Report - 4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4

Report Overview

Submitted URL
4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
IP
185.155.184.55
ASN
#5398 AS5398 SA
Submitted
2024-04-26 02:19:48
Access
public
Website Title
Apple iPhone 15 Pro
Final URL
4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
4egkl0x.makejugash.live	unknown	unknown	No data	No data	15 kB	369 kB	185.155.186.25
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-25	438 B	32 kB	142.250.74.138
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-25	450 B	24 kB	151.101.1.229
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	541 B	10 kB	216.58.207.227
jsontdsexit2.com	unknown	2022-05-16	2022-05-16	2024-04-25	463 B	575 B	136.243.216.235

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed
2024-04-26	medium	makejugash.live	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	4egkl0x.makejugash.live/media/mainstream/u.js	24 kB	2024-02-25	2024-05-05
Pretty URL 4egkl0x.makejugash.live/media/mainstream/u.js IP 185.155.184.55 ASN #5398 AS5398 SA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 16:07:16 Last Seen2024-05-05 20:49:58 Times Seen770 Hash 89ed4b592ab506a6fca18e95657dfc4f 179998ad5741d669e75521fb943850a808917924 4ef3a6a1fd10bcf96549fd9a09bde836daea3343523644d1830367edc1f9031b Loading...

	4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4	642 B	2024-04-26	2024-04-26
Pretty URL 4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4 IP 185.155.186.25 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 04:19:54 Last Seen2024-04-26 04:19:54 Times Seen1 Hash 9697f23f50f5f76e9d3a06f4d4697dfa c5261f1335ef33624fbab3c5f49b8eb029499233 1052bc2d57c23ed77e8e45d6bd4af7eb8d9098fdadeeb7c4b4916baa6415984c Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.js	79 kB	2023-03-07	2024-05-05
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2024-05-05 20:49:58 Times Seen15715 Hash a454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c Loading...

	4egkl0x.makejugash.live/media/mainstream/all/ab/1102_3.js	17 kB	2024-02-25	2024-05-05
Pretty URL 4egkl0x.makejugash.live/media/mainstream/all/ab/1102_3.js IP 185.155.184.55 ASN #5398 AS5398 SA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 06:53:39 Last Seen2024-05-05 20:49:58 Times Seen102 Hash a050517d2e76dc353ab4591805bc7e43 a5b1a19c84c5f91dc0bb9beba2b6339269cb3980 05bb3b4c00a768232100b296f15b2087314183a9c4bf1819322b999550348b55 Loading...

	4egkl0x.makejugash.live/media/mainstream/icon.js	3.4 kB	2024-02-25	2024-05-05
Pretty URL 4egkl0x.makejugash.live/media/mainstream/icon.js IP 185.155.184.55 ASN #5398 AS5398 SA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 06:53:39 Last Seen2024-05-05 20:49:58 Times Seen102 Hash bb6b0303bdf4d00f569ea2779560743a f7ad4dbde8c72b2513d1876621113ab9e1b1905e 76258946ee92a601aba0b605b921ab01168534b0987caf446dbbe4c3d3d25fba Loading...

	4egkl0x.makejugash.live/media/mainstream/sound.js	2.6 kB	2024-02-25	2024-05-05
Pretty URL 4egkl0x.makejugash.live/media/mainstream/sound.js IP 185.155.184.55 ASN #5398 AS5398 SA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 06:53:39 Last Seen2024-05-05 20:49:58 Times Seen102 Hash 2832f0ff7ee2b8d871310202ffe7f5f4 9ff1c89b338faebfc1ebd10a72899c98af7165d0 cdd76972e0254fc58c898953ee47888137cf8a596c40d2fd9356a04cfe0ed76a Loading...

	4egkl0x.makejugash.live/media/mainstream/all/ab/2.js	4.5 kB	2024-02-27	2024-05-05
Pretty URL 4egkl0x.makejugash.live/media/mainstream/all/ab/2.js IP 185.155.184.55 ASN #5398 AS5398 SA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-27 23:55:32 Last Seen2024-05-05 20:49:58 Times Seen10 Hash 309154a7108a1a6a726ade3c39649a2c b14969c2a6a1a655c07dce08ecf647c0747554bf 1cac0d3b7e921266710df94ca32c7fe0d43359d71facb97c114e21a7a1b7d907 Loading...

	4egkl0x.makejugash.live/media/mainstream/all/ab/1102_1.js	33 kB	2024-02-25	2024-05-05
Pretty URL 4egkl0x.makejugash.live/media/mainstream/all/ab/1102_1.js IP 185.155.186.25 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-25 06:53:39 Last Seen2024-05-05 20:49:58 Times Seen100 Hash de4af01a50db5454dbc0376dbd439af3 bb026b70a9701a80a580668d7d241c545a06d60d 8cfa2e960c0bf98660286437e4dceaae75c8a094760f6bdb9f088888f1567dbc Loading...

	4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4	159 B	2023-03-07	2024-05-05
Pretty URL 4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4 IP 185.155.186.25 ASN #203639 Teknology SA Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:59 Last Seen2024-05-05 20:49:58 Times Seen3857 Hash 9a1faa7af595fcc37df537d166e60db8 685f77872d79510459078c4874685ab2fa7134ad b22f15ea1331a585549a4f1663ad5767da13c94abf77d4a4785158ddabfbd92e Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-05
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-05 21:46:52 Times Seen141641 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

HTTP Transactions (32)

URL IP Response Size

4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4

185.155.186.25

200 OK

19 kB

URL User Request GET HTTP/1.1
4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
IP
185.155.186.25:443
ASN
#203639 Teknology SA

Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (608), with CRLF line terminators
Size
19 kB (18797 bytes)
Hash
6a3e127a4d05981a050affe03b47a59f
0b62754b4386670a4916732f9ab04e19a5d3806d
99c13b676a6c71244344ea70c21fa21c9cd8fa66963d278b18f721b5c8a16d51

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4 HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: text/html
Content-Length: 18797
Connection: keep-alive
cache-control: private

4egkl0x.makejugash.live/media/mainstream/all/ab/1102_2.css

185.155.186.25

200 OK

8.0 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/1102_2.css
IP
185.155.186.25:443
ASN
#203639 Teknology SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
assembler source, ASCII text
Size
8.0 kB (7969 bytes)
Hash
9a13f3506156bf7084aa380c75fda671
117ab6de499a40abbfe8b7c56a6f40d812f0e309
fe71a9aa3271dd1850f74bbd853f9a9faeda64350652141c2ff6eb4dd8187ad5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/1102_2.css HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: text/css
Content-Length: 7969
Connection: keep-alive
ETag: "9a13f3506156bf7084aa380c75fda671"
Last-Modified: Sun, 11 Feb 2024 15:21:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B2FEAED27F16
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1707664865#782664523/gid:0/gname:root/mode:33188/mtime:1707664865#834664609/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-11T15:21:05.86Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 09:56:44 GMT
expires: Wed, 23 Apr 2025 09:56:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 231757
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

4egkl0x.makejugash.live/media/mainstream/all/ab/1102.css

185.155.186.25

200 OK

22 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/1102.css
IP
185.155.186.25:443
ASN
#203639 Teknology SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
ASCII text, with CRLF line terminators
Size
22 kB (21546 bytes)
Hash
a42af1908408284441961ee5fac7891e
9c4e5d6eea95a03464380779a7ab9764e163f3a9
36a93a8003ab142dc7446633cf75524283582968ce207f8b773be234c4ed5cf6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/1102.css HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: text/css
Content-Length: 21546
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a42af1908408284441961ee5fac7891e"
Last-Modified: Sun, 11 Feb 2024 15:21:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9B20B0252DD0C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1707664865#134663447/gid:0/gname:root/mode:33188/mtime:1707664865#214663580/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-11T15:21:05.24Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.js

151.101.1.229

200 OK

24 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65297)
Size
24 kB (23541 bytes)
Hash
a454220fc07088bf1fdd19313b6bfd50
265a733cb7fbc481fd2510a659a85ad55c93c895
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

HTTP Headers

GET /npm/bootstrap@4.3.1/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.3.1
x-jsd-version-type: version
etag: W/"1332b-JlpzPLf7xIH9JRCmWaha1VyTyJU"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 02:19:21 GMT
age: 10977833
x-served-by: cache-fra-etou8220110-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23541
X-Firefox-Spdy: h2

4egkl0x.makejugash.live/media/mainstream/all/ab/1102_1.js

185.155.186.25

200 OK

33 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/1102_1.js
IP
185.155.186.25:443
ASN
#203639 Teknology SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JavaScript source, ASCII text, with very long lines (32813), with no line terminators
Size
33 kB (32813 bytes)
Hash
de4af01a50db5454dbc0376dbd439af3
bb026b70a9701a80a580668d7d241c545a06d60d
8cfa2e960c0bf98660286437e4dceaae75c8a094760f6bdb9f088888f1567dbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/1102_1.js HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: text/javascript
Content-Length: 32813
Connection: keep-alive
ETag: "de4af01a50db5454dbc0376dbd439af3"
Last-Modified: Sat, 24 Feb 2024 21:14:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B20ACED93499
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708806774#834687386/gid:0/gname:root/mode:33188/mtime:1708809274#191062456/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:34.217Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/icon.js

185.155.184.55

200 OK

3.4 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/icon.js
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JavaScript source, ASCII text, with very long lines (3422), with no line terminators
Size
3.4 kB (3422 bytes)
Hash
bb6b0303bdf4d00f569ea2779560743a
f7ad4dbde8c72b2513d1876621113ab9e1b1905e
76258946ee92a601aba0b605b921ab01168534b0987caf446dbbe4c3d3d25fba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/icon.js HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: text/javascript
Content-Length: 3422
Connection: keep-alive
ETag: "bb6b0303bdf4d00f569ea2779560743a"
Last-Modified: Sat, 24 Feb 2024 21:15:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B20B1587DC8B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708808462#625688214/gid:0/gname:root/mode:33279/mtime:1708809303#535111389/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-24T21:15:03.562Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/sound.js

185.155.184.55

200 OK

2.6 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/sound.js
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JavaScript source, ASCII text, with very long lines (2564), with no line terminators
Size
2.6 kB (2564 bytes)
Hash
2832f0ff7ee2b8d871310202ffe7f5f4
9ff1c89b338faebfc1ebd10a72899c98af7165d0
cdd76972e0254fc58c898953ee47888137cf8a596c40d2fd9356a04cfe0ed76a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/sound.js HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: text/javascript
Content-Length: 2564
Connection: keep-alive
ETag: "2832f0ff7ee2b8d871310202ffe7f5f4"
Last-Modified: Sat, 24 Feb 2024 21:15:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B20AFD8AF8E4
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708809303#743111734/gid:0/gname:root/mode:33279/mtime:1708809303#719111694/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-24T21:15:03.745Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/1102_3.js

185.155.184.55

200 OK

17 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/1102_3.js
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JavaScript source, ASCII text, with very long lines (17374), with no line terminators
Size
17 kB (17374 bytes)
Hash
a050517d2e76dc353ab4591805bc7e43
a5b1a19c84c5f91dc0bb9beba2b6339269cb3980
05bb3b4c00a768232100b296f15b2087314183a9c4bf1819322b999550348b55

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/1102_3.js HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: text/javascript
Content-Length: 17374
Connection: keep-alive
ETag: "a050517d2e76dc353ab4591805bc7e43"
Last-Modified: Sat, 24 Feb 2024 21:14:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B303B2801478
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708806775#246688139/gid:0/gname:root/mode:33188/mtime:1708809274#415062829/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:34.441Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/flag-icon/css/flag-icon.css

185.155.186.25

200 OK

40 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/flag-icon/css/flag-icon.css
IP
185.155.186.25:443
ASN
#203639 Teknology SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
ASCII text, with CRLF line terminators
Size
40 kB (39806 bytes)
Hash
b7a46a018dcd21a4828bae0b04ddcc6c
1d8418d6cc45e5c29e1aab008c18ea633e7730c4
299595fd56aa6a2fcfac34fcf780d33b61785ad96f19485e65a33ead8fd69cbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/flag-icon/css/flag-icon.css HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: text/css
Content-Length: 39806
Connection: keep-alive
ETag: "b7a46a018dcd21a4828bae0b04ddcc6c"
Last-Modified: Wed, 20 Sep 2023 15:24:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B20ADC5F26A7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134508#288021464/gid:0/gname:root/mode:33279/mtime:1655387459#318598233/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:59.318598233Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/u.js

185.155.184.55

200 OK

24 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/u.js
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JavaScript source, ASCII text, with very long lines (24389), with no line terminators
Size
24 kB (24389 bytes)
Hash
89ed4b592ab506a6fca18e95657dfc4f
179998ad5741d669e75521fb943850a808917924
4ef3a6a1fd10bcf96549fd9a09bde836daea3343523644d1830367edc1f9031b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/u.js HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: text/javascript
Content-Length: 24389
Connection: keep-alive
ETag: "89ed4b592ab506a6fca18e95657dfc4f"
Last-Modified: Sun, 25 Feb 2024 11:59:29 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B303B3A7FF73
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708809189#0/gid:0/gname:root/mode:33188/mtime:1708862369#235249424/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-25T11:59:29.279Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/2.js

185.155.184.55

200 OK

4.5 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/2.js
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JavaScript source, ASCII text, with very long lines (4473), with no line terminators
Size
4.5 kB (4473 bytes)
Hash
309154a7108a1a6a726ade3c39649a2c
b14969c2a6a1a655c07dce08ecf647c0747554bf
1cac0d3b7e921266710df94ca32c7fe0d43359d71facb97c114e21a7a1b7d907

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/2.js HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: text/javascript
Content-Length: 4473
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "309154a7108a1a6a726ade3c39649a2c"
Last-Modified: Sat, 24 Feb 2024 21:14:34 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9B303B606F625
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708806775#374688372/gid:0/gname:root/mode:33279/mtime:1708809273#979062101/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-02-24T21:14:34.009Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/box_closed.png

185.155.184.55

200 OK

5.8 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/box_closed.png
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
PNG image data, 258 x 184, 8-bit colormap, non-interlaced
Size
5.8 kB (5836 bytes)
Hash
890d869db1b3d28af588be81685214f2
5375bd0c2c75a6e40168f5561eb4eca993d14505
ea2521add13deb769fb7abee364670a567e7a3dc7b3b4474b5f80510dc593212

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/box_closed.png HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/png
Content-Length: 5836
Connection: keep-alive
ETag: "890d869db1b3d28af588be81685214f2"
Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B20B516C36DB
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223402#7743068/gid:0/gname:root/mode:33279/mtime:1653412322#873050000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:02.87305Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/fr2.jpg

185.155.184.55

200 OK

2.8 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/fr2.jpg
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
Size
2.8 kB (2815 bytes)
Hash
9b63ccbd631923743813e838190cecbf
5c6dd930c81346616e9c641ff41b6f18344c7e76
4ca9130a03f6874bab37d2d52fd4546e3de34ccccbd83aa5b9cb6ed0f923d8b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/fr2.jpg HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/jpeg
Content-Length: 2815
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "9b63ccbd631923743813e838190cecbf"
Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9B20B56EB5A31
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412324#505053000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.505053Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/fr4.jpg

185.155.184.55

200 OK

4.3 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/fr4.jpg
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
Size
4.3 kB (4307 bytes)
Hash
f96150cbbb80ac607b3f264141a7faef
9ed21cb4e5c552f29bc23db55684c945e7582071
f013c5f2d9aedd8072d4bf01749c7dfcbacb80a43d06aa579403adfd8fd21fd3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/fr4.jpg HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/jpeg
Content-Length: 4307
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "f96150cbbb80ac607b3f264141a7faef"
Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9B20B5EDF12A2
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412324#641054000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.641054Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/box_open.png

185.155.186.25

200 OK

2.7 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/box_open.png
IP
185.155.186.25:443
ASN
#203639 Teknology SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
PNG image data, 258 x 185, 8-bit colormap, non-interlaced
Size
2.7 kB (2685 bytes)
Hash
99264bee31a1abde5d0035468e53bbfb
d1f25383b68c3769eb3bdb36783e85c112078054
8da9180789c861b8d0d67d2bca168dfcc6de98f6999ab47400c38397d122157f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/box_open.png HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/png
Content-Length: 2685
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "99264bee31a1abde5d0035468e53bbfb"
Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9B2FECB8160B3
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412322#933050000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:02.93305Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/box-iphone15pro.png

185.155.184.55

200 OK

5.8 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/box-iphone15pro.png
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
PNG image data, 258 x 185, 8-bit colormap, non-interlaced
Size
5.8 kB (5789 bytes)
Hash
f32165874f658a8497f38d204ebb92de
7511015ad482edaa0f024b5c78a7307a5e2e7077
8a623f9360c9544015b526a887ef1d3aeb7daba217fc1567fd0610fdea744792

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/box-iphone15pro.png HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/png
Content-Length: 5789
Connection: keep-alive
ETag: "f32165874f658a8497f38d204ebb92de"
Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B303B9303495
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1696524240#11170449/gid:0/gname:root/mode:33188/mtime:1696524239#959170312/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-10-05T16:43:59.959170312Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/x1.png

185.155.184.55

200 OK

593 B

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/x1.png
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
PNG image data, 258 x 184, 8-bit colormap, non-interlaced
Size
593 B (593 bytes)
Hash
ee850988ed56cd6f2498cae7993a8753
965f9091ca3e7f21f5b8115347227aedc93c586e
0303153a716bc5000d737521c0f6eb517700a1856b8e22ba8c088ec8f06ed8ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/x1.png HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/png
Content-Length: 593
Connection: keep-alive
ETag: "ee850988ed56cd6f2498cae7993a8753"
Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B20B462DA09A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223402#815744886/gid:0/gname:root/mode:33279/mtime:1653412336#881081000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:16.881081Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/fr6.jpg

185.155.186.25

200 OK

2.8 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/fr6.jpg
IP
185.155.186.25:443
ASN
#203639 Teknology SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
Size
2.8 kB (2814 bytes)
Hash
f17d127dfcaa6f94929eedd080276df0
ec801473523b8eb44e123b5634081d2b57715ba6
0108e4d428f408f819f174ae8a5923b4010e80a14fc9872b018c12781e114403

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/fr6.jpg HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/jpeg
Content-Length: 2814
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "f17d127dfcaa6f94929eedd080276df0"
Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9B20B64477C7E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412324#765054000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.765054Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/fr1.jpg

185.155.184.55

200 OK

2.9 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/fr1.jpg
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
Size
2.9 kB (2939 bytes)
Hash
4c88ebf87b0cc26121497de03db7f64a
a1256a5cfcd62223172eb3633659caddff6cf005
28db5edb0fe5e61f42eb8a0d10250a317f3ac840e074ffa761cb953c330f2cf6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/fr1.jpg HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/jpeg
Content-Length: 2939
Connection: keep-alive
ETag: "4c88ebf87b0cc26121497de03db7f64a"
Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B303BB16A0AB
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134509#272024543/gid:0/gname:root/mode:33279/mtime:1653412324#385053000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.385053Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/fr5.jpg

185.155.184.55

200 OK

3.0 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/fr5.jpg
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
Size
3.0 kB (3043 bytes)
Hash
7f103bc91a8084cd154189b5ebb2cf86
375e58c42a8c409bbf111847a1f6798ba6c0d5f5
346139aaec984853288672896d297ded47ac7ee1cb77ca43b63e130952cdd946

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/fr5.jpg HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/jpeg
Content-Length: 3043
Connection: keep-alive
ETag: "7f103bc91a8084cd154189b5ebb2cf86"
Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B303BB24656F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223402#123743329/gid:0/gname:root/mode:33279/mtime:1653412324#705054000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.705054Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/fr3.jpg

185.155.184.55

200 OK

3.6 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/fr3.jpg
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
Size
3.6 kB (3601 bytes)
Hash
c74a5befd416e24626972e88ed65526d
4e8c25553248600cf23c3d6bcec488d986a129f8
53bb570f4465306a78670ecbea911ba0362251d2dc825d9ea0cb5d1c70f413ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/fr3.jpg HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/jpeg
Content-Length: 3601
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c74a5befd416e24626972e88ed65526d"
Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9B303BB7BA4AF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412324#581053000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.581053Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/like.png

185.155.184.55

200 OK

357 B

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/like.png
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
PNG image data, 15 x 14, 8-bit colormap, non-interlaced
Size
357 B (357 bytes)
Hash
17586a0aeb3f7b2aa7fb15a9251fbcd4
6adffad1183c93bc0dc114c89c77365734ec0dd6
8bf8dc3a4b6f7e4fa2a6fa74495c212f37a301311980cbc758050993ed9c07e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/like.png HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/png
Content-Length: 357
Connection: keep-alive
ETag: "17586a0aeb3f7b2aa7fb15a9251fbcd4"
Last-Modified: Wed, 20 Sep 2023 15:23:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B303BD4DF248
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134509#272024543/gid:0/gname:root/mode:33279/mtime:1653412329#505064000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:09.505064Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/l.png

185.155.186.25

200 OK

11 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/l.png
IP
185.155.186.25:443
ASN
#203639 Teknology SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
PNG image data, 768 x 293, 8-bit colormap, non-interlaced
Size
11 kB (11314 bytes)
Hash
3abe055e63c17d1fd7a5598c1924503d
7cc8997b72cda7eb64db973fea07f7c5c3e362e5
65c6b55f035b9973169b8f66625697e50ec57d6ed7f228e345fd77bb7c5c159d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/l.png HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/png
Content-Length: 11314
Connection: keep-alive
ETag: "3abe055e63c17d1fd7a5598c1924503d"
Last-Modified: Wed, 27 Mar 2024 19:21:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B20B212B96BE
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1708806802#566737914/gid:0/gname:root/mode:33188/mtime:1711567299#623963859/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2024-03-27T19:21:39.652Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/fr11.jpg

185.155.184.55

200 OK

3.2 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/fr11.jpg
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3
Size
3.2 kB (3157 bytes)
Hash
752f51c4c387c0ca7f4337acdeec15d6
7f9777f95aececfce6fa930181269cce30a4a059
227cec10c842ba3865d12ed22363f87ca5135b3ac2c72e5ab1a3169c4a2d569c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/fr11.jpg HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/jpeg
Content-Length: 3157
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "752f51c4c387c0ca7f4337acdeec15d6"
Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9B303BD806C3F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843277#847577324/gid:0/gname:root/mode:33279/mtime:1653412324#445053000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:04.445053Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/iphone15pro.png

185.155.184.55

200 OK

112 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/iphone15pro.png
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
PNG image data, 417 x 515, 8-bit colormap, non-interlaced
Size
112 kB (112193 bytes)
Hash
86c9f807fc66133969f63198ac0fe75d
037a01ff739ddadb3a24e964002330176c75c5d2
5cc828750e8d07a70bb34de95a298592868d1bb1eb9d8e61b025779f9f3ddf58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/iphone15pro.png HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/png
Content-Length: 112193
Connection: keep-alive
ETag: "86c9f807fc66133969f63198ac0fe75d"
Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B303BE73B137
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1697145051#486170268/gid:0/gname:root/mode:33188/mtime:1696524240#875172775/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2023-10-05T16:44:00.875172775Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/all/ab/top_red.png

185.155.184.55

200 OK

4.6 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/all/ab/top_red.png
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
PNG image data, 258 x 184, 8-bit colormap, non-interlaced
Size
4.6 kB (4560 bytes)
Hash
a660370feb6a1543c3c872a52f7bcfa7
b9478ed6228e8fb34a393013d474cde8dc400848
9d1eed749548dad4b80b2d7ce32052143bd38773685029d7b60cee82a31840b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/all/ab/top_red.png HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:21 GMT
Content-Type: image/png
Content-Length: 4560
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a660370feb6a1543c3c872a52f7bcfa7"
Last-Modified: Mon, 20 Feb 2023 09:33:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9B303C0B31E3F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843277#855577336/gid:0/gname:root/mode:33279/mtime:1653412335#773078000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-05-24T17:12:15.773078Z
Expires: Sat, 26 Apr 2025 02:19:21 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

216.58.207.227

200 OK

9.1 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9132, version 1.0
Size
9.1 kB (9132 bytes)
Hash
358d3070946a90b4960cd111154fdc12
a0ba0bf47a7f905f9aa1a3ce15a39cdac62466ee
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

HTTP Headers

GET /s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://4egkl0x.makejugash.live
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9132
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 03:10:20 GMT
expires: Fri, 25 Apr 2025 03:10:20 GMT
cache-control: public, max-age=31536000
age: 83342
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jsontdsexit2.com/ExtService.svc/getextparams

136.243.216.235

200 OK

362 B

URL GET HTTP/2
jsontdsexit2.com/ExtService.svc/getextparams
IP
136.243.216.235:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectjsontdsexit2.com
Fingerprint48:31:DD:61:15:18:42:C5:25:8C:3D:8D:29:32:35:54:12:C1:59:1C
ValidityTue, 19 Mar 2024 13:03:39 GMT - Mon, 17 Jun 2024 13:03:38 GMT

File type
JSON text data
Size
362 B (362 bytes)
Hash
21e8196f866ec2a46caf1e2458fce0da
b062c4e59373c46766b67d3ee5b7bc59e5084012
ef8a623b0cc989ff7db8fd733dbb7ecb0570b2ecb5304bca647fbd6653411125

HTTP Headers

GET /ExtService.svc/getextparams HTTP/1.1
Host: jsontdsexit2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://4egkl0x.makejugash.live
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:19:22 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

4egkl0x.makejugash.live/media/mainstream/alert.mp3

185.155.184.55

200 OK

8.8 kB

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/alert.mp3
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
Size
8.8 kB (8802 bytes)
Hash
6d2d3da2ea28ace816fa4a138829dc18
606e0ec3d7fb05c69f16233cfe1ff0a0ee760505
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/alert.mp3 HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:22 GMT
Content-Type: audio/mpeg
Content-Length: 8802
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "6d2d3da2ea28ace816fa4a138829dc18"
Last-Modified: Mon, 20 Feb 2023 09:33:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 17C9B303ED442C6F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843338#351669788/gid:0/gname:root/mode:33279/mtime:1655387452#802583242/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:52.802583242Z
Expires: Sat, 26 Apr 2025 02:19:22 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/media/mainstream/flag-icon/flags/1x1/no.svg

185.155.184.55

200 OK

331 B

URL GET HTTP/1.1
4egkl0x.makejugash.live/media/mainstream/flag-icon/flags/1x1/no.svg
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type
SVG Scalable Vector Graphics image
Size
331 B (331 bytes)
Hash
d748f0d9f64c0ca1a40a0f6ec6bbb746
a76adb95e9ea9a737c72e4640b8d49b9e28cbb38
bdfbd626e4e76d0dc506e10be7dd429e4c4da684986cbd45e5398f1e9e1f28cc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/mainstream/flag-icon/flags/1x1/no.svg HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/media/mainstream/flag-icon/css/flag-icon.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Fri, 26 Apr 2024 02:19:22 GMT
Content-Type: image/svg+xml
Content-Length: 331
Connection: keep-alive
ETag: "d748f0d9f64c0ca1a40a0f6ec6bbb746"
Last-Modified: Wed, 20 Sep 2023 15:24:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 17C9B303F6E39986
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134508#296021489/gid:0/gname:root/mode:33279/mtime:1655387477#774640726/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:51:17.774640726Z
Expires: Sat, 26 Apr 2025 02:19:22 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes

4egkl0x.makejugash.live/favicon.ico

185.155.184.55

204 No Content

0 B

URL GET HTTP/1.1
4egkl0x.makejugash.live/favicon.ico
IP
185.155.184.55:443
ASN
#5398 AS5398 SA

Requested by
https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Certificate
IssuerLet's Encrypt
Subjectmakejugash.live
Fingerprint14:01:44:96:C2:38:FE:2B:1C:D5:A3:12:3B:00:DC:E1:54:B4:36:A8
ValidityThu, 25 Apr 2024 01:04:20 GMT - Wed, 24 Jul 2024 01:04:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 4egkl0x.makejugash.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://4egkl0x.makejugash.live/trynsrya/?f=1&fp=bvc/cyeTqoreLYBUJeHO6w==&o=buxpc2x&sid=t1~h2e45binagdjw44mzzjkohgx&u=x0lkge4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: openresty
Date: Fri, 26 Apr 2024 02:19:22 GMT
Connection: keep-alive

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML