ae45c49b12ff0f10e8b5f d84cffeeaaae2df7c82398665519ae47341c3ede 9a9cf9b3b63538a25fc946dd2c6263d26bcef0706131248a84bfa730c22ab455 Loading...

	#3 Eval - f4e96c45a1557fcf9e34ff8b095ccf3b	24 kB	2024-05-07	2024-05-07
Pretty Observations First Seen2024-05-07 09:48:20 Last Seen2024-05-07 09:48:20 Times Seen1 Hash f4e96c45a1557fcf9e34ff8b095ccf3b 04e9b471f3db1018ba1df5e98e717e6cc64c60ed 43b469aafca41385021aabd97a028377001344511c42da8af53899c606236d74 Loading...

	#4 Eval - e895c824a46c6cedd68c675b509ed95e	22 B	2024-04-24	2024-05-07
Pretty Observations First Seen2024-04-24 19:40:38 Last Seen2024-05-07 15:06:47 Times Seen98 Hash e895c824a46c6cedd68c675b509ed95e bc17e6c6e27c8d6a1af38b76298950679d86b674 c823b057f65a9bc5d37cfad2cdea30a7ac8d536077e7a9f40c00cfc0e560b680 Loading...

HTTP Transactions (71)

URL IP Response Size

cowboy2u4me.me/

188.42.218.242

2.9 kB

URL
cowboy2u4me.me/
IP
188.42.218.242:0
ASN
#7979 SERVERS-COM

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1954)
Size
2.9 kB (2850 bytes)
Hash
eccaa5e8f55dba819456cc0977ac58bd
74974fda6cddffa5795428fea0f49561bba979a6
ea05aae432721dde628bd7f86b676cff450e7a46f8262d9d943a73a82012cced

HTTP Headers

GET / HTTP/1.1
Host: cowboy2u4me.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: ://
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Set-Cookie: __ymmc_sid=943631c2-9440-46f6-9673-cf7c342a9970; Path=/; Domain=cowboy2u4me.me; Expires=Mon, 27 Apr 2026 07:47:28 GMT; Secure; SameSite=None
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:28 GMT
Transfer-Encoding: chunked

cowboy2u4me.me/style.css

188.42.218.242

200 OK

3.1 kB

URL GET HTTP/1.1
cowboy2u4me.me/style.css
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
ASCII text, with very long lines (2134)
Size
3.1 kB (3102 bytes)
Hash
2b9d95ad9bc1aa650f33d3c24e1e39bf
9dfe2e2dee6f307676437bbaa8e6964f47ac1341
4f83ea065b088a2e90b30e3f5e8dda5b97e686d2dd8459409e4a7ba26ecdc7aa

HTTP Headers

GET /style.css HTTP/1.1
Host: cowboy2u4me.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Cookie: __ymmc_sid=943631c2-9440-46f6-9673-cf7c342a9970
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Content-Encoding: gzip
Content-Type: text/css; charset=utf-8
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:28 GMT
Transfer-Encoding: chunked

cowboy2u4me.me/js.js

188.42.218.242

200 OK

1.2 kB

URL GET HTTP/1.1
cowboy2u4me.me/js.js
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
JavaScript source, ASCII text
Size
1.2 kB (1185 bytes)
Hash
2a1c926b3c304d241b2552921a9ed30c
a177f8ee419f53c25c356c4f3515a8f890355ca3
4da5d02b957d4ba45deb5bb6dd01eb6ce256ee3eee2e4d5539c64a407cd246d3

HTTP Headers

GET /js.js HTTP/1.1
Host: cowboy2u4me.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Cookie: __ymmc_sid=943631c2-9440-46f6-9673-cf7c342a9970
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Content-Length: 1185
Content-Type: application/javascript
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:28 GMT

dusunkerntor.com/pjs/page.js?ver=2.0.0

188.42.218.242

200 OK

34 kB

URL GET HTTP/1.1
dusunkerntor.com/pjs/page.js?ver=2.0.0
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33520 bytes)
Hash
beed7932cddfcbdd66b42c2991a7dbb7
48b87d9830c8975a3491dac9f61f482287036a8a
8c41eadd121b5efdf70b99e1dcb37929d483c1b0ff5fff67a0c2cfee9b8716ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pjs/page.js?ver=2.0.0 HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Type: application/javascript
Expires: 0
Pragma: no-cache
Set-Cookie: __ymmc_sid=c470be10-cfb4-4470-ae53-13843dc4da44; Path=/; Domain=dusunkerntor.com; Expires=Mon, 27 Apr 2026 07:47:28 GMT; Secure; SameSite=None
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:28 GMT
Transfer-Encoding: chunked

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.138

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://cowboy2u4me.me/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 19:54:46 GMT
expires: Fri, 02 May 2025 19:54:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 388380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dusunkerntor.com/version.js

188.42.218.242

200 OK

57 B

URL GET HTTP/1.1
dusunkerntor.com/version.js
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
ASCII text, with no line terminators
Size
57 B (57 bytes)
Hash
52031aaa15e09c9087ec8ebe1df0832a
6d3fa5cc01097b31633b9a44f9317a63a9812517
4960b4873bc568671688a7c24dc845cd97f517d4c3f4a82a5cf310d254cfadb2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /version.js HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Cookie: __ymmc_sid=c470be10-cfb4-4470-ae53-13843dc4da44
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Cache-Control: private, max-age=63072000
Content-Length: 57
Content-Type: application/javascript
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:28 GMT

dusunkerntor.com/ws

188.42.218.242

0 B

URL
dusunkerntor.com/ws
IP
188.42.218.242:0
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ws HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://cowboy2u4me.me
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0jJY9B3dja3ZI/tpJjhXEg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: __ymmc_sid=c470be10-cfb4-4470-ae53-13843dc4da44
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: sXf/oBJPIqZTRRnLu4AXY0hJhPo=

dusunkerntor.com/pix.jpg

188.42.218.242

200 OK

0 B

URL OPTIONS HTTP/1.1
dusunkerntor.com/pix.jpg
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /pix.jpg HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://cowboy2u4me.me/
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Date: Tue, 07 May 2024 07:47:29 GMT
Content-Length: 0

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
1bc0e8539d92284f8365b732aa8424c4
0b0304ef0d20c1936a057e0a4f8b0eef365881b7
3b6cfb6bf33049faa964ba2fb71c460ef79ede8756b2d1d3e427dd9f2791edd3

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 07:47:46 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://cowboy2u4me.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=08005599d4f04b81f511a5c4f59b1399; expires=Wed, 07 May 2025 07:47:46 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

dusunkerntor.com/pix.jpg

188.42.218.242

200 OK

309 B

URL OPTIONS HTTP/1.1
dusunkerntor.com/pix.jpg
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1x1, components 3
Size
309 B (309 bytes)
Hash
593e2391d469398a04b4d315e5793341
d927f20b6e9371dd0d3b8b8ff444fbd816c19a1d
a61d8687f980bf5ef71b178b270a9713c0bb745b73dd56fed208c103d99af846

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pix.jpg HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Cookie: __ymmc_sid=c470be10-cfb4-4470-ae53-13843dc4da44
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Access-Control-Expose-Headers: ETag
Cache-Control: private, must-revalidate, proxy-revalidate
Content-Length: 309
Content-Type: image/jpeg
Etag: ef565545-6d4d-48a1-bc68-d440bcda7f14
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:29 GMT

cowboy2u4me.me/img/line-black.png

188.42.218.242

404 Not Found

19 B

URL GET HTTP/1.1
cowboy2u4me.me/img/line-black.png
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
ASCII text
Size
19 B (19 bytes)
Hash
595e88012a6521aae3e12cbebe76eb9e
da3968197e7bf67aa45a77515b52ba2710c5fc34
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793

HTTP Headers

GET /img/line-black.png HTTP/1.1
Host: cowboy2u4me.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/style.css
Cookie: __ymmc_sid=943631c2-9440-46f6-9673-cf7c342a9970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Date: Tue, 07 May 2024 07:47:29 GMT
Content-Length: 19

cowboy2u4me.me/btn-yes.png

188.42.218.242

200 OK

1.1 kB

URL GET HTTP/1.1
cowboy2u4me.me/btn-yes.png
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
PNG image data, 111 x 48, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1057 bytes)
Hash
c8ab3a74d4f0dd68e8cc6c03b08aa41f
de344cd57ff61ccca72561ecd1afe357e55af983
6405c59e88f6280f32fd479796ee3f5db4c39ee97ad19810e9d801d20b2ccb12

HTTP Headers

GET /btn-yes.png HTTP/1.1
Host: cowboy2u4me.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/style.css
Cookie: __ymmc_sid=943631c2-9440-46f6-9673-cf7c342a9970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Content-Length: 1057
Content-Type: image/png
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:29 GMT

cowboy2u4me.me/btn-no.png

188.42.218.242

200 OK

1.1 kB

URL GET HTTP/1.1
cowboy2u4me.me/btn-no.png
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
PNG image data, 111 x 48, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1091 bytes)
Hash
f2585a6bc1703774b5a5f6e735fda447
70128ff9a72ced123a3aa94b6d70808784a10822
54a768a8865908167885f2c296735fdbe6b8671e98f2b3a4902d575101574cfd

HTTP Headers

GET /btn-no.png HTTP/1.1
Host: cowboy2u4me.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/style.css
Cookie: __ymmc_sid=943631c2-9440-46f6-9673-cf7c342a9970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Content-Length: 1091
Content-Type: image/png
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:29 GMT

dusunkerntor.com/ir/add

188.42.218.242

200 OK

0 B

URL POST HTTP/1.1
dusunkerntor.com/ir/add
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /ir/add HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cowboy2u4me.me/
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Date: Tue, 07 May 2024 07:47:29 GMT
Content-Length: 0

dusunkerntor.com/etag

188.42.218.242

200 OK

0 B

URL OPTIONS HTTP/1.1
dusunkerntor.com/etag
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /etag HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cowboy2u4me.me/
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Date: Tue, 07 May 2024 07:47:29 GMT
Content-Length: 0

dusunkerntor.com/ir/add

188.42.218.242

200 OK

12 B

URL POST HTTP/1.1
dusunkerntor.com/ir/add
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
59d347cfa943819ca1624f08ef2b5f92
98977b246ab47a0a734afcf36161ce802272d522
97600f16fe220f9ead1bd47848b522981eef872e000fa5883379ceb5a839ca91

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /ir/add HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 92
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Cookie: __ymmc_sid=c470be10-cfb4-4470-ae53-13843dc4da44
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Content-Length: 12
Content-Type: application/json
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:29 GMT

dusunkerntor.com/log/add

188.42.218.242

200 OK

0 B

URL POST HTTP/1.1
dusunkerntor.com/log/add
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /log/add HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cowboy2u4me.me/
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Date: Tue, 07 May 2024 07:47:29 GMT
Content-Length: 0

dusunkerntor.com/etag

188.42.218.242

200 OK

12 B

URL OPTIONS HTTP/1.1
dusunkerntor.com/etag
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
59d347cfa943819ca1624f08ef2b5f92
98977b246ab47a0a734afcf36161ce802272d522
97600f16fe220f9ead1bd47848b522981eef872e000fa5883379ceb5a839ca91

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /etag HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 113
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Cookie: __ymmc_sid=c470be10-cfb4-4470-ae53-13843dc4da44
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Content-Length: 12
Content-Type: application/json
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:29 GMT

dusunkerntor.com/log/add

188.42.218.242

200 OK

12 B

URL POST HTTP/1.1
dusunkerntor.com/log/add
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
59d347cfa943819ca1624f08ef2b5f92
98977b246ab47a0a734afcf36161ce802272d522
97600f16fe220f9ead1bd47848b522981eef872e000fa5883379ceb5a839ca91

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 17766
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Cookie: __ymmc_sid=c470be10-cfb4-4470-ae53-13843dc4da44
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Content-Length: 12
Content-Type: application/json
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:29 GMT

www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

142.250.74.164

200 OK

6.0 kB

URL GET HTTP/3
www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://cowboy2u4me.me/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
PNG image data, 272 x 92, 8-bit/color RGBA, non-interlaced
Size
6.0 kB (5969 bytes)
Hash
8f9327db2597fa57d2f42b4a6c5a9855
1737d3dfb411c07b86ed8bd30f5987a4dc397cc1
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

HTTP Headers

GET /images/branding/googlelogo/1x/googlelogo_color_272x92dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 5969
date: Tue, 07 May 2024 07:47:46 GMT
expires: Tue, 07 May 2024 07:47:46 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

142.250.74.164

200 OK

5.1 kB

URL GET HTTP/3
www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://cowboy2u4me.me/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
PNG image data, 240 x 88, 8-bit/color RGBA, non-interlaced
Size
5.1 kB (5087 bytes)
Hash
8d2b7f3d00f50b8aebb7d1c002c64ca1
b3d5a78c18020868d322a0ac54c9d8e45a59a3b3
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

HTTP Headers

GET /images/branding/googlelogo/2x/googlelogo_color_120x44dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 5087
date: Tue, 07 May 2024 07:47:46 GMT
expires: Tue, 07 May 2024 07:47:46 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

142.250.74.164

14 kB

URL
www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
IP
142.250.74.164:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
PNG image data, 544 x 184, 8-bit/color RGBA, non-interlaced
Size
14 kB (13504 bytes)
Hash
80fa4bcab0351fdccb69c66fb55dcd00
26f471f6ebe3b11557506f6ae96156e0a3852e5b
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

HTTP Headers

GET /images/branding/googlelogo/2x/googlelogo_color_272x92dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 13504
date: Tue, 07 May 2024 07:47:46 GMT
expires: Tue, 07 May 2024 07:47:46 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

142.250.74.164

200 OK

7.0 kB

URL GET HTTP/3
www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://cowboy2u4me.me/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
PNG image data, 320 x 112, 8-bit/color RGBA, non-interlaced
Size
7.0 kB (7048 bytes)
Hash
d6b993cd3a71d84e8dd51dc9bf01f537
41f57a52be2447b7b4ee458887e860a702150396
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

HTTP Headers

GET /images/branding/googlelogo/2x/googlelogo_color_160x56dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7048
date: Tue, 07 May 2024 07:47:46 GMT
expires: Tue, 07 May 2024 07:47:46 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

142.250.74.164

200 OK

3.9 kB

URL GET HTTP/3
www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://cowboy2u4me.me/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
PNG image data, 180 x 80, 8-bit/color RGBA, non-interlaced
Size
3.9 kB (3934 bytes)
Hash
c198051c3b22e6fa2e26712e855da980
6cac1226aff75d94809534c373f43a28253879da
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

HTTP Headers

GET /images/branding/googlelogo/2x/googlelogo_color_90x40dp.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-type: image/png
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3934
date: Tue, 07 May 2024 07:47:46 GMT
expires: Tue, 07 May 2024 07:47:46 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cowboy2u4me.me/favicon.ico

188.42.218.242

404 Not Found

19 B

URL GET HTTP/1.1
cowboy2u4me.me/favicon.ico
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
ASCII text
Size
19 B (19 bytes)
Hash
595e88012a6521aae3e12cbebe76eb9e
da3968197e7bf67aa45a77515b52ba2710c5fc34
b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cowboy2u4me.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Cookie: __ymmc_sid=943631c2-9440-46f6-9673-cf7c342a9970
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Content-Type: text/plain; charset=utf-8
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Date: Tue, 07 May 2024 07:47:29 GMT
Content-Length: 19

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.130

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.130:443
ASN
#15169 GOOGLE

Requested by
https://cowboy2u4me.me/
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:C3:90:43:D3:09:4E:26:62:79:17:6F:1D:33:E5:FA:DF:77:3E:7B
ValidityTue, 16 Apr 2024 03:18:52 GMT - Tue, 09 Jul 2024 03:18:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cowboy2u4me.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Tue, 07 May 2024 07:47:47 GMT
expires: Tue, 07 May 2024 07:47:47 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 16860759472627639665
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51464
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.99

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 06:36:16 GMT
expires: Wed, 07 May 2025 06:36:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 4291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css

142.250.74.99

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
25 kB (24617 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 15:37:51 GMT
expires: Tue, 06 May 2025 15:37:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 58197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.99

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 06:36:16 GMT
expires: Wed, 07 May 2025 06:36:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 4292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 May 2024 18:37:19 GMT
expires: Mon, 05 May 2025 18:37:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 133829
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.99

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 06:36:16 GMT
expires: Wed, 07 May 2025 06:36:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 4292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:22:23 GMT
expires: Sat, 03 May 2025 03:22:23 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 361525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/js/bg/tKcPQSh2okjZHiZ2jIssRExVWo45mlVHOakavsOpwK4.js

142.250.74.164

200 OK

7.4 kB

URL GET HTTP/3
www.google.com/js/bg/tKcPQSh2okjZHiZ2jIssRExVWo45mlVHOakavsOpwK4.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (17650)
Size
7.4 kB (7420 bytes)
Hash
042afc8f6dd96d8a86aca2f6239682fa
c2321f6ccc366638b53be030076f7ae3807f9d53
b4a70f412876a248d91e26768c8b2c444c555a8e399a554739a91abec3a9c0ae

HTTP Headers

GET /js/bg/tKcPQSh2okjZHiZ2jIssRExVWo45mlVHOakavsOpwK4.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7420
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 21:15:36 GMT
expires: Fri, 02 May 2025 21:15:36 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 23 Apr 2024 17:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 383532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.99

2.2 kB

URL
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.99:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:37:29 GMT
expires: Fri, 10 May 2024 00:37:29 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 371419
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m

142.250.74.164

613 B

URL
www.google.com/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m
IP
142.250.74.164:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
gzip compressed data
Size
613 B (613 bytes)
Hash
b1224919439076f58f3ca904fa06c57e
a876ecd2e0e71c10132a8764d12052b6302e8714
3dd1f5a40a7160c34ecf3875dad477ea8f77043ff8713eb61076ddf96047e68c

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 May 2024 07:47:48 GMT
date: Tue, 07 May 2024 07:47:48 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/api2/reload?k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK

142.250.74.164

200 OK

8.7 kB

URL POST HTTP/3
www.google.com/recaptcha/api2/reload?k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
ASCII text, with very long lines (11923)
Size
8.7 kB (8724 bytes)
Hash
a3e697e16316ad5f55f441b94b8f5bf8
aa665ff9fcd6ea6d2c1f8c3522a66c6a7b81c3d6
6dd6c4c31eaab555bb5ef85ac52250e4e2dfce81266eb724ce59e5c91e0d4850

HTTP Headers

POST /recaptcha/api2/reload?k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6654
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Tue, 07 May 2024 07:47:49 GMT
expires: Tue, 07 May 2024 07:47:49 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09ANctrhgYFb2VHkkJ1n32nUYrb7S8c324fDyWFCMcpo3v9_VnwHn1-6sxHT7UfWoxZFqvoRnzU9gsRZ9sD_3WMW4;Path=/recaptcha;Expires=Sun, 03-Nov-2024 07:47:49 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

dusunkerntor.com/r3/add

188.42.218.242

200 OK

0 B

URL POST HTTP/1.1
dusunkerntor.com/r3/add
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /r3/add HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cowboy2u4me.me/
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Date: Tue, 07 May 2024 07:47:31 GMT
Content-Length: 0

dusunkerntor.com/r3/add

188.42.218.242

200 OK

12 B

URL POST HTTP/1.1
dusunkerntor.com/r3/add
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
59d347cfa943819ca1624f08ef2b5f92
98977b246ab47a0a734afcf36161ce802272d522
97600f16fe220f9ead1bd47848b522981eef872e000fa5883379ceb5a839ca91

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /r3/add HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 774
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Cookie: __ymmc_sid=c470be10-cfb4-4470-ae53-13843dc4da44
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Content-Length: 12
Content-Type: application/json
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:31 GMT

dusunkerntor.com/port_check/add

188.42.218.242

200 OK

12 B

URL POST HTTP/1.1
dusunkerntor.com/port_check/add
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
59d347cfa943819ca1624f08ef2b5f92
98977b246ab47a0a734afcf36161ce802272d522
97600f16fe220f9ead1bd47848b522981eef872e000fa5883379ceb5a839ca91

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /port_check/add HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 563
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Cookie: __ymmc_sid=c470be10-cfb4-4470-ae53-13843dc4da44
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://cowboy2u4me.me
Content-Length: 12
Content-Type: application/json
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:35 GMT

dusunkerntor.com/time_visit/add

188.42.218.242

12 B

URL
dusunkerntor.com/time_visit/add
IP
188.42.218.242:0
ASN
#7979 SERVERS-COM

Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
59d347cfa943819ca1624f08ef2b5f92
98977b246ab47a0a734afcf36161ce802272d522
97600f16fe220f9ead1bd47848b522981eef872e000fa5883379ceb5a839ca91

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /time_visit/add HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 78
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Cookie: __ymmc_sid=c470be10-cfb4-4470-ae53-13843dc4da44
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: *
Content-Length: 12
Content-Type: application/json
Vary: Accept-Encoding
Date: Tue, 07 May 2024 07:47:51 GMT

static.informereng.com/contents/s/27/79/71/2c315e5c4a3bf170f42e880a8e/0809531911185.png

0.0.0.0

0 B

URL GET
static.informereng.com/contents/s/27/79/71/2c315e5c4a3bf170f42e880a8e/0809531911185.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /contents/s/27/79/71/2c315e5c4a3bf170f42e880a8e/0809531911185.png HTTP/1.1
Host: static.informereng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:3128/

0.0.0.0

0 B

URL GET
127.0.0.1:3128/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:3128
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:3000/

0.0.0.0

0 B

URL GET
127.0.0.1:3000/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:3000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:2376/

0.0.0.0

0 B

URL GET
127.0.0.1:2376/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:2376
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:3479/

0.0.0.0

0 B

URL GET
127.0.0.1:3479/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:3479
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:6379/

0.0.0.0

0 B

URL GET
127.0.0.1:6379/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:6379
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.google.com/recaptcha/api2/clr?k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK

142.250.74.164

200 OK

0 B

URL POST HTTP/3
www.google.com/recaptcha/api2/clr?k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /recaptcha/api2/clr?k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuf
Content-Length: 1479
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
Cookie: _GRECAPTCHA=09ANctrhgYFb2VHkkJ1n32nUYrb7S8c324fDyWFCMcpo3v9_VnwHn1-6sxHT7UfWoxZFqvoRnzU9gsRZ9sD_3WMW4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/binary
date: Tue, 07 May 2024 07:47:49 GMT
expires: Tue, 07 May 2024 07:47:49 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 0
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

127.0.0.1:11211/

0.0.0.0

0 B

URL GET
127.0.0.1:11211/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:11211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:15672/

0.0.0.0

0 B

URL GET
127.0.0.1:15672/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:15672
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:9000/

0.0.0.0

0 B

URL GET
127.0.0.1:9000/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:9000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:9785/

0.0.0.0

0 B

URL GET
127.0.0.1:9785/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:9785
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p

142.250.74.164

200 OK

45 kB

URL GET HTTP/3
www.google.com/recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://cowboy2u4me.me/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
HTML document, ASCII text, with very long lines (36472)
Size
45 kB (45177 bytes)
Hash
0c19ae6d0ad1a30f8c81e2661f39f522
2129e1f22dd7d155d160e1fa64c47f6d658cede3
b80316e403c3da3077d73d492970fd231c9c9eaa718df04064a1a4e6c564c12e

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK&co=aHR0cHM6Ly9jb3dib3kydTRtZS5tZTo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=iyi6rtsfh95p HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 07 May 2024 07:47:47 GMT
content-security-policy: script-src 'nonce-coYbi2Uw_Bo5fQjuk-Hc8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

dusunkerntor.com/ws

188.42.218.242

101 Switching Protocols

0 B

URL GET HTTP/1.1
dusunkerntor.com/ws
IP
188.42.218.242:443
ASN
#7979 SERVERS-COM

Requested by
https://cowboy2u4me.me/
Certificate
IssuerLet's Encrypt
Subject123clkforpro.me
Fingerprint44:7B:F4:BF:45:EC:0F:A2:FD:2B:E8:E1:DE:11:F2:62:72:A6:46:19
ValidityThu, 11 Apr 2024 17:05:03 GMT - Wed, 10 Jul 2024 17:05:02 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ws HTTP/1.1
Host: dusunkerntor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://cowboy2u4me.me
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0jJY9B3dja3ZI/tpJjhXEg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: __ymmc_sid=c470be10-cfb4-4470-ae53-13843dc4da44
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: sXf/oBJPIqZTRRnLu4AXY0hJhPo=

static.informereng.com/templates/_assets/images/desktop-game-backgrounds/wall-mmporg2.jpg?v=1

0.0.0.0

0 B

URL GET
static.informereng.com/templates/_assets/images/desktop-game-backgrounds/wall-mmporg2.jpg?v=1
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/_assets/images/desktop-game-backgrounds/wall-mmporg2.jpg?v=1 HTTP/1.1
Host: static.informereng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:5037/

0.0.0.0

0 B

URL GET
127.0.0.1:5037/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:5037
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:8333/

0.0.0.0

0 B

URL GET
127.0.0.1:8333/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:8333
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:9050/

0.0.0.0

0 B

URL GET
127.0.0.1:9050/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:9050
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.google.com/recaptcha/api.js?render=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK

142.250.74.164

200 OK

884 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://cowboy2u4me.me/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
JavaScript source, ASCII text, with very long lines (884), with no line terminators
Size
884 B (884 bytes)
Hash
a97b6ef00683020a9b1e8fde48cb14b2
80cf0504cb35c897509a86ca20d0ac398f2932c2
31409482a916add187b7b2390982ca9035403aec3037ca77613a4b3ca251b2ef

HTTP Headers

GET /recaptcha/api.js?render=6LfB7H0UAAAAAD70fik7_Q98TAuO-Gs4VdtpQ3xK HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 07 May 2024 07:47:46 GMT
date: Tue, 07 May 2024 07:47:46 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

127.0.0.1:5601/

0.0.0.0

0 B

URL GET
127.0.0.1:5601/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:5601
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:3306/

0.0.0.0

0 B

URL GET
127.0.0.1:3306/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:3306
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:9150/

0.0.0.0

0 B

URL GET
127.0.0.1:9150/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:9150
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:8530/

0.0.0.0

0 B

URL GET
127.0.0.1:8530/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:8530
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:23399/

0.0.0.0

0 B

URL GET
127.0.0.1:23399/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:23399
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.informereng.com/templates/_assets/images/logo-fon/default.png

0.0.0.0

0 B

URL GET
static.informereng.com/templates/_assets/images/logo-fon/default.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/_assets/images/logo-fon/default.png HTTP/1.1
Host: static.informereng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:5242/

0.0.0.0

0 B

URL GET
127.0.0.1:5242/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:5242
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:8332/

0.0.0.0

0 B

URL GET
127.0.0.1:8332/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:8332
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.informereng.com/templates/_assets/sounds/female-warning/default.mp3

0.0.0.0

0 B

URL GET
static.informereng.com/templates/_assets/sounds/female-warning/default.mp3
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/_assets/sounds/female-warning/default.mp3 HTTP/1.1
Host: static.informereng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:5938/

0.0.0.0

0 B

URL GET
127.0.0.1:5938/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:5938
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:1080/

0.0.0.0

0 B

URL GET
127.0.0.1:1080/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:1080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.informereng.com/templates/_assets/sounds/female-warning/default.mp3

0.0.0.0

0 B

URL GET
static.informereng.com/templates/_assets/sounds/female-warning/default.mp3
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/_assets/sounds/female-warning/default.mp3 HTTP/1.1
Host: static.informereng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://cowboy2u4me.me/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

127.0.0.1:1194/

0.0.0.0

0 B

URL GET
127.0.0.1:1194/
IP
0.0.0.0:0
ASN
#0

Requested by
https://cowboy2u4me.me/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 127.0.0.1:1194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cowboy2u4me.me
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by