| gleedral.net/progress-bar.gif | 104.21.9.148 | | 7.6 kB |
URL gleedral.net/progress-bar.gif IP104.21.9.148:0
File typeGIF image data, version 89a, 208 x 13 Hashfe189f28a4a797c68328a9b0d61292f1 228bc17e9fa760383b5f15ee0229347a1de0f32a 6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
GET /progress-bar.gif HTTP/1.1
Host: gleedral.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gleedral.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 22:04:23 GMT
content-type: image/gif
content-length: 7591
last-modified: Fri, 24 Jun 2022 14:46:47 GMT
etag: "62b5ce57-1da7"
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oboYGQfgekutbijTw8Q8qV%2FCUJo4V1ee%2BbfDhOGgN27If8jWTal92oGz9OgCt67fwocfJcQlmunUPeZJXnj4MFLkVf0e%2B%2FYqy9aBR%2BlHkkFwT6KU5dQ0ByvQb21NE4A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d311299ceeb523-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js | 151.101.65.229 | | 94 kB |
URL cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js IP151.101.65.229:0
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (558) Hashff44eca909a3fc83df151b55703f2968 5134f0811d9fdee9dcff3a3dba0ef851865e3718 5f864c0d17f3953492f7740b9cfc7fb20f5ee2d7d8a405e590296b93b6e79ff2
GET /npm/yandex-metrica-watch/tag.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gleedral.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.324.0
x-jsd-version-type: version
etag: W/"382ea-UTTwgR2f3unc/zo9ug74UYZeNxg"
content-encoding: br
accept-ranges: bytes
date: Wed, 01 May 2024 22:04:24 GMT
age: 1799
x-served-by: cache-fra-eddf8230100-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 94379
X-Firefox-Spdy: h2
|
|
| gleedral.net/skin.min.js | 104.21.9.148 | 200 OK | 7.2 kB |
IP104.21.9.148:443
Requested byhttps://gleedral.net/skin.html CertificateIssuerLet's Encrypt Subjectgleedral.net FingerprintAE:6A:0C:21:54:78:92:CA:6C:74:97:9A:16:12:C3:95:62:8C:A4:A2 ValiditySun, 17 Mar 2024 09:06:14 GMT - Sat, 15 Jun 2024 09:06:13 GMT
File typeJavaScript source, ASCII text, with very long lines (27976), with no line terminators Hash1eb8f98475d92b60e1ad9e9f743b8b81 f0c7e7022656210ecc47557f1dc78020ab7b4837 2850867d45189af6747c0e88fcf55922006b36e447035be87adf4df1046a064d
GET /skin.min.js HTTP/1.1
Host: gleedral.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gleedral.net/skin.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 22:04:24 GMT
content-type: application/javascript
last-modified: Fri, 24 Jun 2022 14:46:47 GMT
etag: W/"62b5ce57-6d48"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bKgOS9vxMHWV2DBuV%2FBx4RVfpHDRipRaSmLobOwiJd7fys0GzlMw4dxCB6Vk68ddjRyfAfokru%2B5XVpidK1RAj3TtD4TAX7Pebe3lxccCmHEMrcc%2FOXfJ2xi41Qaj4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3112b5e80b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| propeller-tracking.com/fv.js?t=71022&cb=171168 | 139.45.197.240 | 200 OK | 2.2 kB |
URL GET HTTP/2propeller-tracking.com/fv.js?t=71022&cb=171168 IP139.45.197.240:443
CertificateIssuerLet's Encrypt Subjectpropeller-tracking.com FingerprintE9:6D:47:8D:D7:ED:93:D6:0A:E4:03:75:35:2C:4D:3F:43:DA:7A:06 ValidityWed, 27 Mar 2024 21:27:31 GMT - Tue, 25 Jun 2024 21:27:30 GMT
File typeJavaScript source, ASCII text, with very long lines (5213), with no line terminators Hash563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a
GET /fv.js?t=71022&cb=171168 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gleedral.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 22:04:24 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| interbuzznews.com/?jsdict=28968&language=en | 139.45.197.154 | | 183 B |
URL interbuzznews.com/?jsdict=28968&language=en IP139.45.197.154:0
Hashb7741b466e135024e58aebdf5ed6f3f6 0ff1765678fb8e3a0cc1982a73498545164334c5 86036463d20ebe3304ba0c57430a64de5df1d0f0ada3f0b9525d902bc616e507
GET /?jsdict=28968&language=en HTTP/1.1
Host: interbuzznews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gleedral.net/
Origin: https://gleedral.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 22:04:24 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vbl?t=71022&bid=undefined&aid=undefined | 139.45.197.236 | 204 No Content | 0 B |
URL POST HTTP/2unphionetor.com/vbl?t=71022&bid=undefined&aid=undefined IP139.45.197.236:443
CertificateIssuerLet's Encrypt Subjectunphionetor.com FingerprintA5:31:60:9F:97:20:7B:DF:7C:64:F7:B8:5F:FA:A9:13:C8:A3:62:40 ValiditySat, 20 Apr 2024 18:44:18 GMT - Fri, 19 Jul 2024 18:44:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /vbl?t=71022&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gleedral.net
DNT: 1
Connection: keep-alive
Referer: https://gleedral.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 01 May 2024 22:04:25 GMT
access-control-allow-origin: https://gleedral.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vbl?t=97012&bid=undefined&aid=undefined | 139.45.197.236 | | 0 B |
URL unphionetor.com/vbl?t=97012&bid=undefined&aid=undefined IP139.45.197.236:0
CertificateIssuerLet's Encrypt Subjectunphionetor.com FingerprintA5:31:60:9F:97:20:7B:DF:7C:64:F7:B8:5F:FA:A9:13:C8:A3:62:40 ValiditySat, 20 Apr 2024 18:44:18 GMT - Fri, 19 Jul 2024 18:44:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /vbl?t=97012&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gleedral.net
DNT: 1
Connection: keep-alive
Referer: https://gleedral.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 01 May 2024 22:04:25 GMT
access-control-allow-origin: https://gleedral.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| mc.webvisor.org/watch/67238875?wmode=7&page-url=https%3A%2F%2Fgleedral.net%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rxdnnjvl5wkfze2i1r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1320%3Acn%3A1%3Adp%3A0%3Als%3A203011867188%3Ahid%3A527971608%3Az%3A0%3Ai%3A20240501220424%3Aet%3A1714601065%3Ac%3A1%3Arn%3A1053841932%3Arqn%3A1%3Au%3A1714601065178701209%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A715%3Awv%3A2%3Ads%3A1%2C44%2C117%2C0%2C56%2C0%2C%2C461%2C6%2C918%2C918%2C4%2C726%3Aco%3A0%3Acpf%3A1%3Ans%3A1714601063229%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1714601065%3At%3ANotification&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21038592)aw(1)rcm(1)cdl(na)fip(1)ti(1) | 87.250.251.119 | | 448 B |
URL mc.webvisor.org/watch/67238875?wmode=7&page-url=https%3A%2F%2Fgleedral.net%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rxdnnjvl5wkfze2i1r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1320%3Acn%3A1%3Adp%3A0%3Als%3A203011867188%3Ahid%3A527971608%3Az%3A0%3Ai%3A20240501220424%3Aet%3A1714601065%3Ac%3A1%3Arn%3A1053841932%3Arqn%3A1%3Au%3A1714601065178701209%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A715%3Awv%3A2%3Ads%3A1%2C44%2C117%2C0%2C56%2C0%2C%2C461%2C6%2C918%2C918%2C4%2C726%3Aco%3A0%3Acpf%3A1%3Ans%3A1714601063229%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1714601065%3At%3ANotification&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21038592)aw(1)rcm(1)cdl(na)fip(1)ti(1) IP87.250.251.119:0
Hashb2ca79afcaef14cb400d5b28e8396e76 10e1e5109fcf9c2b41638b9fa60aa7df6a2e359d 1daddcbc5797aa9f8403484cf16c90830f6150f2ae396b1ee69780ca50b4e715
GET /watch/67238875?wmode=7&page-url=https%3A%2F%2Fgleedral.net%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rxdnnjvl5wkfze2i1r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1320%3Acn%3A1%3Adp%3A0%3Als%3A203011867188%3Ahid%3A527971608%3Az%3A0%3Ai%3A20240501220424%3Aet%3A1714601065%3Ac%3A1%3Arn%3A1053841932%3Arqn%3A1%3Au%3A1714601065178701209%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A715%3Awv%3A2%3Ads%3A1%2C44%2C117%2C0%2C56%2C0%2C%2C461%2C6%2C918%2C918%2C4%2C726%3Aco%3A0%3Acpf%3A1%3Ans%3A1714601063229%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1714601065%3At%3ANotification&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21038592)aw(1)rcm(1)cdl(na)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gleedral.net/
Origin: https://gleedral.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: /watch/67238875/1?wmode=7&page-url=https%3A%2F%2Fgleedral.net%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Adgbrch0rxdnnjvl5wkfze2i1r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1320%3Acn%3A1%3Adp%3A0%3Als%3A203011867188%3Ahid%3A527971608%3Az%3A0%3Ai%3A20240501220424%3Aet%3A1714601065%3Ac%3A1%3Arn%3A1053841932%3Arqn%3A1%3Au%3A1714601065178701209%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Afp%3A715%3Awv%3A2%3Ads%3A1%2C44%2C117%2C0%2C56%2C0%2C%2C461%2C6%2C918%2C918%2C4%2C726%3Aco%3A0%3Acpf%3A1%3Ans%3A1714601063229%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-4335742423629acc806791d3e9f585f3-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1714601065%3At%3ANotification&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821038592%29aw%281%29rcm%281%29cdl%28na%29fip%281%29ti%281%29&redirnss=1
date: Wed, 01 May 2024 22:04:24 GMT
access-control-allow-origin: https://gleedral.net
set-cookie: yabs-sid=1841863931714601064; Path=/; SameSite=None; Secure
i=NmP67EZnbw/NANrGRKqtVnZSo4kir9n9C7zeW1vaOx9fR+ZBBIt14nqZZabr8HLOh2LXT1N3n4vFivl/Xzp7TaSmkOM=; Expires=Sat, 29-Apr-2034 22:04:19 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=8925298081714601064; Expires=Sat, 29-Apr-2034 22:04:19 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=8925298081714601064; Expires=Thu, 01-May-2025 22:04:24 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1746137064.yrts.1714601064#1746137064.yrtsi.1714601064; Expires=Thu, 01-May-2025 22:04:24 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 01-May-2024 22:04:24 GMT
last-modified: Wed, 01-May-2024 22:04:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| gleedral.net/micro.tag.min.js?z=4439206&ymid=null&var=null&sw=/4439206.js&cdn=1&domain=ugyplysh.com | 104.21.9.148 | 200 OK | 42 kB |
URL GET HTTP/3gleedral.net/micro.tag.min.js?z=4439206&ymid=null&var=null&sw=/4439206.js&cdn=1&domain=ugyplysh.com IP104.21.9.148:443
CertificateIssuerLet's Encrypt Subjectgleedral.net FingerprintAE:6A:0C:21:54:78:92:CA:6C:74:97:9A:16:12:C3:95:62:8C:A4:A2 ValiditySun, 17 Mar 2024 09:06:14 GMT - Sat, 15 Jun 2024 09:06:13 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashfc483aca498c57c6454d59a9e10c9e17 414e63cfc82565760382f99e201c8a334c2f713e 09e6445c8e2b23cbb4e7dd2dbc6ce79ca733f87ee708ce1756471bc637a6d8f3
Analyzer | Verdict | Alert | Public Nextron YARA rules | malware | Code and strings of plugins from the Tetris framework loaded by Swid |
GET /micro.tag.min.js?z=4439206&ymid=null&var=null&sw=/4439206.js&cdn=1&domain=ugyplysh.com HTTP/1.1
Host: gleedral.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gleedral.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 May 2024 22:04:24 GMT
content-type: application/javascript
last-modified: Fri, 24 Jun 2022 14:46:47 GMT
etag: W/"62b5ce57-2174a"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=enKEPRdlVy3FQgTni%2FvKZ2vy38T8gue6o6ONfdmTnGs23M7SYSMgX8j9Z1ec0npbHAG7uTAAjB2daPgxHR6of0rl0rNMdUttJkq57nwHbKibgU64wYKvLQJoVGm097Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d3112b7eb2b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gleedral.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 104.21.9.148 | 200 OK | 12 kB |
URL GET HTTP/3gleedral.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP104.21.9.148:443
CertificateIssuerLet's Encrypt Subjectgleedral.net FingerprintAE:6A:0C:21:54:78:92:CA:6C:74:97:9A:16:12:C3:95:62:8C:A4:A2 ValiditySun, 17 Mar 2024 09:06:14 GMT - Sat, 15 Jun 2024 09:06:13 GMT
File typeJavaScript source, ASCII text, with very long lines (12331) Hash88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: gleedral.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gleedral.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 22:04:23 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: W/"66310c39-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbFerELtBdjaq3YH643BzgRLSRoQ2OHbEB%2B554buOUn6PzT7EHhXLbFkljKvuBSpbmmfqJZA%2FMAkvTijK0qV1GrA9DzsyTZlz0%2F05TzisZKj4jB%2Bc6W1EmnvKDpkt6E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d311299cefb523-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 03 May 2024 22:04:23 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| gleedral.net/dist.min.js | 104.21.9.148 | 200 OK | 5.1 kB |
IP104.21.9.148:443
CertificateIssuerLet's Encrypt Subjectgleedral.net FingerprintAE:6A:0C:21:54:78:92:CA:6C:74:97:9A:16:12:C3:95:62:8C:A4:A2 ValiditySun, 17 Mar 2024 09:06:14 GMT - Sat, 15 Jun 2024 09:06:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5178), with no line terminators Hash277afa58a975ab3cf6b3c3a35b75d9e9 6a2f80e19802bbc6196bb84f246af1a0e02bcf31 50e9724d82f659d7e9d10e6a6f8dd830ba5efcbde4d28ffd10e0197a1f9c43c8
GET /dist.min.js HTTP/1.1
Host: gleedral.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gleedral.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 May 2024 22:04:24 GMT
content-type: application/javascript
last-modified: Fri, 24 Jun 2022 14:46:47 GMT
etag: W/"62b5ce57-13d1"
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gCj7SvcZNJ8NVXwxFjjQWaWXSpF6pJ6IFTXhOCL21daBHeC1KyjQrcA77dQYJVjSS8g12B5WZ4TyG36nvfLsvOF2jwAt8%2Bv1JaLjipKnlEIhETY%2FfuyppPOtTgPzdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d31129fd39b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| propeller-tracking.com/fv.js?t=97012 | 139.45.197.240 | 200 OK | 5.2 kB |
URL GET HTTP/2propeller-tracking.com/fv.js?t=97012 IP139.45.197.240:443
Requested byhttps://gleedral.net/skin.html CertificateIssuerLet's Encrypt Subjectpropeller-tracking.com FingerprintE9:6D:47:8D:D7:ED:93:D6:0A:E4:03:75:35:2C:4D:3F:43:DA:7A:06 ValidityWed, 27 Mar 2024 21:27:31 GMT - Tue, 25 Jun 2024 21:27:30 GMT
File typeJavaScript source, ASCII text, with very long lines (5331), with no line terminators Hash061bf31ab8394112d1dffdd5ec872c2a f87a9877e0b08b1ddcc15351cee29a4d8ba34315 b24829831c07c3a35bc35c242324c3ee90c151e4e53de8e28f579e4161819414
GET /fv.js?t=97012 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gleedral.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 22:04:24 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| unphionetor.com/vctx?t=97012 | 139.45.197.236 | 204 No Content | 0 B |
URL GET HTTP/2unphionetor.com/vctx?t=97012 IP139.45.197.236:443
Requested byhttps://gleedral.net/skin.html CertificateIssuerLet's Encrypt Subjectunphionetor.com FingerprintA5:31:60:9F:97:20:7B:DF:7C:64:F7:B8:5F:FA:A9:13:C8:A3:62:40 ValiditySat, 20 Apr 2024 18:44:18 GMT - Fri, 19 Jul 2024 18:44:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vctx?t=97012 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gleedral.net
DNT: 1
Connection: keep-alive
Referer: https://gleedral.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Wed, 01 May 2024 22:04:24 GMT
access-control-allow-origin: https://gleedral.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|