| gucehooxyy.info/index_files/Ja-summer-studio10150a.jpeg | 104.21.41.36 | 200 OK | 82 kB |
URL GET HTTP/3gucehooxyy.info/index_files/Ja-summer-studio10150a.jpeg IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 898x842, components 3 Hash29a601051aff91cf1b6394063d8a030c ddb9b9892bff2462459ee445823dd4cf40db4ba8 0cb3380576546783a34541d3299862f409d103f3b24b943997a606d24ad7d9cb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/Ja-summer-studio10150a.jpeg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/jpeg
content-length: 82127
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WrGW%2FixS2OLh175FSkAnT%2FF4aeAHqUDVeA1Ik2tfBiluw3NaF2nmucN6G4cwOnof1hadrlzvAzV4zpYWeFJ81TShrShpeW3jwNGeSm2IgALprVcRL2LHZfp8UtpPIwHalII%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c389bb712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/MAX_0979-2-scaleda-1080x675.jpg | 104.21.41.36 | 200 OK | 130 kB |
URL GET HTTP/3gucehooxyy.info/index_files/MAX_0979-2-scaleda-1080x675.jpg IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 1080x675, components 3 Size130 kB (130125 bytes) Hash0741ef2d1348e362d5fe4c3ee04f4c7a 4addb587f39a0342b3c9137c418233055a76556e 11076be623baf2a05a5715f7dfd6d488cfaf4b8b3d602c00a7dc4bddb431db5c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/MAX_0979-2-scaleda-1080x675.jpg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/jpeg
content-length: 130125
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W1G3SvVnbZMcw6tyIU8ZiC31y0kNTXfWOVQwACbC6AK9KcvCz%2FsIsIXvNkLFAxSC8Ty0hjLhf144JHjD8Ne93vr7AvT0XY61GSbdk8P%2Bp0GXIYW0YJkT23puOkkj3aJdvP0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c399c0712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/CA091031_016-1080x675.jpg | 104.21.41.36 | 200 OK | 114 kB |
URL GET HTTP/3gucehooxyy.info/index_files/CA091031_016-1080x675.jpg IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left, copyright=foto-szczecin], progressive, precision 8, 1080x675, components 3 Size114 kB (114399 bytes) Hash865444eab2618f46ecc9720276a0d1fc caceecfa947887c8e844a11d42ae7f96ba460e5f 42159084c0cc86948bee632b17bf50e8778369eaf18e5f8f258f8f48a44a1b8f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/CA091031_016-1080x675.jpg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/jpeg
content-length: 114399
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tFQH6eT8sSHnCgV7Bh%2BL4Neok%2FQqr9ln%2BiKMu45fLy3f4xDhfSa0JgChERLjCXBeu0EaHFq%2FqEWvotIgSwk%2BkCjPD9vsfqjU6eYoChFExiqYqdecg2XfqEx0%2F%2Fu%2BDhdUkKg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c399c1712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 | 104.21.41.36 | 200 OK | 20 kB |
URL GET HTTP/3gucehooxyy.info/index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 IP104.21.41.36:443
Requested bymoz-nullprincipal:{f928aef9-7f24-41c5-bce4-f4261f8cfbe9}?https://gucehooxyy.info CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (19978), with no line terminators Hashefeb2542712dce8a2c51cf68396e4a05 ac9ce350c598644c7b7f6186aaf0368eb077d396 c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-length: 19978
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=waNWZ0FFTyJ6dObj9rGoqlVEsueh4X0YLTRAm4N1Vsm%2Ff1E%2BSS3LUEOL%2FtJvdAOujlyzaDsGztER69Ls3BI3tlZOQYcyXL5tq23KdVb1lpbsnXeB6oEMuZ8cAzGshqoerCI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1c3b9e7712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| notesfrompoland.com/wp-content/uploads/2023/09/WAM230725_031_3196-980x653.jpg | 104.22.23.84 | 200 OK | 101 kB |
URL GET HTTP/2notesfrompoland.com/wp-content/uploads/2023/09/WAM230725_031_3196-980x653.jpg IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=[*0*]], progressive, precision 8, 980x653, components 3 Size101 kB (101228 bytes) Hash112364111beb8b0b1a29f7da6e72308b 098d8c2f5c1d7516bd2132fe0d113540ce1fbd78 e890317d619b48412ec46ed990bfa552b752a7bc202f016abeb8808d4d00bda3
GET /wp-content/uploads/2023/09/WAM230725_031_3196-980x653.jpg HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/jpeg
content-length: 101228
cf-bgj: imgq:100,h2pri
cf-polished: origSize=151774, status=vary_header_present
etag: "250de-606441d642335"
last-modified: Tue, 26 Sep 2023 14:44:40 GMT
vary: X-Forwarded-Proto,Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 87dbb1c48c0b56ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| notesfrompoland.com/wp-content/uploads/2022/12/MAX_0979-2-scaleda-980x639.jpg | 104.22.23.84 | 200 OK | 111 kB |
URL GET HTTP/2notesfrompoland.com/wp-content/uploads/2022/12/MAX_0979-2-scaleda-980x639.jpg IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 980x639, components 3 Size111 kB (110762 bytes) Hash1098023fb6d6a7665938b062e487801f 37ef2453e56ec8684525015ad0e30013b32fe672 81e3ff01035a592eebc1b0a6483841fa60544a4ffd4c8d5b53bac4f2da95a79a
GET /wp-content/uploads/2022/12/MAX_0979-2-scaleda-980x639.jpg HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/jpeg
content-length: 110762
cf-bgj: imgq:100,h2pri
cf-polished: origSize=139360, status=vary_header_present
etag: "22060-5ef1078e6456c"
last-modified: Mon, 05 Dec 2022 08:28:30 GMT
vary: X-Forwarded-Proto,Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 87dbb1c48c0f56ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| | 104.21.41.36 | 200 OK | 133 kB |
URL User Request GET HTTP/2IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (10368) Size133 kB (133015 bytes) Hashbd2f2183472a398810d32c2cf6e43f44 78a835d0183219fe57375536a80958cb11e44bce b1f329f3b7451c70f9d5a813df13e244c8a5b5c3ab78092ab75bc6d5be816968
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 23:12:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5d4nbaEzzmHPF3a0xHXZ7xaBqd%2BBhdPpilWmM3A93K4n71PSxQ1LP6E3uIfcYc94ugcEz%2BfqekhN62AqOU2jDMWXu7Ru%2BRYNK6Rm4cUDipR5Tif0%2FnqbXb%2Bwxf9LY2DE%2BWw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1c05c895688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| notesfrompoland.com/wp-content/uploads/2023/09/EDPR_Przykona_PO-980x551.jpg | 104.22.23.84 | 200 OK | 128 kB |
URL GET HTTP/2notesfrompoland.com/wp-content/uploads/2023/09/EDPR_Przykona_PO-980x551.jpg IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 75x75, segment length 16, progressive, precision 8, 980x551, components 3 Size128 kB (127528 bytes) Hashc9ccbd6ca742ff0a9f9d186e344de8be 57267d5149906c9788c9f1fbaa959ac1467288ba d67a596b7640e7e15df0df788fa605e796519928e61e8203999e721b91e92438
GET /wp-content/uploads/2023/09/EDPR_Przykona_PO-980x551.jpg HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/jpeg
content-length: 127528
cf-bgj: imgq:100,h2pri
cf-polished: origSize=132515, status=vary_header_present
etag: "205a3-6063f89022600"
last-modified: Tue, 26 Sep 2023 09:16:51 GMT
vary: X-Forwarded-Proto,Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 87dbb1c48c0c56ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| notesfrompoland.com/wp-content/uploads/2022/12/baltic-pipe-project-map-10062019-en.jpg | 104.22.23.84 | 200 OK | 62 kB |
URL GET HTTP/2notesfrompoland.com/wp-content/uploads/2022/12/baltic-pipe-project-map-10062019-en.jpg IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
File typeJPEG image data, progressive, precision 8, 1200x680, components 3 Hash47405403921c30570a0b00c537bc0914 e5b2fcf917341d4b8bc200874fa848444448fe2f cacfe622ad02b218cba9c5c6c944eb1bacb8fe8d64ff6a100dc901b4436b2043
GET /wp-content/uploads/2022/12/baltic-pipe-project-map-10062019-en.jpg HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/jpeg
content-length: 62387
cf-bgj: imgq:100,h2pri
cf-polished: origSize=69363, status=vary_header_present
etag: "10ef3-5ef10179672b3"
last-modified: Mon, 05 Dec 2022 08:01:17 GMT
vary: X-Forwarded-Proto,Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 87dbb1c48c1156ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gucehooxyy.info/index_files/wp-mediaelement.min.js | 104.21.41.36 | 200 OK | 974 B |
URL GET HTTP/3gucehooxyy.info/index_files/wp-mediaelement.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (1107), with no line terminators Hash8a5c9689ae636c452b6808740ba04136 8d2c85d7779d00c12aeb6b55a99443952d9a144e 79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/wp-mediaelement.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2BKXorqG%2FM5JWiGZ3xeMnThTmx9cS2SF%2BGK11PF1ZK199W5IoYolOToiL2eYKQ2DOzmxQasku%2BgXHF5DYaAISkTv%2FMNx4yvkbA5C8cHx1eIWnkel2GENMo3IbBqymR2kJd0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3b9e2712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| consent.cookiebot.com/uc.js?cbid=e71f7eb9-13e9-4499-9dee-747b3bba4048&consentmode-dataredaction=dynamic | 23.218.92.203 | 200 OK | 34 kB |
URL GET HTTP/2consent.cookiebot.com/uc.js?cbid=e71f7eb9-13e9-4499-9dee-747b3bba4048&consentmode-dataredaction=dynamic IP23.218.92.203:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectconsent.cookiebot.com Fingerprint9C:D0:2D:35:87:79:5D:86:02:35:BA:C6:AD:A9:15:00:B1:92:EF:03 ValidityWed, 28 Feb 2024 00:00:00 GMT - Thu, 27 Feb 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65499) Hashefa7232b42c346b1a41e9f1489c6602a 6808e3efcc30292b6708208c9a05550c34adbd0c 6dec01698bd7318ccee3dae6e824f02ff358d309dbe5a97f21b70a726c903421
GET /uc.js?cbid=e71f7eb9-13e9-4499-9dee-747b3bba4048&consentmode-dataredaction=dynamic HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 15 Apr 2024 08:18:48 GMT
accept-ranges: bytes
etag: "9a398f8ad8fda1:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 34251
cache-control: public, max-age=299
expires: Thu, 02 May 2024 23:17:08 GMT
date: Thu, 02 May 2024 23:12:09 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-5PXNNL4D | 142.250.74.168 | 200 OK | 72 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-5PXNNL4D IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (3890) Hash80ef5c66fa25543a34d9b02fdad688b2 6f1d975b519975ddceb005bedb63f824177d825e 2631fc493961c557265f5cb233a21306e4363e630b7283fa7d7426d894acf259
GET /gtm.js?id=GTM-5PXNNL4D HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 May 2024 23:12:09 GMT
expires: Thu, 02 May 2024 23:12:09 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 May 2024 22:28:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gucehooxyy.info/index_files/mediaelement-and-player.min.js | 104.21.41.36 | 200 OK | 39 kB |
URL GET HTTP/3gucehooxyy.info/index_files/mediaelement-and-player.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65266) Hashe53ec3d6e21be78115810135f5e956fe 523892839b88351523e0498ba881c4431197b54e b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/mediaelement-and-player.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QgONpaa5ssgSUOORXydXrWGhq%2BFNQfH0ihhuJndpfYCk1W%2B%2Bd1MyLrU52FkLSYy03T9jNgxtunJnwo%2Blxh99SQTVorsfym7Jb%2BFD9WGc4HDM9NyaVhYbv3e2gi%2FwVnO300M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3b9e0712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/style-static.min.css | 104.21.41.36 | 200 OK | 86 kB |
URL GET HTTP/3gucehooxyy.info/index_files/style-static.min.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (65192) Hashfc5209413ba5559d727da540892fce96 2be81df594cf7a107d7189c5a2bb5900e114e017 fc88a81a336eb3688e71561dc45c60ecda0179b7baea8c51be5b54666e8bb077
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/style-static.min.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pMfgr%2BlfJNC8a29oMKIl4%2Fp7fiHp592enQkWCxnKjGsLfXqLZ%2Fw%2FAURTEuG%2Fa9KEcROfYRzjuz9zYrHwnTF56%2BgFuVUT36r%2BDuqKRLB1VCJdCUgHcSiJK%2BjjCnw1jM5%2Fp54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c37999712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 | 104.21.41.36 | 200 OK | 20 kB |
URL GET HTTP/3gucehooxyy.info/index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 IP104.21.41.36:443
Requested bymoz-nullprincipal:{f928aef9-7f24-41c5-bce4-f4261f8cfbe9}?https://gucehooxyy.info CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (19978), with no line terminators Hashefeb2542712dce8a2c51cf68396e4a05 ac9ce350c598644c7b7f6186aaf0368eb077d396 c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-length: 19978
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ClzybuTYvJR%2BKkQKveXGITH4V014RftXt5kmanVZZVBcJ0nJ5ltoAEmQQaZOETbfqpVIrgwPZdRyYow09hDvZU9fA7CsXosb0mwnJKFl%2FkMsj541YVd5lRUDe%2BtKb5k88tc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1ccde5b712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2 | 104.21.41.36 | 400 Bad Request | 20 kB |
URL GET HTTP/3gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2 IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with very long lines (19978), with CRLF line terminators Hash4b688b03b709eb2d91473bc91389f9db 0083207973511c5c7d8575bbd136b538896ea3b1 f2abd45ae8b1ca4b2e5fb5a405f90988dc0b7d55c2595a8a2580bb9bdbf5b1bc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2 HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7jvLSPGSuUPfcb7lCLGRsAXKHxtUcQczJndezwCf7GDt67mSSXCJfwd%2BRA4PXiXIfw0BUMzyKq5S0FJakM89cNKqKNSrSWoPHqR6qHlpBMqt25qocl%2Fz66uBMPvptwzOf8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c9fd04712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 | 104.21.41.36 | 200 OK | 20 kB |
URL GET HTTP/3gucehooxyy.info/index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 IP104.21.41.36:443
Requested bymoz-nullprincipal:{f928aef9-7f24-41c5-bce4-f4261f8cfbe9}?https://gucehooxyy.info CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (19978), with no line terminators Hashefeb2542712dce8a2c51cf68396e4a05 ac9ce350c598644c7b7f6186aaf0368eb077d396 c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-length: 19978
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UGIbsac3wI%2B9K%2BCxqAxSPTWHN4Pk2QW2L%2B7AhMWO5yjOKS7X4JsosDbwO3sOgLQs%2BlAafJtSac%2BEkzWfprJ%2F4OE0jhjyxI0d8oqWONwrh0D7Zh4vT92rIUHVm%2FQN2FUIJ%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1ccee61712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 | 104.21.41.36 | 400 Bad Request | 31 kB |
URL GET HTTP/3gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hash031d74e894471d697c553c45c4c119a2 f7147af8dd887d304d337eaa56e0ed3f170aca56 ee07dbe976f4953e4d70c844843572b0f4194932af71f4083724a4cc2564ca90
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dv3xTjnerntQG0Gj2rC6AFYxQLI0t0w%2FWwWvWCSvWyNtAitCGvaAGhKMxhEtlhngoCdhEJdRWsziOVnJhEYfyowapghezGr55B1T2NGEKbe0UcDHxyxiRl0890g7yCrNXk8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c9bcdf712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/D3S2822-400x250.jpg | 104.21.41.36 | 200 OK | 24 kB |
URL GET HTTP/3gucehooxyy.info/index_files/D3S2822-400x250.jpg IP104.21.41.36:443
Requested bymoz-nullprincipal:{55c7ff44-8f5d-4bbe-a3fb-8580ed2991a7}?https://gucehooxyy.info CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 400x250, components 3 Hash35f6fe3fe27dbb5f2ae4d778879cb0ce 6d994cb4a23a6387561fcb0d3795835e06a09ae1 7b98fc590dc300f35f930a54bad820bb1089ba52e2161d493ab3dc39005c338f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/D3S2822-400x250.jpg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: image/jpeg
content-length: 24436
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytU7lBItKfupYghqzFx7MksAFNNSDTZAuH66jRz7kQIo%2Bk9o9duK%2B99rk%2F7gJ14LBnBDpCH61o06%2F9LZnliopR7aRTTb02o%2Ba4JGGdVd5ErgD0JYAfqEkfDxxPlFE05SvRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1ccde5a712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/gazociag-laczacy-glownea-480x292.jpg | 104.21.41.36 | 200 OK | 41 kB |
URL GET HTTP/3gucehooxyy.info/index_files/gazociag-laczacy-glownea-480x292.jpg IP104.21.41.36:443
Requested bymoz-nullprincipal:{cf14d1d4-9a79-4536-bdd9-cb2f3860941d}?https://gucehooxyy.info CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left, copyright=Finch Enterprise], progressive, precision 8, 480x292, components 3 Hash9c5121394464710634448ee667f53157 076c019072e649856eb46d428dfac69188dcfe3f b94ec0d5650e5bd2ce02042da377bead9278b3e2ee4ab8fb77555c9f20ac83b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/gazociag-laczacy-glownea-480x292.jpg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: image/jpeg
content-length: 41054
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Udxv%2FVTkqx0AKFH4ugLlvg7icsftpDnyOFkRbz0841vHjaxHpN7DSROaP1r5kWavO6LhvVhGRnSbz%2FuXn3UWq7Pvg2cq4uKVPCf%2BZcU88gajGxe4uU4jlG8Ev6fw0Otfq%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1ccde5f712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/mediaelement-migrate.min.js | 104.21.41.36 | 200 OK | 7.6 kB |
URL GET HTTP/3gucehooxyy.info/index_files/mediaelement-migrate.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (1191), with no line terminators Hash51300497928562f8c86c7aaba99237cd e5826832b85c6afc6502b74cbb8ac5394b04c363 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/mediaelement-migrate.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vP32%2F%2BBw64qKzAgLB4CQd4ax8tMUsAwBo1dySaHerLJq8QzROsgxkG4P%2FAqBxDIhHMuw6%2BGcTPmwHtLzhPiVY0GtCwZ0xHx1ALBibZ1zRcbXkCovEP%2BwdpkA1v1Uddek5tc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3b9e1712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/9EKZ11yB | 104.21.41.36 | 200 OK | 139 kB |
URL GET HTTP/3gucehooxyy.info/index_files/9EKZ11yB IP104.21.41.36:443
Requested byhttps://gucehooxyy.info/index_files/Tweet(1).html CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 920x690, components 3 Size139 kB (138937 bytes) Hash7b305ac2ba9d4741ff76c90f07bd4064 262d32169b389046a03a609dfca2690861a227e6 1c76f542a6e661d7101ac37d0dea1429c78e2bd57cf9252cba6d26563965f462
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/9EKZ11yB HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/Tweet(1).html
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-length: 138937
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=313bSEwecftfNfAm1t%2Fxz2qNE09aAExUUMaMOmXzeMd%2FjYdIWsVsUauHuRREDBjQ4x11%2FALkX3qDAmi0Tda%2FJQxXxMg4VF%2BHb%2BvlxD%2BKRtKExkJ95ltLxUxxrUBnKqHEq1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1ccfe70712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 | 104.21.41.36 | 200 OK | 20 kB |
URL GET HTTP/3gucehooxyy.info/index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 IP104.21.41.36:443
Requested bymoz-nullprincipal:{f928aef9-7f24-41c5-bce4-f4261f8cfbe9}?https://gucehooxyy.info CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (19978), with no line terminators Hashefeb2542712dce8a2c51cf68396e4a05 ac9ce350c598644c7b7f6186aaf0368eb077d396 c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-length: 19978
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mJzFvPvwKVSl2tsieGwgdryJb1Ufum09HEGa9ks2xAzVTgpdJLtIPCP5sETarBn8mehqlNs3A%2BXnjOlsXc0rXgQJm%2Fn%2FEJrfx7FZyeNh%2BqwbksYs29xujrs8C%2F08jnbGpe0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1cd5e98712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| notesfrompoland.com/wp-content/uploads/2021/09/58-licences_PUN-980x551.png | 104.22.23.84 | 200 OK | 174 kB |
URL GET HTTP/3notesfrompoland.com/wp-content/uploads/2021/09/58-licences_PUN-980x551.png IP104.22.23.84:443
Requested bymoz-nullprincipal:{67003e66-6764-41cd-8a95-518faadb5ca4}?https://gucehooxyy.info CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
File typePNG image data, 980 x 551, 8-bit/color RGB, non-interlaced Size174 kB (174210 bytes) Hasha02a9e0cc3e06747af94eee200a8d319 ae1299b27924cdc8a0d4c6179390beec8aaacdc0 4ac5b059dfcbd0cc6a4f6f4642560815701b8608c0eec917b4923e6d12286add
GET /wp-content/uploads/2021/09/58-licences_PUN-980x551.png HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: image/png
content-length: 174210
cf-bgj: imgq:100,h2pri
cf-polished: origSize=212134, status=vary_header_present
etag: "33ca6-5ccf6c5c7f86f"
last-modified: Mon, 27 Sep 2021 09:32:15 GMT
vary: X-Forwarded-Proto,Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 87dbb1cd5cb40b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| notesfrompoland.com/wp-content/uploads/2019/10/cropped-2019-10-29_1838-192x192.png | 104.22.23.84 | 200 OK | 2.2 kB |
URL GET HTTP/3notesfrompoland.com/wp-content/uploads/2019/10/cropped-2019-10-29_1838-192x192.png IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
File typePNG image data, 192 x 192, 8-bit grayscale, non-interlaced Hash8f3a85548d33ce79d76f73c9f3ac5027 6b653c0f017f824f4537c4401db20884242c9cb6 ed028d4f38692125653980d4fb703ac1cd97f66d5d68cded4c3ae0f454b2fcb1
GET /wp-content/uploads/2019/10/cropped-2019-10-29_1838-192x192.png HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: image/png
content-length: 2207
cf-bgj: imgq:100,h2pri
cf-polished: origSize=5331, status=vary_header_present
etag: "14d3-5961017c57b91"
last-modified: Tue, 29 Oct 2019 17:39:06 GMT
vary: X-Forwarded-Proto,Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 15355
accept-ranges: bytes
server: cloudflare
cf-ray: 87dbb1ce1ce30b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| notesfrompoland.com/wp-content/uploads/2019/10/cropped-2019-10-29_1838-32x32.png | 104.22.23.84 | 200 OK | 443 B |
URL GET HTTP/3notesfrompoland.com/wp-content/uploads/2019/10/cropped-2019-10-29_1838-32x32.png IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
File typePNG image data, 32 x 32, 8-bit grayscale, non-interlaced Hashb632775edb0123c108db2d906e993a37 21086743bda27be7e86d8d0e5bf4a0a36c1a5f7e 2032279fbdb65c039fd8663d7ea288cce0dd7b9ccbbc35f4fef733082e09f242
GET /wp-content/uploads/2019/10/cropped-2019-10-29_1838-32x32.png HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: image/png
content-length: 443
cf-bgj: imgq:100,h2pri
cf-polished: origSize=594, status=vary_header_present
etag: "252-5961017c5d181"
last-modified: Tue, 29 Oct 2019 17:39:06 GMT
vary: X-Forwarded-Proto,Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 16869
accept-ranges: bytes
server: cloudflare
cf-ray: 87dbb1ce1ce40b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/cropped-2019-10-29_1838-32x32.png | 104.21.41.36 | 200 OK | 453 B |
URL GET HTTP/3gucehooxyy.info/index_files/cropped-2019-10-29_1838-32x32.png IP104.21.41.36:443
Requested bymoz-nullprincipal:{67003e66-6764-41cd-8a95-518faadb5ca4}?https://gucehooxyy.info CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typePNG image data, 32 x 32, 8-bit grayscale, non-interlaced Hasheaef6eb37ddd3d9703728b6ef782a8e3 9854b2b7f01dbbe18316e6bac910563d1ed4bcbe b859b0719a546ca490204d2e73212a84444d15feef0664f23d8cfb15201712ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/cropped-2019-10-29_1838-32x32.png HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: image/png
content-length: 453
etag: "651d9ebe-1c5"
last-modified: Wed, 04 Oct 2023 17:19:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kzjo%2FG%2BOxyZx4SgZr0Spnwsuiv0JtkZQo9uUxEkBH8jY8Qa0uwgeCInKAW%2FA%2F2adPEF6ug88LlbhI61Ka%2BNv8%2BKWJ87MHx37Gbycgbw7g8sf646jDTT3hwVuM6BK1mcISw4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1ce1f07712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/cropped-2019-10-29_1838-32x32.png | 104.21.41.36 | 200 OK | 453 B |
URL GET HTTP/3gucehooxyy.info/index_files/cropped-2019-10-29_1838-32x32.png IP104.21.41.36:443
Requested bymoz-nullprincipal:{67003e66-6764-41cd-8a95-518faadb5ca4}?https://gucehooxyy.info CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typePNG image data, 32 x 32, 8-bit grayscale, non-interlaced Hasheaef6eb37ddd3d9703728b6ef782a8e3 9854b2b7f01dbbe18316e6bac910563d1ed4bcbe b859b0719a546ca490204d2e73212a84444d15feef0664f23d8cfb15201712ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/cropped-2019-10-29_1838-32x32.png HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: image/png
content-length: 453
etag: "651d9ebe-1c5"
last-modified: Wed, 04 Oct 2023 17:19:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LbjfVKGu2eZCIjjC%2FhbWxiRvkSJ8f6tT8bryJHF9GeAJIrGsxaMKgs8mwAtS9I3MDTUtuAsOap9u3lyeC9bUxXqw0dUffDoKlXM2GEqNH85D36exN%2Fy10h9X0bhwb%2Fnv6pc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1ce1f08712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/cropped-2019-10-29_1838-32x32.png | 104.21.41.36 | 200 OK | 453 B |
URL GET HTTP/3gucehooxyy.info/index_files/cropped-2019-10-29_1838-32x32.png IP104.21.41.36:443
Requested bymoz-nullprincipal:{67003e66-6764-41cd-8a95-518faadb5ca4}?https://gucehooxyy.info CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typePNG image data, 32 x 32, 8-bit grayscale, non-interlaced Hasheaef6eb37ddd3d9703728b6ef782a8e3 9854b2b7f01dbbe18316e6bac910563d1ed4bcbe b859b0719a546ca490204d2e73212a84444d15feef0664f23d8cfb15201712ff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/cropped-2019-10-29_1838-32x32.png HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: image/png
content-length: 453
etag: "651d9ebe-1c5"
last-modified: Wed, 04 Oct 2023 17:19:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vd3%2BPNJQqqAaeibNXUZwFvOmemP%2BH8CVxfCylA7ukQUsZV25SLKsL2Cv%2Bm96Kz5bPZ1HEQEcT80TqsEA6%2FjaDyZPSMt%2BZYd%2BOOIA%2B9ogyJGpSC9oPPxXK%2Bj2KNclCafE%2B6w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1ce3f4c712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/jKfk-JBb_x96.png | 104.21.41.36 | 200 OK | 4.1 kB |
URL GET HTTP/3gucehooxyy.info/index_files/jKfk-JBb_x96.png IP104.21.41.36:443
Requested byhttps://gucehooxyy.info/index_files/Tweet(1).html CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typePNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced Hash2860fca3be2e482c609af3fbb342bf56 f41dedfe8197650494dd00e0b77679d8529f2bcb 55a7631a819d766add91f5e45c4bdabe68954b923b53e5903b17e6880408cdd0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/jKfk-JBb_x96.png HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/Tweet(1).html
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:10 GMT
content-type: image/png
content-length: 4144
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
last-modified: Thu, 02 May 2024 23:12:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SocNPpGiFt%2FIp4uGiKE%2FTsLnWT9mT03TwwzZ9U5tClm5S7MEx9So%2Fnwrm0CWk%2BnS8%2FY%2Bpz%2BVCk6LYLQDHi40XfjDvQoxiIYW83O7qUumwJShvqFVOPdD0scqgtDYIuY6LHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1cf1803712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| notesfrompoland.com/wp-content/uploads/2019/10/klabzdron_big_M.svg | 104.22.23.84 | 200 OK | 5.1 kB |
URL GET HTTP/3notesfrompoland.com/wp-content/uploads/2019/10/klabzdron_big_M.svg IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
File typeSVG Scalable Vector Graphics image Hash8020588f4ebeae814c85189ce7a9df93 10df6bc3381154bb7974673ed1b7a9078ecc0ef4 f4eec7d8a4b6eeb290ea8566bd5bf3222572e7d27356d70e2ff4eec3dbf9d460
GET /wp-content/uploads/2019/10/klabzdron_big_M.svg HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: image/svg+xml
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Tue, 29 Oct 2019 10:28:02 GMT
etag: W/"474-5960a1232429f-gzip"
cache-control: max-age=14400
cf-cache-status: HIT
age: 17448
server: cloudflare
cf-ray: 87dbb1c87b380b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| notesfrompoland.com/wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Bold.otf | 104.22.23.84 | 200 OK | 64 kB |
URL GET HTTP/3notesfrompoland.com/wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Bold.otf IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
Hash1ffc5df5fe8cd3a51fd8aa1f0b628888 412ee2441b01c8277dc92a9b14aadbca5bb0cf41 392d7711c0f6d9ba568c8b0838593107b53792802fc185aaa03f33a82dcfe754
GET /wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Bold.otf HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gucehooxyy.info
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: application/x-font-otf
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Tue, 22 Oct 2019 13:41:28 GMT
etag: W/"f8c0-5957ff5187e40-gzip"
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 87dbb1c9cba50b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/1f1f5-1f1f1.svg | 104.21.41.36 | 200 OK | 7.7 kB |
URL GET HTTP/3gucehooxyy.info/index_files/1f1f5-1f1f1.svg IP104.21.41.36:443
Requested byhttps://gucehooxyy.info/index_files/Tweet.html CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeSVG Scalable Vector Graphics image Hashdb99e1f10b9b733e13f049300bfaa93b fca0605b7d018ea7d29efecbb7331f23759df641 9f82a0527b8126056d5717789e98aaa33e07c9defae573be6d29e26a7d0ea168
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/1f1f5-1f1f1.svg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/Tweet(1).html
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:10 GMT
content-type: image/svg+xml
etag: W/"651d9ebe-e4"
last-modified: Wed, 04 Oct 2023 17:19:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAX18ZMVXScUxlqUmNVs7ODgsPk28fiOVSBoCFyXWsMObcYJJk66%2BMkn%2FKW9KRKl0tmJXRqfw1CRyfl%2FHO%2FH1aKlAMaLdSgUg56mFgejyHjbCPpmoUvTQvKTa%2FOZ%2B0MfBcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1cf2804712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/saved_resource.html | 104.21.41.36 | 200 OK | 7.1 kB |
URL GET HTTP/3gucehooxyy.info/index_files/saved_resource.html IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with very long lines (6939) Hash9f338ca86defed3975d788aa49a41549 cabf8eaa2bd2b154d5d8e6e193cab57b665e2939 bffcbaa9ddad7d4f052ae69dad83def3e36e82e5f17b15b0acff57d07b56efe4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/saved_resource.html HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
last-modified: Wed, 04 Oct 2023 17:20:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBAQWT6nU07FKvQOs8PpDhfZEvSYliQwgannos1rmTUN6x5e0Fq72KcWe%2FSp2gX3FVZkpsShNlGP%2FqHT9%2FMm8FFlQGqaemo7sC1Od6o%2F0atqVa9SdVqRsI%2FKobRee8SF%2BkI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1c80c0c712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/embed.9449.143d97ea3ade6f4824dc.js | 104.21.41.36 | 200 OK | 167 kB |
URL GET HTTP/3gucehooxyy.info/index_files/embed.9449.143d97ea3ade6f4824dc.js IP104.21.41.36:443
Requested byhttps://gucehooxyy.info/index_files/Tweet(1).html CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Size167 kB (167322 bytes) Hasha096d4d712d8664b5f72fc16777f624e 44cd21c14421d98a070e97b691cd9700a4c2f438 d821142be15916ca24d5c5257de8c518b37021e70b346af8e96cbd3aac5a1971
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/embed.9449.143d97ea3ade6f4824dc.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/Tweet(1).html
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Thu, 02 May 2024 23:12:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3h4RWJ%2FXjDsQRt8dlP8XJfP2c3QybHdR1CvPEIZNprI%2F2lil4J54h8eY7etcsb%2FWnKsBpt4IH5yfIF2hpy3nE%2BEwafh2pMqDhZysBVU%2BuC%2BNFbqafkRRC8oY9uWXSvkMP9k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1ccfe6e712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/fonts/monarch.ttf | 104.21.41.36 | 400 Bad Request | 108 kB |
URL GET HTTP/3gucehooxyy.info/index_files/fonts/monarch.ttf IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Size108 kB (107862 bytes) Hashf1ca7420c75295af5f1e43520af6f1e8 4697c355933d1875b202627737ae74131526a1ee 3c29ae3d1a6ec707d9ad8c75ec1118da29ebc485aa6d5b898c2e913ab904c9ee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/fonts/monarch.ttf HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/style.css
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJ9u0%2B98tZvIf6Hd4UjEM5gl4gTNwWdwOXnCfpVNJVsFoLAqNA0gnvalL4LzmUxqHB7D16GH09vFrhroIvFY8nrOfQ59krZvVd%2F0MFI3rSHEKwk%2B2%2BfQiOvBPFgsROgUkik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c9dcf0712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/widgets.js | 104.21.41.36 | 200 OK | 41 kB |
URL GET HTTP/3gucehooxyy.info/index_files/widgets.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (38752) Hash9e99725b7a4cd730a934afba2a438bb5 cca18cd298b243e672b37ba6e6927bec865dd742 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/widgets.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2F5cKRUkkGnKrwreRltPeN18T0%2B7QrOfN1f7zQou0yFHPixQSkYN32%2BEbDgAuHAYjhii4HazdquQwsKNfNO0R47YnvGv2F4XV2HLKbefPE7kruALXj39WmQCJ28nICtydHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c7cbd6712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2 | 104.21.41.36 | 400 Bad Request | 5.2 kB |
URL GET HTTP/3gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2 IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hashfccf46feb9abdd0b1f0edf109b8f96a5 4c687404979f86acb680cd963a5bb2d33cdaeb57 8b1165c177417fe41fbdb115cb7810af97ec59becaf95de7df45dc77a05a617d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts.gstatic.com/s/opensans/v36/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2 HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:10 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pU5Uy%2FHjt44DKHjzViMTHZ4jyKWPCdIRwY0BaDLLfqDM9arVALTO1vMuk%2BCoR72aDhu4BW74gASdPRPF2dfT7hoDMfs5D9xokGgcjrmwkQu830Um5LDFSahf%2FCOhAgz7xPk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1d42a77712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 | 104.21.41.36 | 400 Bad Request | 3.5 kB |
URL GET HTTP/3gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hash45de121a62e58563988c7bba12ad9a0a 31f670c50021fa53357f3bb10950bdc2a6b8e606 6c267978eda4280817a57c94adee60a81cd97dcc24460216dc1d85597856a02c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2 HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0ejd82tOOW%2F8uyk%2BzuolPLztW04w2uWOeWkO8TGlHvv98hemBJq3Gw4fynjvgsGDjzURjHUrHI%2FCnrucBxvZotdPprrG6BUYhbszvSHbKFNXreOT4hyYmuF7JYM9Ywlo%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c9dcec712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/cc.js | 104.21.41.36 | 200 OK | 379 B |
URL GET HTTP/3gucehooxyy.info/index_files/cc.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (379), with no line terminators Hash5842f5fe8dd6d2769de7ce334fc79c19 236a21f2863d592914557ba6e878ef8e6c40ea47 5047943e63453ef7e7e2dbb2aea0a1b5145824dd9f798fad3a2ea25a11a89ebc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/cc.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
etag: W/"651d9ec0-17b"
last-modified: Wed, 04 Oct 2023 17:20:00 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OsmIfxdt%2BZ1Z802W8%2BSjAhZ9YTlMSEmBcD%2FI9Y8qFY4js2b%2FDZ7kNO6R4htiKImuceqyAQ7N343EbBPoKaZkfTuXRQ0ksApDXGFzqHcwFIEJjVdytqR07%2Fvn%2FsFvb%2F2XxkY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3597f712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/logo_stopka.svg | 104.21.41.36 | 200 OK | 1.1 kB |
URL GET HTTP/3gucehooxyy.info/index_files/logo_stopka.svg IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeSVG Scalable Vector Graphics image Hash19b5e4d5e42a160c50d63a763e63fac9 ef9b511e312c1be219bce0a67badc69fa01cfbaa bb7b18ad28b49df0a0ca3dd30523141628fb3dd6790c5fe6104a9ab9fb7ee1f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/logo_stopka.svg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/svg+xml
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KOy%2Buzv5nIPSgWqBJiSLaHEuPymkA3d69z7AGiJOsuc%2FQZrv1HquvrSITaodup25FPNRDuTqEAQZnP61YbQ75JN4J4FQBXY%2Ff2ITDwggCH971rkbdRmiwFDo%2FUOhkDljPF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c399bf712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/Tweet.html | 104.21.41.36 | 200 OK | 22 kB |
URL GET HTTP/3gucehooxyy.info/index_files/Tweet.html IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/Tweet.html HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
last-modified: Wed, 04 Oct 2023 17:20:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jPcAZPyK7v8M0C%2F9%2F2uv1E3Twvb1Oa7EULzNYtHp6i6FQEsohq8u%2FP%2B0741iConLC%2BYOSKQdiHkr2mZUGl37UEppt2zOL4nTx5OJI81kUHZFVUhpkyeewOy95nAfVfC5zcs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1c7fbf8712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Montserrat:100 | 142.250.74.106 | 200 OK | 1.8 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat:100 IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (1849), with no line terminators Hash9d6738899527d728b3e2221180de3c12 c671720a5866a500f2ac0eac71064078708f1230 06af7c4adad9defe1b2accf8a83cb79af79ceb16a6d0077a82d69ed3399d6582
GET /css?family=Montserrat:100 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 May 2024 23:12:08 GMT
date: Thu, 02 May 2024 23:12:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| notesfrompoland.com/wp-content/uploads/2023/09/CA091031_016-980x653.jpg | 104.22.23.84 | 200 OK | 101 kB |
URL GET HTTP/2notesfrompoland.com/wp-content/uploads/2023/09/CA091031_016-980x653.jpg IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left, copyright=foto-szczecin], progressive, precision 8, 980x653, components 3 Size101 kB (101326 bytes) Hash50981c174a2e73ae72c3ee6463e4f4cf ee7b69b379b370bc819dd10a2a23b6fe85148b2a e54485937d4f63e9ea82e06046747a863bdf81d427c557267bf43b9d4f90ca42
GET /wp-content/uploads/2023/09/CA091031_016-980x653.jpg HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/jpeg
content-length: 101326
cf-bgj: imgq:100,h2pri
cf-polished: origSize=131544, status=vary_header_present
etag: "201d8-606567aa8c1a2"
last-modified: Wed, 27 Sep 2023 12:39:15 GMT
vary: X-Forwarded-Proto,Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 87dbb1c48c0956ae-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gucehooxyy.info/index_files/idle-timer.min.js | 104.21.41.36 | 200 OK | 2.6 kB |
URL GET HTTP/3gucehooxyy.info/index_files/idle-timer.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (2703), with no line terminators Hash9061aa7f72eb02994c7d02b0a7db904f 8b1da5d9a444f842403cd7e2bb5c9409b28132d9 e6a9ca699b75134a14c7af8c59d122625095714a3c31fa75140f83e1b3cbc8ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/idle-timer.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Q7QTwPw4QK0mKymeFUWXrEYUPthHKUOXxRZYUIf2znoaPVZxt90sdRUVaIYoCekUYokjDYo7iIU9dDvW881TSGDNJQpGwoKJZ%2F9x4RKy4XPfqJxtk9nqM6GK3QXzXedoi4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3a9d2712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/core/admin/fonts/modules/all/modules.woff | 104.21.41.36 | 400 Bad Request | 150 B |
URL GET HTTP/3gucehooxyy.info/index_files/core/admin/fonts/modules/all/modules.woff IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with no line terminators Hash5bee7066f7e028cf5cec82960f8d0afc 4c59ad33d9e44cdb9b700ca07618b679208dbe34 1396b26ec77778b85a2ebd96914f6788f28f0110e8939c540f1e041942abdbb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/style-static.min.css
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U5l4MVWl6TGpMhzXFdCFzi%2FJ5Z1mm3OYDmAh7DU6DbTq1GFbnNPlYcOXPlEq1j962XAdJtzndODST4lhrPBDrJjBUk%2FtDohtkTThW3alxrcxGDJ7fAPmby8XE0ERYR0Ahuo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1cb7dd1712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/regenerator-runtime.min.js | 104.21.41.36 | 200 OK | 6.6 kB |
URL GET HTTP/3gucehooxyy.info/index_files/regenerator-runtime.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (6777), with no line terminators Hash4b5583c1e3d9c4f85089eebae5b0ea63 8f1a4ba1dabf9fb35cfc2a2ebd08b93a91c0923b 4c4ee791f1baebfe9e127c3341a2eda8e6e8a5debf27d91fae8c04cd2adb1527
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/regenerator-runtime.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSE8HFadbwdxeH6NV5q57I1BbaafofM6E8Turm007XPAUAiJxrBrRL9YExx3u9r%2BlGhYsXl8ZnuITDR0t7Ucr1lilWjqMbxzkEKO6RDwfnQ9nQNKIDDY4mCMHOQSGabbT6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3799f712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/mediaelementplayer-legacy.min.css | 104.21.41.36 | 200 OK | 11 kB |
URL GET HTTP/3gucehooxyy.info/index_files/mediaelementplayer-legacy.min.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (11256), with no line terminators Hash2b0dd7eecea03b4bdedb94ba622fdb03 703becba85161118dd6fc66af465428ef43f561c b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/mediaelementplayer-legacy.min.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F14UgTWfNKgeleB0ulK4KrNudupu8v3FRcIQ1%2F5Jrz62mEU6cmzJIVTY5Q3vy0QupW1t7KxGsWTF7u4QfLYLc2Fq%2B9DRUFc3LmTRgnWZ22d1373lK%2FyJIHfgi0EmhH4wDLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c399ca712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/core.min.js | 104.21.41.36 | 200 OK | 21 kB |
URL GET HTTP/3gucehooxyy.info/index_files/core.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/core.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r13h8rjHJSrOVFMoOfPKnmrdnFXC7DktSextBewZyW8UrGvxEVCFj%2Braf02LAuh4FKnV5QTYLw0OoJcDpQeOCRhNIGpt3YlNk9o8z%2FfXWgbGKh%2BjNaD0YnoC36b9xIqLGm8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3a9d6712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/shortcodes_responsive.css | 104.21.41.36 | 200 OK | 3.6 kB |
URL GET HTTP/3gucehooxyy.info/index_files/shortcodes_responsive.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (3559), with no line terminators Hash778f97aab3cbd8eabe07418f1ca68e7e 8caf55ad960cc7a05817bbb1ba2ac26d6eecf713 4539557246be93501e31f1c804f7cfaf317b71387937625e9ae103e6b8d2d920
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/shortcodes_responsive.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jEZ5Gyts%2BOfJAtfWjAs3CLud7qwwv%2FqYoKDtfgqrpYI46biyo1Hfw%2FxrK34GfaR7v2PvciAQoAUQXXSMqaNqXG42n5S2B58wXffs%2FEdI2ZXbhL5ahW9hitPx2isEFrREMNg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c399c5712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/site.min.js | 104.21.41.36 | 200 OK | 70 kB |
URL GET HTTP/3gucehooxyy.info/index_files/site.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/site.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6HCJJ6fZbNWprHb%2FRyjdDeZT8L6YDRqiBjLneVlFZXPUKxgRxPstBp%2BD1VDBpTtead9dzu4bspZ8o52GSJMhUBCb%2ByMbQYO6nSwxDQ%2BzERvpQb%2FLhZVcwa6BJ3Q6fOW8hQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3a9d7712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/common.js | 104.21.41.36 | 200 OK | 898 B |
URL GET HTTP/3gucehooxyy.info/index_files/common.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (904), with no line terminators Hashf7bc839fa20ed9867fe0c96aa4b8731a 3ba49885a233ba3338df60821ede1f97f4b13c01 7a8b2e9af4fe1888a28bce1dcbd7329c40af0c94391aec2023ab464f450cdb37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/common.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
etag: W/"651d9ec2-382"
last-modified: Wed, 04 Oct 2023 17:20:02 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Ce7Hx5ak72XR4tkQCcVQEcoCffI8ZyNVNvCFGih4y%2FBj%2F4v3zqf4UiugN6h5YQ0fpDgIDhD96RHKFXugamvOtDvuqZKlxDi%2FQmM6zjSnYP6%2BWib%2F9ZtAkIBqeSG1guKHMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3a9d8712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/easypiechart.js | 104.21.41.36 | 200 OK | 5.9 kB |
URL GET HTTP/3gucehooxyy.info/index_files/easypiechart.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (5893), with no line terminators Hash6e16a4607abfd365fcfe067dfd0459c7 b982b9bd246a9aad3bdbbb37870dcc9809f727b6 3935fcdd486e1374353031215db3d88ead627676671d0decaf983aa333727041
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/easypiechart.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0tGuuCsmpMWnOTavp%2Fz1Z6wpejeRbkxL6MXDqhJrHkeIrZcLRhrYnoZnlTHpxNVEcWF%2B6cnPOkWlZUbnPESSvsPDQ7BhPeIkvyjnTqNux58%2BocStt7FdvdUBzYgrQLal2k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3b9e4712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/Tweet(1).html | 104.21.41.36 | 200 OK | 22 kB |
URL GET HTTP/3gucehooxyy.info/index_files/Tweet(1).html IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/Tweet(1).html HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
last-modified: Wed, 04 Oct 2023 17:20:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQ3abECmChrhbm%2BKQAtPXzI1%2BSErvnEf1Cto8FIkOQ4NoLc7b%2FvNb3DgCH4yNMFHSsbTrOm1VZaleFEuf5G96UA8aeBaMOfrEF3gdmehd5ca%2FTunESuIxWeiLgcUUKTqjbU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1c83c25712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/core/admin/fonts/modules/all/modules.woff | 104.21.41.36 | 400 Bad Request | 150 B |
URL GET HTTP/3gucehooxyy.info/index_files/core/admin/fonts/modules/all/modules.woff IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with no line terminators Hash5bee7066f7e028cf5cec82960f8d0afc 4c59ad33d9e44cdb9b700ca07618b679208dbe34 1396b26ec77778b85a2ebd96914f6788f28f0110e8939c540f1e041942abdbb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/style-static.min.css
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2DZll4zHIwHaiH%2BqjmmmzgqoB9Ibl77Lad3cyuBac4JWmVO42g%2BjeDPY2wdvDFYMHrKRXm8C5KG04EC4FKb74cyalupMETzfKZ5Gk80gSu9%2FLskSEqp7SvmOEk6TFNQl%2ByM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c9fd0a712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/saved_resource(5).html | 104.21.41.36 | 200 OK | 1.2 kB |
URL GET HTTP/3gucehooxyy.info/index_files/saved_resource(5).html IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with very long lines (1277), with no line terminators Hash65876f0f905bcdd9a16883c57c32f4c4 c4333d3f5d7b959577c1d722bac5f57f88f1854d c7339864c7f3103429a052beb6e9773b9db605030c05e3bfef469ee48162f936
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/saved_resource(5).html HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
last-modified: Wed, 04 Oct 2023 17:20:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7e%2FSXTi60tyBJnvIZ8Q4EeCABNLOt5H%2FfUHAaGDzrmjas9kfwDy6SsbvSSFCS33DI42InbXj6IHY6%2Fwk85H7OqfIadYRznUMCd1e%2B5XgAFRvcHNzLsjaNXUiQJTPxwAZEZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1cacd7c712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/jquery-migrate.min.js | 104.21.41.36 | 200 OK | 13 kB |
URL GET HTTP/3gucehooxyy.info/index_files/jquery-migrate.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (13326) Hash5cfa2b481de6e87c2190a0e3538515d8 0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/jquery-migrate.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W8hOi2NPYhzJBlMYHLEzFSJdz5pfXPQ0PBiOwtoyVLHz9r8M5ugdTdy9Jq%2BHycCOoBeZcH6pZ2VVdeLykvtVAntLunGAdoErZ7Gxrm%2FaryXJdFnOAV6rAPFnpMOGOVNXt0M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c379a6712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/saved_resource(1).html | 104.21.41.36 | 200 OK | 21 kB |
URL GET HTTP/3gucehooxyy.info/index_files/saved_resource(1).html IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with very long lines (6939) Hash904a1e00de0fe082c94a7a4ffedea209 4f04c3ca42fabcd766ec0a62e889e9ae8bf77da1 eb8690f641a52f206ca15d83b7fa7474d6ff1fbe4ddf7d4b03f56483c4446d5a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/saved_resource(1).html HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
last-modified: Wed, 04 Oct 2023 17:20:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNhsUoK06eskgsW6DMtDvkeh4UxOiVqa8cbimSTbhLP9ocQPYypOQsEdD0RETqIWsfCAudMPHTGzJE%2BRzcRcvxazpx0AbB4IyrWgXjMqkaW6%2Fc%2FatrXxsVe7EpjlNczeXAY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1c80c0d712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/wp-content/uploads/2019/10/znaczek.svg | 104.21.41.36 | 400 Bad Request | 150 B |
URL GET HTTP/3gucehooxyy.info/wp-content/uploads/2019/10/znaczek.svg IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with no line terminators Hash5bee7066f7e028cf5cec82960f8d0afc 4c59ad33d9e44cdb9b700ca07618b679208dbe34 1396b26ec77778b85a2ebd96914f6788f28f0110e8939c540f1e041942abdbb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2019/10/znaczek.svg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/et-divi-customizer-global.min.css
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B9xKxj9feFv4Ite%2BSveO%2FfDwPs2i4pR0DrXuns4epyWDCnpxCiSaxLc5GdLpcv3TMKI4A%2BrqvCjQKwrZVfCG8o3yNyeGT4%2FPt3AMBxaN04BRBX7IfyPmNZ%2FPX2sHaI2VIto%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c86c39712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/style(1).css | 104.21.41.36 | 200 OK | 13 kB |
URL GET HTTP/3gucehooxyy.info/index_files/style(1).css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/style(1).css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NttgYHaQh5F3GEBgYSoUPHeACjJ4ljmw%2BprG9Wn9VbU8wkpQyiU%2BAVZYHdsU5s1ws%2BLPkbaidsm5or0mcHbx933HQR65uh7hQDTcuUxsucrCw7%2FQRBENopXtHSZnFziLVh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3799a712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/embed.runtime.134756fb68200110af56.js | 104.21.41.36 | 200 OK | 9.5 kB |
URL GET HTTP/3gucehooxyy.info/index_files/embed.runtime.134756fb68200110af56.js IP104.21.41.36:443
Requested byhttps://gucehooxyy.info/index_files/Tweet.html CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (10009), with no line terminators Hash9554040cebbde2a652f71fdc8127ca24 c23d39086803206d62837d31ebf3dabeaf08a5aa 29b97b7801202a9c3832f34443d3a5cb3cc67a8191201acb3d1662e0160a4358
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/embed.runtime.134756fb68200110af56.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/Tweet.html
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UUgWeclw%2FTLbhI4ndYQdLq%2FcEK54yYQCknqA%2F8v%2Blf1ZyqMEHlTbjc6fM9zYG%2FyGv34vK18ouoMspw1X70O1UeeaxEboUANdKBhSBJXvStnxTnP0nGMePUprevkco%2BOoI24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1cb9dde712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/fonts/monarch.woff | 104.21.41.36 | 400 Bad Request | 150 B |
URL GET HTTP/3gucehooxyy.info/index_files/fonts/monarch.woff IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with no line terminators Hash5bee7066f7e028cf5cec82960f8d0afc 4c59ad33d9e44cdb9b700ca07618b679208dbe34 1396b26ec77778b85a2ebd96914f6788f28f0110e8939c540f1e041942abdbb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/fonts/monarch.woff HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/style.css
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IgICXhWT3DxcTHMdzs2fZ3%2BAjeugpN1Y7%2BMAnny1weRa6g1AO6nks1qJiM4Z0i3ESTqSVRcstHgiN9ohUbCmgq4AXeS7%2BW6OzCg6nYNnUfBKSHMtm7s%2FghL7x7Zix4XPjRM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1cc7e30712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/style.css | 104.21.41.36 | 200 OK | 104 kB |
URL GET HTTP/3gucehooxyy.info/index_files/style.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Size104 kB (103734 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/style.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BAV15nv2ZvSXCmT0P5H6Vxj2zAztsTF52BqnAjApi6apeTKDRWP6QnMdsDiEzcJHpchrBCrM%2FDacM9GO8QzT3i90YmvJk4L8cDl5XPvdak0iXTje15w1tISr9fdHnaCS9cw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c36992712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/et-core-unified-deferred-50243.min.css | 104.21.41.36 | 200 OK | 1.3 kB |
URL GET HTTP/3gucehooxyy.info/index_files/et-core-unified-deferred-50243.min.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (1273), with no line terminators Hasha29660a7786f57b093ee40a96bd4643b d27bb24e6376865d3af00a99ddce6e1aca2c744a 56834791165e9ef1949b917af9d266a3916ccc19b82d3d8f1e12334f24423172
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/et-core-unified-deferred-50243.min.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kFC%2FIYlejbkW18EHKiHEU3%2F%2FKyjgI6IX3Xh9QQWHSRPtKuXwXv5WbsMxDfcaYhqfxeSDrzbPikIPnJjUinb7D5f7ewyZLXGsE64OZrHBm7sBfa8tqSgWwLXMFPcWfq1ugHw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c389b0712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/et_shortcodes_frontend.js | 104.21.41.36 | 200 OK | 12 kB |
URL GET HTTP/3gucehooxyy.info/index_files/et_shortcodes_frontend.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (2460) Hash9f63e7cdc915e340f10a13728f8197b2 45c16ecd1f181990ad99a0cc89829afdd78e08be da4ccff073185f0b8b1cfcffc1c353b003b632514a851062c0b18aebf0583d18
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/et_shortcodes_frontend.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v297RX8PwmVqdCQ%2F1E4Phdmt5f%2FFXuApNtzqFeEzGVjy64b4q9D6m55mCSf6HaEKZliGU7Pz%2BN0T8UVFCOSzy16Ppz4FmywnylssHHhvY%2F0s9260MITzcx8mujxTG0AuXfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3b9dc712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/i18n.min.js | 104.21.41.36 | 200 OK | 10 kB |
URL GET HTTP/3gucehooxyy.info/index_files/i18n.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hash8cd696505481e74ffee89b4995f37379 ee9aad199ef2bc60a3460f4c52f37d22907b2ec9 01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/i18n.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9kGH3PBtTPpoDsObKTC2EMlVZQ68ttDMsNYgkUJdvfaAqgrzIsj7%2BYAmwNRDk%2BrKlpebMdOShMY5ru7RVDo0yejvA9SnrMQdLpdn7wPMS3801jLzv6Z9C9g7Ai4WEDVKn48%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c389ad712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 104.21.41.36 | 200 OK | 1.2 kB |
URL GET HTTP/3gucehooxyy.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: W/"66310c39-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rVBCg3FftzJFjixGIJOgNJ%2FzDPzCCrTk6fURUXvh9JraoEmFVugI9xFHwytA1ue%2BUovcxfZPM%2FAiBfZp12GS2iodvQe9cTiLyl9SWbbLmvuP8coekLwMCeAWausZO6podAE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3a9cf712e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 04 May 2024 23:12:08 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| gucehooxyy.info/cdn-cgi/rum? | 104.21.41.36 | 200 OK | 0 B |
URL POST HTTP/3gucehooxyy.info/cdn-cgi/rum? IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 25015
Origin: https://gucehooxyy.info
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:10 GMT
server: cloudflare
cf-ray: 87dbb1d42a72712e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| gucehooxyy.info/index_files/facebook.svg | 104.21.41.36 | 200 OK | 3.5 kB |
URL GET HTTP/3gucehooxyy.info/index_files/facebook.svg IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeSVG Scalable Vector Graphics image Hash83362f85da868fc0d4060261b156538f ba15d55f82ed6f31ff7cffd9f110874a92d8d794 505670cd0f5e93d5144cfaf6ca4385dbc7add5fa437cff24c3900ec7dc12c61a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/facebook.svg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/svg+xml
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TY65PeRpBZzu2aauemLCOLluxIm9lRQFy2p72CKHGklW5%2FLD6Pd0t5DlqlItV40x5y7daw%2F1Lkid7AwWVZoF8a%2FUib1rSx9S6uXX5fOqXwJxnSevWsc%2Fh%2FLMW1JrEYY%2BTo0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c389b3712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/uc.js | 104.21.41.36 | 200 OK | 109 kB |
URL GET HTTP/3gucehooxyy.info/index_files/uc.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65499) Size109 kB (109353 bytes) Hash6aef54379c1449e3d57ca97d88d43151 4fc461f5d891395e6358f08ba1ee8c1f5e2e57ae 02b9de7b7bf138e700920ae29919c78cf2188a5725d20499e79225860d164a67
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/uc.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OVU4wDPCj0PGcKIpeg0Vz9DjINL%2BzV3RCovVaxMX%2BZRjSJm7CHWxIuL410Uody7aLvo3q11TQ9VrWiMuq6CtpOcCl%2BYY0vlEu5c9564k1Cdgh5fXLBVdgVh4Tp1MQ%2BrPEOU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c35986712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/wp-mediaelement.min.css | 104.21.41.36 | 200 OK | 4.2 kB |
URL GET HTTP/3gucehooxyy.info/index_files/wp-mediaelement.min.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (4186), with no line terminators Hashea958276b7de454bd3c2873f0dc47e5f b143f6e8e8f79d8f104c26b0057ef5514d763219 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/wp-mediaelement.min.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81yJLAqiXhgrLQVbDacgcDLAoc0R1Icrg5JyrAn1VG3x2q9s1%2Ft%2FentdcR%2B%2FcWrdyoG3deFpp%2BneFP%2FVPrNWHUCBgU4c4zLL3StjCGPS1JgfMCrvmMUXUWpUfBtp1NX3NcU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c399cb712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html | 104.21.41.36 | 200 OK | 328 kB |
URL GET HTTP/3gucehooxyy.info/index_files/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Size328 kB (328348 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
last-modified: Wed, 04 Oct 2023 17:20:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vpjlmDy4gjUph%2BSq11GRXR3SaLjqlMkbtX9XgXk4PQTDgZych0LVLlU4N%2Bv3mOLgZ98DllTlPfMP4u%2Bt64UdVwFzkq%2ByvA3Ovgzl0CboXQqxia7IjiKvGDuXpSEglnwfSNk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1caad6b712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/pagenavi-css.css | 104.21.41.36 | 200 OK | 237 B |
URL GET HTTP/3gucehooxyy.info/index_files/pagenavi-css.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with no line terminators Hash5c349c7e163b8c5dd1bdb722602b899f d497becd8fad03cfde90898149050a90985ef449 ac653be90fb56d873b635506f8b8415893d82e0d60c2eec2f911b2ba15bf374e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/pagenavi-css.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
etag: W/"651d9ec0-ed"
last-modified: Wed, 04 Oct 2023 17:20:00 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKFHMK7ZSGGpAmwmQiWYQ%2FoI8ICQVl%2BnOQuWA19Y8W4G1Qn%2BUdtZxYNk1p0IwAMPHNkI3lLJdV0zwoJqOWZhtI1A83sybz0jc8X8wUYd7welXzxGAftX5zsaJID7JVe4M7o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3698f712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| notesfrompoland.com/wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Medium.otf | 104.22.23.84 | 200 OK | 62 kB |
URL GET HTTP/3notesfrompoland.com/wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Medium.otf IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
Hashccb2d921e703a5d928911d6cfe12dd29 283584a8b17cf8ba3496ab48874f40d5689b594a 6bda076e2fc5d038fca63c670a0eeda29e6084feb17da0f5400228fba23cdeaf
GET /wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Medium.otf HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gucehooxyy.info
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: application/x-font-otf
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Fri, 04 Oct 2019 11:21:14 GMT
etag: W/"f0d8-59413e66cc8fe-gzip"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87dbb1cb7c280b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/frontend.css | 104.21.41.36 | 200 OK | 4.6 kB |
URL GET HTTP/3gucehooxyy.info/index_files/frontend.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeUnicode text, UTF-8 text, with very long lines (4598), with no line terminators Hashdeabf9b2d5fd4d18a2437563a5dafaed 3cf0c149ecb0573b49ed1972b1f8161b62724427 ad78873c9b0951c99b0eaa2ec9704271f8b8032ff1debd108c4b5af8639bf62e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/frontend.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EbyIx2GIezgBuMo0aoichq%2FvOV2rrNaHL6go9wv0IH5w%2BwFbR0RhbuRDPygAifb7wiN8YeT4lC34g4uvLW60HacDjjNP3I57dBa6yG9gRgs03GPl3t%2FzQdC0zTinBwHpCEU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3698b712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/logo-1.svg | 104.21.41.36 | 200 OK | 7.0 kB |
URL GET HTTP/3gucehooxyy.info/index_files/logo-1.svg IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeSVG Scalable Vector Graphics image Hashcfee89ab4fdd0703757e28163502de48 a6dd42c414d7a9cf00e1c2fd4de80c3deac5b87f b2289979e762ab683d02d35d13cf89d584cd80ca070c5540e5a594e38b262085
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/logo-1.svg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/svg+xml
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BRtTaK1uXAH0XI18v%2Feg2R7dxWS9ojZHvBg%2FFZ900ygO0hh8FNCBu90vEx9ugAOJxRBgZ5CBWggTmRyI7XCsTNICirr%2BHTBB7OItENetMYPb9XVYF0qHE0366FOVfZHBtdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c389b2712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/custom.js | 104.21.41.36 | 200 OK | 20 kB |
URL GET HTTP/3gucehooxyy.info/index_files/custom.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (1645) Hashc7d3a2b156c4894e53d2deb54ee3a209 939d85dfa3b4f8109349f48e5b1bb92eb38ca511 7374896f3c29adae8329476ddf22575f3914d9d16c3aacb522f612ee96ae82c9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/custom.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lr20swACJeG0FkDH0gIGEZwDXpjX%2BeYKdKP1gV42X6uz8WFe7z08XGG%2FPARIa8438p036gFf%2Bq6gYd7apy5RdLrORHR%2Bn3ed56e4HydkqrPvRh9eDmWkS9r8%2F1uOhgtqtqk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3a9d3712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| notesfrompoland.com/wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Medium.otf | 104.22.23.84 | 200 OK | 62 kB |
URL GET HTTP/3notesfrompoland.com/wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Medium.otf IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
Hashccb2d921e703a5d928911d6cfe12dd29 283584a8b17cf8ba3496ab48874f40d5689b594a 6bda076e2fc5d038fca63c670a0eeda29e6084feb17da0f5400228fba23cdeaf
GET /wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Medium.otf HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gucehooxyy.info
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: application/x-font-otf
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Fri, 04 Oct 2019 11:21:14 GMT
etag: W/"f0d8-59413e66cc8fe-gzip"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87dbb1cb8c2c0b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu0SC55K5gw.woff2 | 104.21.41.36 | 400 Bad Request | 150 B |
URL GET HTTP/3gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu0SC55K5gw.woff2 IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with no line terminators Hash5bee7066f7e028cf5cec82960f8d0afc 4c59ad33d9e44cdb9b700ca07618b679208dbe34 1396b26ec77778b85a2ebd96914f6788f28f0110e8939c540f1e041942abdbb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu0SC55K5gw.woff2 HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:10 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBE4vlogPfI%2B4s1HJi5wXe6BmsUCgQVlknz7FZuoVosU6gnrjl65P3yuiitCYOvjMMl4ZHrqwiH1IcW7TuMG7UxDKb5M%2FLul5aMprfCd75NjfSLc88OjHidfxZx9cyUnt%2BE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1d42a79712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/jquery.min.js | 104.21.41.36 | 200 OK | 90 kB |
URL GET HTTP/3gucehooxyy.info/index_files/jquery.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash0e850a69bc7fd0acc2e92ce6eee87959 8be6d9e7f7a61ccf0b8eac8a8144d770b608a19c afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/jquery.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=75AjjtbbIQqO8uzSsY9xOT%2B2dsgLm7FGPdCsAyg8MfKgQsfZG8BE4JREfpGmASXnCwopFE%2BCN27%2FFob2fzjOBXWmx3dQcm73UjnuNAS9dIXAv96YqUJ65ug3havXvtYqu9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c379a5712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/tankowce-11-400x250.jpg | 104.21.41.36 | 200 OK | 31 kB |
URL GET HTTP/3gucehooxyy.info/index_files/tankowce-11-400x250.jpg IP104.21.41.36:443
Requested bymoz-nullprincipal:{f928aef9-7f24-41c5-bce4-f4261f8cfbe9}?https://gucehooxyy.info CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 400x250, components 3 Hash73f05fdb02068297f8f03889bd368522 b3c0148a54bb453b315ac22650c37bb919d750d7 babdd5c42d76d3ff5848b7859dc84dfdfd299a707f586b507556fdf4a3672fcc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/tankowce-11-400x250.jpg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: image/jpeg
content-length: 31033
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISGteb6mUmg6uIUfLIy0cI0hel%2FA542rq7I%2FKdcYJUM7wYSubS1ULqz9LmctcTmyLkF9P30jcOeavMxKLK%2B7jFhDTiF1Sgupi8uFURbz1VeNsoKOgXs6TdHhWlV2BAlBLQM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1ccce4e712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| consentcdn.cookiebot.com/sdk/bc-v4.min.html | 104.110.3.72 | 200 OK | 627 B |
URL GET HTTP/2consentcdn.cookiebot.com/sdk/bc-v4.min.html IP104.110.3.72:443
CertificateIssuerDigiCert Inc Subject*.cookiebot.com FingerprintC5:D6:6A:4A:59:31:39:1F:61:62:EE:67:A5:86:C9:58:0D:82:69:6B ValidityMon, 26 Feb 2024 00:00:00 GMT - Wed, 26 Feb 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (643), with no line terminators Hashbf55a8762133f6732494737cb1167c29 581b6f9a76ded2bf1d5d6c347cd3abd0a92b1bce 288b48aea2d122141e10f310f8c9f59c5b75bd2be7619bfc5d7fb18ab3c026da
GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 02 May 2025 23:12:10 GMT
date: Thu, 02 May 2024 23:12:10 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714691530742_388255644_269609024_40_822_2_12_21";dur=1
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2
|
|
| gucehooxyy.info/index_files/pum-site.min.css | 104.21.41.36 | 200 OK | 7.5 kB |
URL GET HTTP/3gucehooxyy.info/index_files/pum-site.min.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (7454), with no line terminators Hash3ab705ec477e79810ee37da1a88d028e b7216e8c58b9990f58b8670f9a3374cbbad4d859 00c79f73596b16ec7ca8129b4764e00b28a6d63c2750998adacd4570b176a232
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/pum-site.min.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7JgDNiJT2HScVGMc9vE5jsLfwN69eXdYnpuym8XUau3ImiP8QiylNItdKhNfrh7cWb8bBlLpB9H8uMPUH3Oq8G27bA8PAGwf0ECAfXKjyE1Rw5LV8RoVjCMpO4lSYVqItQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c36995712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/wp-polyfill.min.js | 104.21.41.36 | 200 OK | 18 kB |
URL GET HTTP/3gucehooxyy.info/index_files/wp-polyfill.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/wp-polyfill.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dx0Q22Xh4bXZHxSriYVbuXQ5QgaUd%2FZpHdzy55Ifv%2Bt5cZd%2FEHU9cdOpKLZzV8nXhrOheE%2BA92RQmAs8eHylleb3BFIo2KZvBwSd6s9LcMtS5CJjuWtYvjRiKYABIOOP0h4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c379a0712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/et-divi-customizer-global.min.css | 104.21.41.36 | 200 OK | 28 kB |
URL GET HTTP/3gucehooxyy.info/index_files/et-divi-customizer-global.min.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (13835), with CR line terminators Hash242ec02be83c27a03b43209781034cfa a4863f41f675d403103bd9fcc6f0ca98e9b97af0 14a207601ee5a1e4559f9b5fb3a56497bca7af61f11aa4cb2d31ee4ec5d01406
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/et-divi-customizer-global.min.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhX0G8Z1y1DgfZHjpdWz7HB1TvBRwgW0w4ZIWe9ND9448mQu7DzTm7N1a5Cmm5hZvVmleB%2BYVlWmtxqxUr%2BkY8GEy1DDIVh3v72xsjA%2FWJKmsetzVMR7m6aRORYRVfUYYhk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c389af712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/wp-polyfill-inert.min.js | 104.21.41.36 | 200 OK | 8.2 kB |
URL GET HTTP/3gucehooxyy.info/index_files/wp-polyfill-inert.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (8365), with no line terminators Hash08e6714eaf3cfe8f3c7839f22d90ba4e 94fdad68854d0d3482b877aef7ba7c2eb265c621 e424039d5a737a1bda8a5ded60919e5067085729310762eebb09c20e07d249c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/wp-polyfill-inert.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CtjzemvYgy3Svls%2BAJNXuuNv%2BB82dPUGqn1jlwv14L9m8OGN%2FhECubb4AzQjDPhEocdtGQXd7MJd1zCIGH1AxGM6taTXyiGMX%2FuN099wSswnIeIS8ZzWhsBRspdYtFaCDMo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3799e712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/tweet.b81b6d7af2d75db873cff6099e4f433a.js | 104.21.41.36 | 200 OK | 7.7 kB |
URL GET HTTP/3gucehooxyy.info/index_files/tweet.b81b6d7af2d75db873cff6099e4f433a.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (7850), with no line terminators Hash5ad63a65a0b5d1fc612a1ae821a33098 13e0cc0ea288f910cb66fa1465792a63734ac7bd ccd2b9878c96548eb899451fce202332273aacfac02fc8beb517df0e1e52716d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/tweet.b81b6d7af2d75db873cff6099e4f433a.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PAAuMaxGOdY5TrqJMhDeyJ6OadX2vLa64ioNHHHz4X%2BoyzHA30wXcaQo%2FNzrPehKGBKlnSDu5rMddeXbmCz%2FtRqVhIZiaH1Afdbxg%2F1uNAGGGZ%2FkRSbEsr%2FleJe0nct6Vig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c389b1712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/widget-options.css | 104.21.41.36 | 200 OK | 1.7 kB |
URL GET HTTP/3gucehooxyy.info/index_files/widget-options.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (1729), with no line terminators Hashde8eb7442d988867d6ebe968d02c18e3 039dde29a80d997dfc3d1b3219fee74b99f2c488 b0cff834004323bbaed51e4a5c4fdc79372bfbe173e846f8d097b4c3196d2f1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/widget-options.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=efwFL2C9q3vH9VGW6wc0Sa4V7ZfjqPfCgPivFVKzfRsfxIsb1MUDqgOd%2BUEHuVw6bk10Syiyj9TBHoqvCHQfwku5NA7Wwcg8%2FYFOLRSO2RY8qrrB7W691YFZIhUVD2wDIAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3698c712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/twitter.svg | 104.21.41.36 | 200 OK | 3.8 kB |
URL GET HTTP/3gucehooxyy.info/index_files/twitter.svg IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeSVG Scalable Vector Graphics image Hashc284b7711a6615ae18f31f6b44413ac0 86b6afe5da04a736fe3dfc4c9193e507a7de9c22 cdcfaf9e60ae2d76b7e49eb758b78230b35c09f43e9e514bf9fc7f6924d1a5e8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/twitter.svg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: image/svg+xml
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GjR8sbSElhZ9LmL8fwBOyTt3O9rOqWiEYmMjAitH14lSjWYCqHjQfFU1wL5Rfa4ZnRWgdHtPbwSCUueyEWAWj9USB%2BSyVX7Zmy7aufFYO4gp0JHlMlTlQoH%2BQ0%2BYlK8uKog%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c389b6712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/wp-embed.min.js | 104.21.41.36 | 200 OK | 1.6 kB |
URL GET HTTP/3gucehooxyy.info/index_files/wp-embed.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (1633), with no line terminators Hashfd110d313fad071b2fe168786e8e7089 126af85dd3cf70c36bcf084087b377b754a1d981 9147349c014e06e4f8cedd2d467ce90c5bad79f434375ebf019ede9a5276a454
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/wp-embed.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZfU5PCHYhyYwjRZEqpJvSqqqbZxhE5C1d714nF%2FLfMIvAyfnRdLt1gpEqi4exNpmDYX46vksY5BUuljZK08dOp1OipgKM4SEhPUIZOcEzgBgLjQ%2BH06d92ODRnquSlMSuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3b9db712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/wp-content/uploads/2019/10/mazer-green.png | 104.21.41.36 | 400 Bad Request | 150 B |
URL GET HTTP/3gucehooxyy.info/wp-content/uploads/2019/10/mazer-green.png IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with no line terminators Hash5bee7066f7e028cf5cec82960f8d0afc 4c59ad33d9e44cdb9b700ca07618b679208dbe34 1396b26ec77778b85a2ebd96914f6788f28f0110e8939c540f1e041942abdbb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2019/10/mazer-green.png HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/et-divi-customizer-global.min.css
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Zu7UAbVwTHrfjNkVYdd1%2BkO%2F7OsTY9oNuRi%2F1Axoergm1iGV6XxUQIxtP6%2B9cjYOY7pGfSr5d7wt7mnKCXRIO7EC4RQmHchLF4Y10R7qBeYqMLl943A48TDX304qbMtlxA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c86c38712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/embed.Tweet.89c768c4b7d4a6ac277c.js | 104.21.41.36 | 200 OK | 32 kB |
URL GET HTTP/3gucehooxyy.info/index_files/embed.Tweet.89c768c4b7d4a6ac277c.js IP104.21.41.36:443
Requested byhttps://gucehooxyy.info/index_files/Tweet(1).html CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (32354), with no line terminators Hash000bac272e03a0cdf64cb87b670212f1 218a1b03bb145346d67f1812df3e1a8dd8faff21 712f4bad24e7563ac13d358e4d92317d9879a1ae8a3b736e3c50a91401ae6549
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/embed.Tweet.89c768c4b7d4a6ac277c.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/Tweet(1).html
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Thu, 02 May 2024 23:12:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1sNnPTFqsfGU9ouFq%2BtAbmzyazQruptHrioY%2F980fIa7wC%2FwAsV8ZUf9ivJ16SF25wyulgY9qFSHpnx%2FfY0zQ6dBYf6ZklomQd%2FzkyIqtFCOBYhg9pFB8ok6xH29k13MR6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1ccfe6f712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/give-donation-summary.js | 104.21.41.36 | 200 OK | 5.2 kB |
URL GET HTTP/3gucehooxyy.info/index_files/give-donation-summary.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (5277), with no line terminators Hash40f97a908caebdba1539c1a20b93845f 723260a75fc446643f2deff256089d1e55199562 1db6a36488b31ab049727950f1f883fb3de06b9bd3096a8f8983ddc3d2b5e2ca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/give-donation-summary.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sSr7R%2BoUoy2lQnXVkx7bOPkvpzVqFC8s5yZO43oyKogpAm%2FUYCWLR2QYmIMzv7Y9CJHgotJxbrV%2FBmGTc%2BupSdzJYAuKwhIXUysU3tkc6gwdvOYYArnsGWw2EBTXL532w1g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3a9d1712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/give-donation-summary.css | 104.21.41.36 | 200 OK | 2.0 kB |
URL GET HTTP/3gucehooxyy.info/index_files/give-donation-summary.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (2040), with no line terminators Hashbdf0c26f958121e64dc3c666b3f81944 f943b8fe249c81bad0a0f538ad674546c592306b 1e976ce625ed3f3bda9494292f078e7f0c16f233da123fac2dba7be916b96db1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/give-donation-summary.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3y4MZiAR68PHxqdfdrYT9hwHxOAqKVJwqJ57d5p9qKZ1CyQNkSlaX6JON%2BqHyNDUfghlVLgHjaY2pMkUC3Jxz4FZwXMKBHxRdposA7fUb%2BAgWx%2FWly8n1zyIy%2BZg4OUw4zQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3698d712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/frontend.min.js | 104.21.41.36 | 200 OK | 2.1 kB |
URL GET HTTP/3gucehooxyy.info/index_files/frontend.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (2204), with no line terminators Hash78b87da6b8fb28b44a5ff9759b7915c0 43044cdc55f450c333672102cbce8fe65fbbc900 f67d84bd7c61a6df207a6415776f3000e85a69c1fbd4777c212ff4978eeffd4f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/frontend.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZ6wO0tLXuwbikgmxaopO9SwAAzirevNttOZu15Q4MsN%2BJWnUcdfuwSF5N8BlS%2FZ7Z0DubF8vqyf%2BHcBemx3%2BXfElxly%2FKeDKsbTWfaoNHSPGibRwmKoP%2FHmtRR6h5sSw%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3799c712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/give.js | 104.21.41.36 | 200 OK | 160 kB |
URL GET HTTP/3gucehooxyy.info/index_files/give.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Size160 kB (159533 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/give.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=St4lBTiVLbIkmDWkkF7DVVBNPjlK5Zsi7hNdW5LNixTu7UdBKoCzv8RRIuoW6z7yLZTIbnC%2BjjwSXBVD7fDyjfZ4q9KogdAInvIQAEKShnBStj5GydPGLVoXxEzkiRh45TA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c389ae712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/bc-v4.min.html | 104.21.41.36 | 200 OK | 1.7 kB |
URL GET HTTP/3gucehooxyy.info/index_files/bc-v4.min.html IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with very long lines (1789), with no line terminators Hashf0abfbd651bd29889fdd0127af28595d d0f9ff3a9f90b630b2d878b25243b5c35a26815f a82a2c9df24e1a45221da866e0df9491cb393f5103a0d75aeefa1af2df3d7bf2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/bc-v4.min.html HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
last-modified: Wed, 04 Oct 2023 17:20:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2FfNa8%2BbUqj2AvSXTelfm%2BJ46auOO1JdZ%2FLv4iwQXckQEoVCIDBfqxLP3ketax52XTPOT7v%2Bmgin86epfD2H%2F%2FNOsuAqZ4L1gXiyyWUfnOGTZXLvZaxq46NdrjkqugPwTD8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1cabd76712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/embed.Tweet.89c768c4b7d4a6ac277c.js | 104.21.41.36 | 200 OK | 32 kB |
URL GET HTTP/3gucehooxyy.info/index_files/embed.Tweet.89c768c4b7d4a6ac277c.js IP104.21.41.36:443
Requested byhttps://gucehooxyy.info/index_files/Tweet.html CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (32354), with no line terminators Hash000bac272e03a0cdf64cb87b670212f1 218a1b03bb145346d67f1812df3e1a8dd8faff21 712f4bad24e7563ac13d358e4d92317d9879a1ae8a3b736e3c50a91401ae6549
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/embed.Tweet.89c768c4b7d4a6ac277c.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/Tweet.html
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARNCvc%2BJ0rpLiAtwPdOrDJA1PgnIZDGOMwNPo5jxYPPyXQTxHdcm0pdjUUVyelAjH4%2FJ6T4SsgH%2BDxRvNxQ8u7YOP3FTiu77MJiLayz5i9AA5Y5q2ZsgxycNIjliS5GZniA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1cbade3712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/core/admin/fonts/modules/all/modules.ttf | 104.21.41.36 | 400 Bad Request | 150 B |
URL GET HTTP/3gucehooxyy.info/index_files/core/admin/fonts/modules/all/modules.ttf IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with no line terminators Hash5bee7066f7e028cf5cec82960f8d0afc 4c59ad33d9e44cdb9b700ca07618b679208dbe34 1396b26ec77778b85a2ebd96914f6788f28f0110e8939c540f1e041942abdbb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/core/admin/fonts/modules/all/modules.ttf HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/style-static.min.css
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=svLvGDKSxMK6KZELeX60ktO7RPwZvIGFwcWfNCxzh6dBzXf4xFL4vka6djSfCcEl18lWPTcej8%2BZKKmWDGJBujqoulV5IDTTyXJoG1%2FvgD%2FKtCXKnFD63CtXCbJM7QUWqtQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1cc7e31712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| notesfrompoland.com/wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Medium.otf | 104.22.23.84 | 200 OK | 62 kB |
URL GET HTTP/3notesfrompoland.com/wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Medium.otf IP104.22.23.84:443
CertificateIssuerLet's Encrypt Subjectnotesfrompoland.com FingerprintB9:DB:75:E4:48:85:E4:82:89:03:B5:E7:0C:E2:8B:B5:53:B3:FE:77 ValidityMon, 22 Apr 2024 05:05:58 GMT - Sun, 21 Jul 2024 05:05:57 GMT
Hashccb2d921e703a5d928911d6cfe12dd29 283584a8b17cf8ba3496ab48874f40d5689b594a 6bda076e2fc5d038fca63c670a0eeda29e6084feb17da0f5400228fba23cdeaf
GET /wp-content/uploads/et-fonts/TypeTrust-BreuerCondensed-Medium.otf HTTP/1.1
Host: notesfrompoland.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gucehooxyy.info
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: application/x-font-otf
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Fri, 04 Oct 2019 11:21:14 GMT
etag: W/"f0d8-59413e66cc8fe-gzip"
cache-control: max-age=14400
cf-cache-status: HIT
server: cloudflare
cf-ray: 87dbb1c9fbbc0b65-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/embed.runtime.134756fb68200110af56.js | 104.21.41.36 | 200 OK | 9.5 kB |
URL GET HTTP/3gucehooxyy.info/index_files/embed.runtime.134756fb68200110af56.js IP104.21.41.36:443
Requested byhttps://gucehooxyy.info/index_files/Tweet(1).html CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (10009), with no line terminators Hash9554040cebbde2a652f71fdc8127ca24 c23d39086803206d62837d31ebf3dabeaf08a5aa 29b97b7801202a9c3832f34443d3a5cb3cc67a8191201acb3d1662e0160a4358
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/embed.runtime.134756fb68200110af56.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/Tweet(1).html
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
last-modified: Thu, 02 May 2024 23:12:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aFa0%2Bgd0Uc3DMVSat4w7H9%2FqD7OBUJLU8pWqXyDXAZUI7t49%2BvS7JZiA%2FCzqdyJjgTfGSh2rVLh2We4PPCydvXWAd6UkxzgyM5bJb8%2B%2F%2BKWa565bAkqceylDSqnEHsuM6yQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1ccfe68712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/frontend.js | 104.21.41.36 | 200 OK | 917 B |
URL GET HTTP/3gucehooxyy.info/index_files/frontend.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (951), with no line terminators Hashec253f25da2d541bac0c5048eff23e6c 99defb3484ccd51156f193cb63c2480d8d879a12 051b26fea493b3b3901e37e732d9df7703672850425ee1beae91b6ff20a007c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/frontend.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
etag: W/"651d9ec0-395"
last-modified: Wed, 04 Oct 2023 17:20:00 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2Fmck6esv%2FJAE%2BThwSNGuEk%2BuEyxbRcGB9TEeYD0qtgFpXMXfIdeyvU9xuml%2FiExFqKsy7KxqBxk9svOwrVcKjINY%2Fqmqe3AU3%2F8vxIpT2PLAxSS2FpzkjAk9tR5sgZ%2FIKA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c379a3712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/saved_resource(3).html | 104.21.41.36 | 200 OK | 21 kB |
URL GET HTTP/3gucehooxyy.info/index_files/saved_resource(3).html IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/saved_resource(3).html HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
last-modified: Wed, 04 Oct 2023 17:20:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTNvzGE1vGpfsgHRphZLF61ATixJMcI9LFdy2Dk3L%2BUWQenjUUPUGKNYlURMsnWvQpDGBHoiSAdpQbnfkzghspJT75QZijbJ%2Fjl2yZ8DAtA0H%2FaQdIH6zbp%2BKdCH0KX6w%2BE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1c82c1f712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu0SC55K5gw.woff2 | 104.21.41.36 | 400 Bad Request | 150 B |
URL GET HTTP/3gucehooxyy.info/fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu0SC55K5gw.woff2 IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with no line terminators Hash5bee7066f7e028cf5cec82960f8d0afc 4c59ad33d9e44cdb9b700ca07618b679208dbe34 1396b26ec77778b85a2ebd96914f6788f28f0110e8939c540f1e041942abdbb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu0SC55K5gw.woff2 HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2BHowV52OY5XAoaaPjw3css9rncg8ebSFGoSsTdVUF8dZE2mouT%2Fh0fqhAQrAoqNefpiAViAyeoJKbN%2FFtodfHv3BLFUpDCYfiK9NOVpPEl%2BAzQUKKke5PePA14m%2B%2B3w6EM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c9fd03712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/scripts.min.js | 104.21.41.36 | 200 OK | 274 kB |
URL GET HTTP/3gucehooxyy.info/index_files/scripts.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65467) Size274 kB (274266 bytes) Hashd01712dc614e43de021a98920dfb7208 fd6bef0ce9eccf622cc89736a211f7585fa48074 124999106b36b91138193de6ae365bc2e97ec51e122e2f967318ce3d662b561b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/scripts.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pNxDnRDgBkO3XCk%2F8OdLoBfB6qxC%2FyrNE3mstsrbb44cgRUNogJZ0kiz8frDVwLVhBi8UlLbCaQboD8WddREBRecDIHxQljCYHOODwl7cSFtFOL89PijZ4e2SQ1kECu6MBo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3a9d4712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/wp-content/uploads/2019/10/tlo_stopka.svg | 104.21.41.36 | 400 Bad Request | 150 B |
URL GET HTTP/3gucehooxyy.info/wp-content/uploads/2019/10/tlo_stopka.svg IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with no line terminators Hash5bee7066f7e028cf5cec82960f8d0afc 4c59ad33d9e44cdb9b700ca07618b679208dbe34 1396b26ec77778b85a2ebd96914f6788f28f0110e8939c540f1e041942abdbb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2019/10/tlo_stopka.svg HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/index_files/et-divi-customizer-global.min.css
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 400 Bad Request
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HLJtoXJC77n8%2FHW77ISJ4VQBPrwhzfCUodqJnqX3ULsSF%2FFudhkpb3WUjqCqEy3h6i0KNo4lkt5zkONq82%2BYOnaTfv4N7YZAqsPvBbDiuxTIc27%2FR6PLM6Q%2F%2BUYUTAPR5us%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c87c3d712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/gtm.js | 104.21.41.36 | 200 OK | 184 kB |
URL GET HTTP/3gucehooxyy.info/index_files/gtm.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (3890) Size184 kB (184488 bytes) Hashc8547c78ca89d3334764527f75456f93 b3788b4d871880b8ab7a730bfd5125f04eaa3391 948870afc982e46bb44eee27fc793ef478b1a71e6a5b9e4c032515f4885edc03
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/gtm.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s6uRvw3qsuqkcNNfQ5M7dGm04d%2BmxOFtF2Q86SL1iws1yyWGT5WZmlRsb%2F%2Bu84CXdWcE%2FNlnVc%2Bnkx9Fw2vLrbAkhSIloUaiAbnvfN1g7jy8ZFjE%2Fxog51Cbt69dvpvciy4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c35988712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/hooks.min.js | 104.21.41.36 | 200 OK | 4.9 kB |
URL GET HTTP/3gucehooxyy.info/index_files/hooks.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (4987), with no line terminators Hashe444768b3714d28b26a18c3bec1bc79e d5fdbb62fa29e5e683a025c1ad9defb6ed8825cb f84cea9ee397e7d7c6a05e5a2700470a37b5e08cae8a16977f46a7f9a7192e51
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/hooks.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATRoeM2%2Fdj82VsKcw7W6MNddbHTk2cZ0wRUUGO%2BTuPPNhiNC3cYFZ0OWEAj5B7ryS5yw6U%2BPN75QO7gfjmdsVlH7P83FeeaI3q2WccNtcpO45VGpckfNANmIXOHFzF2Dvag%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c379a2712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/salvattore.js | 104.21.41.36 | 200 OK | 7.5 kB |
URL GET HTTP/3gucehooxyy.info/index_files/salvattore.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (7641), with no line terminators Hash3cdcc240f3d039b4fc41c3e42b58473e 331baee986d43c065f50f873dfca31941a291d47 e7145459fe5b16559216f38a21c5e892ff04054f62578c3836d70150d185363f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/salvattore.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eGFL0f9ZP4PCxIjA%2BfkMrWAmtkdq9WGSq%2FfX4yn3%2FSC1gzU76Wq8U4m%2BYf8QJIDMkYDCZJT1%2F%2BqUcP6y595xmvliaVsLnx4o2ugM1OjvSLrTHNnbpIy8%2FpIOX4odP9BZzDs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3b9e6712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/saved_resource(4).html | 104.21.41.36 | 200 OK | 1.1 kB |
URL GET HTTP/3gucehooxyy.info/index_files/saved_resource(4).html IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with very long lines (1125), with no line terminators Hashb537c81ad6687b7b5f3c84fe66530c8e 00fe645b5415fed941cef5c0bcc89e26dd49be23 6b9fee63bf37460f08cbdb51c6c032dd81be5ba9d009d30ee467a3ae0d968e61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/saved_resource(4).html HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
last-modified: Wed, 04 Oct 2023 17:20:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRaQbCuThVpeAdcht2uPcyan2NrAMeXHTr2GlM3CHxdnhvC%2Fy2IqC53kqwGoYTgoUhJJ2L9aO7fgND%2BBVf%2B%2F7quOoovI6Y8YVFBb7iMbn%2Fa7yZBLt7NrPJA31wUMX7POU70%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1cabd6c712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/style.min.css | 104.21.41.36 | 200 OK | 98 kB |
URL GET HTTP/3gucehooxyy.info/index_files/style.min.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/style.min.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJHzuvHeb4UGhBgsollZYIqD28epTo43c%2B%2BQ5R7AM7GS4JrH51HfYA2UUbtPluKsY7U2XglfUfyg8XFFbvZzvOu1NNxfz9%2FX9vfEU2ieb1nEMcFVHSh12X1qHKDSw7etaow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c35989712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/saved_resource(2).html | 104.21.41.36 | 200 OK | 21 kB |
URL GET HTTP/3gucehooxyy.info/index_files/saved_resource(2).html IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeHTML document, ASCII text, with very long lines (6939) Hash9fefc9df71bf81bdb11f0424527fb75f e40bac0b159e23d2f25c010f03440e1a0cf00652 a7493945c5a5cece0bd12b654979c861f5402711eb461aa50db6d03c775ad119
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/saved_resource(2).html HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:09 GMT
content-type: text/html
last-modified: Wed, 04 Oct 2023 17:20:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iiew7IuUvAtp7VnDyj6v9ni52iJgfSEsUI%2Fyewy7nxXiA%2F58s9Cog2mlikND7RvzmThCVEha%2FkdzqGjzkEAbJ4l1K12ZJ1DQejSCK25x%2B2I0eFGmAmpEpDtSSO%2Fz17Ed2rE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87dbb1c81c19712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/shortcodes-legacy.css | 104.21.41.36 | 200 OK | 32 kB |
URL GET HTTP/3gucehooxyy.info/index_files/shortcodes-legacy.css IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeASCII text, with very long lines (32355), with no line terminators Hashe1b91898f4007a88806f4e3830c54f31 dabdd5e84d628a8c741b9e31559c8333a394b183 29be2208beeaaee76a8a54ebb2c416c220991d7b0775daa124d185e0f7ccae11
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/shortcodes-legacy.css HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: text/css
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2wXO76eEZzImcDy4FvZxgp%2BCHSy495pMX2F5d%2Fp9Z%2FRA5pIQhe4gx1FD5VPpBm5OTDIblqs7ltyHcLsiaMvOpDNcesjFnQZpQqWkOses8z5820OSJGC1HeyJ9%2BZHaj2Q50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c399c3712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/jquery.fitvids.js | 104.21.41.36 | 200 OK | 2.5 kB |
URL GET HTTP/3gucehooxyy.info/index_files/jquery.fitvids.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (2496), with no line terminators Hash7fbbfde79a0aa6f5de9dc9b50d62f065 001f7d990b471412f4dad700642de02ad5cf6c77 f47cd41a6e4435d3a6dd2dedd67ef26c200279e0c57673a961e12895f1bfdfc7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/jquery.fitvids.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTdj3ZEnAIsVJQE7ifeQSLvYBf8VldhNHDqNNlI1s%2FrWoL2owlMsLdlsoi%2FwxqsFjtH0VQ%2BDdccbKueRc45vKPpus1vwHJRCKGlfaeXPIsXJvBgwsSAva7Gbe3b%2BS1uyq6s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3a9d5712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gucehooxyy.info/index_files/smush-lazy-load.min.js | 104.21.41.36 | 200 OK | 7.9 kB |
URL GET HTTP/3gucehooxyy.info/index_files/smush-lazy-load.min.js IP104.21.41.36:443
CertificateIssuerGoogle Trust Services LLC Subjectgucehooxyy.info Fingerprint3F:62:59:5E:E0:DB:49:8E:BD:87:5B:8A:00:75:17:B0:BA:44:D6:DF ValiditySun, 31 Mar 2024 23:45:21 GMT - Sat, 29 Jun 2024 23:45:20 GMT
File typeJavaScript source, ASCII text, with very long lines (8105), with no line terminators Hashd538ea2414d22ae85dd94d028e1d62d5 6d75e948c4aca1ec2f1fc92bc58210a5c143bfc0 6b60650614a36234cad03bea36b82d6ca5118a3d5d9efe6cc4389b5ad64a1b84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index_files/smush-lazy-load.min.js HTTP/1.1
Host: gucehooxyy.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gucehooxyy.info/
Cookie: PHPSESSID=87106d6734c80004c334fe3d949ea953
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 02 May 2024 23:12:08 GMT
content-type: application/javascript
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 02 May 2024 23:12:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gk6AG%2FRaoOXjXENmqopokJo0HmEe5ylPSia6ZNvI%2F%2BEoIREwcYgvOw2a0ddf92FQbv6YW9nzdT5R27sjm4L8ec8Pv5FcKPRg%2BX7xdh6F0TYJtCRvEeI%2FXiRIctZMZ2zGHME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87dbb1c3b9da712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|