| cerfoben.xyz/1/src/images/logo.png | 45.141.156.111 | 200 OK | 10 kB |
URL GET HTTP/2cerfoben.xyz/1/src/images/logo.png IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typePNG image data, 200 x 52, 8-bit/color RGBA, non-interlaced Hash091c90c4476a57c0ddaf5a0c0a28925a 8c92fa755f306ffb916dbc3e991b0057fa1a2b1d c017c2f665768f7a39ff4e2a2dcc17f8f80870e85fe9c0fafe397dc99fbc173d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/logo.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 10480
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-28f0"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/images/icon.png | 45.141.156.111 | 200 OK | 12 kB |
URL GET HTTP/2cerfoben.xyz/1/src/images/icon.png IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typePNG image data, 100 x 93, 8-bit/color RGBA, non-interlaced Hash52fece9e01ad7fdbdea864d7092fd592 1a63089799dccbfdb0a8340dd6212c8f2b437973 b22521c678565b857620062908125f70c4e25b31ecfdcaed6ae0335b3655a062
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/icon.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 12360
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-3048"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/images/icon_1.png | 45.141.156.111 | 200 OK | 1.1 kB |
URL GET HTTP/2cerfoben.xyz/1/src/images/icon_1.png IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hashd4d69630de198f952456bd95946cff99 63666fc0c400af0789069bcf8fb5ec3092e3c7b5 3bc79b2b43c6496e7be7ea2cc22838c9e14bd7d4ab27d049d8a01a6423607e87
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/icon_1.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 1137
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-471"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/images/icon_2.png | 45.141.156.111 | 200 OK | 2.4 kB |
URL GET HTTP/2cerfoben.xyz/1/src/images/icon_2.png IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typePNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced Hashfd22397dfe5d6d7349164ce82847fd53 dcc678c0c3c6d91d88b021081f280377fa65ee01 3c6902c5acb08e21fef1afb46bcf770245b6b942f0613d8063a5032065c4d317
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/icon_2.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 2431
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-97f"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js | 142.250.74.170 | 200 OK | 31 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP142.250.74.170:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 09:56:44 GMT
expires: Wed, 23 Apr 2025 09:56:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 81972
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/images/together.png | 45.141.156.111 | 200 OK | 10 kB |
URL GET HTTP/2cerfoben.xyz/1/src/images/together.png IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typePNG image data, 200 x 52, 8-bit/color RGBA, non-interlaced Hashd118bdbda92da73610b55b0c4a106703 a13b7367ed0e4ef481961e0f008cd566e1c6384a 81f7be75fe38bfde828e7d07d9bec3e71fbba6051aec121d394dd126d5947381
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/together.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 10446
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-28ce"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/images/atten.png | 45.141.156.111 | 200 OK | 2.5 kB |
URL GET HTTP/2cerfoben.xyz/1/src/images/atten.png IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typePNG image data, 100 x 89, 8-bit/color RGBA, non-interlaced Hash73ee5f5a65419cdae683e3ce557667c5 c63479fd67f9bcf0ff867e518ed12dbb223929fb beaf85377ddd403e8beb6772e27ef87608e0da79d09e3080798c339d9b822135
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/atten.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 2453
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
etag: "65d7bdd6-995"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/images/icon_3.png | 45.141.156.111 | 200 OK | 1.0 kB |
URL GET HTTP/2cerfoben.xyz/1/src/images/icon_3.png IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typePNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced Hash118f0c5583f13e7f2e42ac3c34d54a4a aca14f746b4889df053494c8fa043f8a4b22a511 746872277e95c813f0720fb138d445af664d09b0e9968bb2dfc453a4f30f75da
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/icon_3.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 1010
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-3f2"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/images/icon_4.png | 45.141.156.111 | 200 OK | 1.3 kB |
URL GET HTTP/2cerfoben.xyz/1/src/images/icon_4.png IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typePNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced Hashd4ce6e3f44d5ddcc50f3f1e88107b886 1b1969cff7e88bce4b1196551d6a44bef0ef6dcf 2d21436c30be8369abd4dcbf6b26d1c5d9db2f039c398d5c8aeba3db93d7d7a5
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/icon_4.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 1288
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-508"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/images/action_1.gif | 45.141.156.111 | 200 OK | 1.1 kB |
URL GET HTTP/2cerfoben.xyz/1/src/images/action_1.gif IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typeGIF image data, version 89a, 16 x 16 Hash43a246e3403a1f973bf654aeb9577c96 0f8f2ce4658de33a21c569ad1eff628234a1ece1 08c54845cddc1d149dfcc2ec4c1cb554cdc618eaef67d7fb809540ac70f5df53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/action_1.gif HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/gif
content-length: 1125
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
etag: "65d7bdd6-465"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/images/action_2.gif | 45.141.156.111 | 200 OK | 377 B |
URL GET HTTP/2cerfoben.xyz/1/src/images/action_2.gif IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typeGIF image data, version 89a, 16 x 16 Hashc10bdec858cb0cf9e6cc5865d5925746 697c095ed5509e5a5af0c5ebf2380662aeffc531 b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/action_2.gif HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/gif
content-length: 377
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
etag: "65d7bdd6-179"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/images/action_3.gif | 45.141.156.111 | 200 OK | 234 B |
URL GET HTTP/2cerfoben.xyz/1/src/images/action_3.gif IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typeGIF image data, version 89a, 16 x 16 Hash9ce99ec458daf212f9812a90f3fadd13 9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1 b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/action_3.gif HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/gif
content-length: 234
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
etag: "65d7bdd6-ea"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/styles/default.css | 45.141.156.111 | 200 OK | 2.9 kB |
URL GET HTTP/2cerfoben.xyz/1/src/styles/default.css IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typegzip compressed data, from Unix Hash118a7e5071db3a28b54a8414ce92cf85 df837ff6025281b8b66da65e562c59d0696f2d61 0262581edd4b920ca644b801e0b2c56d2f2d903b8e950e6c731e8c36127ce210
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1/src/styles/default.css HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: text/css
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
vary: Accept-Encoding
etag: W/"65d7bdd6-2574"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 540477
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 540477
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 540477
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 540477
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| threatdetect.org/fonts/?font=aHR0cHM6Ly9jZXJmb2Jlbi54eXovMS83Lmh0bWw= | 172.67.177.232 | 200 OK | 12 kB |
URL GET HTTP/2threatdetect.org/fonts/?font=aHR0cHM6Ly9jZXJmb2Jlbi54eXovMS83Lmh0bWw= IP172.67.177.232:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subjectthreatdetect.org FingerprintF6:23:B8:9E:08:03:83:36:F4:82:1C:31:29:E6:F5:FC:ED:66:02:14 ValidityThu, 18 Apr 2024 10:28:31 GMT - Wed, 17 Jul 2024 10:28:30 GMT
Hashe3011bd17ad8adb495fe66782d6f4001 a07d01543de2b118c64b1faf8b173ba18d5d0a7f 2699e5491e9fb3ff610533b80b2d8b0174e87a55ff05f08704705e75fd496201
GET /fonts/?font=aHR0cHM6Ly9jZXJmb2Jlbi54eXovMS83Lmh0bWw= HTTP/1.1
Host: threatdetect.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:42:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5F0OAKvdbnhz7sLjTzvzqtB44OQFhseSYeZQNBQyVza5MkQ0P9cOW6QNynqQna9f2Sg39effShcyLaOoV26fMtMQmcGcN1UaabOLj0avb%2BgXs5BhU1hsnrX8%2Bt0uRDS5%2FCjp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794cd8b0922569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css | 104.21.27.152 | 200 OK | 84 kB |
URL GET HTTP/2use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css IP104.21.27.152:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (30343) Hash36082410df2ef7f83932219089dc1443 7961402d7d01e19387fe609a38454b0bc8c6cca4 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
GET /releases/v4.7.0/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/f182237388.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:42:57 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"36082410df2ef7f83932219089dc1443"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2505115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twTMOur2s76uiZacTG4B8ZlLYqBEQSRKeWh%2BQzwT%2BbwA5Al4ljiFR%2FSx58YgyTeOkPPsjktjpMReXBvH6eYlRHW4y5wOZyDjqyNXutlU6xw0Z7CEEUSmnhG2qCWmjevoHju0oyw8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794cd8b6e010afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| translate.google.com/translate_a/element.js?cb=googleTranslateElementInit | 142.250.74.142 | 200 OK | 32 kB |
URL GET HTTP/2translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP142.250.74.142:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typegzip compressed data, max compression Hashef3262eac29d12e158328a9fe660d255 50e9380c6c1c030e4b8527a0ea98171800642215 df1b20b879d09cd387b22322c6288db99bed7c76aa751a3869394710140b741f
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 08:42:57 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css | 142.250.74.35 | 200 OK | 4.0 kB |
URL GET HTTP/2www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css IP142.250.74.35:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeASCII text, with very long lines (20367), with no line terminators Hash72d3a735ccca1027f6b3afba2c93e3a7 67f8eff8d17334c59c28fc1753bf451527c7490d c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1
GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:44:30 GMT
expires: Fri, 18 Apr 2025 02:44:30 GMT
cache-control: public, max-age=31536000
age: 539907
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main | 142.250.74.106 | 200 OK | 73 kB |
URL GET HTTP/3translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main IP142.250.74.106:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (2308) Hashb78a598053844b5ae2d3c1d98851d54a f75001b57e8d501345f9f6a24bb05b4da381022d c1e457211fafb84677e66e20fa411e5d6875dfced5e2e8727615589aa3434d02
GET /_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 73076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 17:35:04 GMT
expires: Wed, 23 Apr 2025 17:35:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:10:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg | 216.58.207.227 | 200 OK | 3.3 kB |
URL GET HTTP/3fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg IP216.58.207.227:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeSVG Scalable Vector Graphics image Hash2bd5c073a88b83ed74db88282a56ddfb d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650 ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 18:58:28 GMT
expires: Mon, 21 Apr 2025 18:58:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 222269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/images/branding/product/2x/translate_24dp.png | 142.250.74.35 | 200 OK | 1.8 kB |
URL GET HTTP/3www.gstatic.com/images/branding/product/2x/translate_24dp.png IP142.250.74.35:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashc69c796362406f9e11c7f4bf5bb628da e489ce95ab56208090868882113d7416abf46775 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 20:51:29 GMT
expires: Wed, 23 Apr 2025 20:51:29 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 42688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback | 142.250.74.106 | | 1.4 kB |
URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP142.250.74.106:0
Hasha3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 24 Apr 2024 08:42:58 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=513=PYlEx4RmWuGz34gPNfsDcQtxZnuGKNFbxJ4Xa-iGuoI1--OnaA5eYrgBZ4_tzIv4OYkX62DFwaWAz-hZXGrDEXGjYUghSdRIw7TNw0ozJpHKq6NTIR_AXkmdVHdKqDpip946JYi0OXg9nTf4e9pYX0SV1AnaNz0eEoYfLHWMVHs; expires=Thu, 24-Oct-2024 08:42:58 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Wed, 24 Apr 2024 08:42:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap | 142.250.74.106 | 200 OK | 10 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap IP142.250.74.106:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash436785b99c2c2813bdecf4bf6a18016b 6516d58ec9bcd4c5f2f33889f4fe37a02306c581 fc32ec2258477241513378cbd3fe796f4123d1e94fd1ea5343be06136f2b0f89
GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 08:42:56 GMT
date: Wed, 24 Apr 2024 08:42:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.106 | 200 OK | 0 B |
URL POST HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.106:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://cerfoben.xyz/
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://cerfoben.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 24 Apr 2024 08:43:07 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 | 142.250.74.106 | 200 OK | 131 B |
URL POST HTTP/3translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0 IP142.250.74.106:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hashca0b7e866005f6774d284b9f438ebfd2 53644f5ee3640189bdb223473ba6a2d46606c556 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cerfoben.xyz/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1178
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://cerfoben.xyz
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Wed, 24 Apr 2024 08:43:08 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cerfoben.xyz/1/src/script/myjs.js | 45.141.156.111 | 200 OK | 28 kB |
URL GET HTTP/2cerfoben.xyz/1/src/script/myjs.js IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1/src/script/myjs.js HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
vary: Accept-Encoding
etag: W/"65d7bdd6-6e8e"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/f182237388.css | 104.21.27.152 | 200 OK | 1.0 kB |
URL GET HTTP/2use.fontawesome.com/f182237388.css IP104.21.27.152:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (1054), with no line terminators Hash38ab6981f2d275f63d6a5e13e551e2ae fed5822d1194a5965a5012005fa4dafd5be9ae2e b029b512b28b1f42efe25a07a756b0d6bd97a071e0845129c8fae7fe288c18a8
GET /f182237388.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:42:57 GMT
content-type: text/css
etag: W/"c34c69a9993e345a33d3899b6f063f04"
last-modified: Fri, 22 Sep 2023 01:40:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 6428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NzjBFh3T0mXNizJPLiyQUDEh81zDTJYgPQ%2B2L9NdzxyNei08OtRQb%2FvBvhq0Nd2ELhT%2BDBmDSh3p6Pg3Y%2FeFjw59CMhC7DQa8gI6VvIhglnLi9SHaIYm1gfK7TYuQKrXtGw7n4dy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794cd8adda50afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/script/smart.js | 45.141.156.111 | 200 OK | 2.2 kB |
URL GET HTTP/2cerfoben.xyz/1/src/script/smart.js IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typeJavaScript source, ASCII text, with very long lines (2304), with no line terminators Hash79218c8e4d6b9589da61b4daddd1d721 c8bdf2b44db9327ac24f0d02e2aa0bfc69097ab5 db4e31aaf6f2022d9cd8c052537ee237b0b69cd49ab27d6d29913bf401b1ea5a
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /1/src/script/smart.js HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
vary: Accept-Encoding
etag: W/"65d7bdd6-896"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/script/lang.js | 45.141.156.111 | 200 OK | 1.2 kB |
URL GET HTTP/2cerfoben.xyz/1/src/script/lang.js IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typeJavaScript source, ASCII text, with very long lines (1223), with no line terminators Hash00d68d5fcbe959205761ae2eb92bda5a e70670eba70fd9428d8ee7d8acacea623bd72d4f 994454fb2f960994c4f0721e63734138eb06498b18f1236e39d4c66de579b054
Analyzer | Verdict | Alert | urlquery | scam | Scam - Fake AntiVirus / Security software | Quad9 DNS | malicious | Sinkholed |
GET /1/src/script/lang.js HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
vary: Accept-Encoding
etag: W/"65d7bdd6-485"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cerfoben.xyz/1/src/images/favicon.png | 45.141.156.111 | 200 OK | 12 kB |
URL GET HTTP/2cerfoben.xyz/1/src/images/favicon.png IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typePNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced Hasha8bcc7014fe22c103dab669d3965e0da a0112cc92a8581d13108f5dabe4da78e278d7504 3e69c9d5ec6baf33f208f71e44814f58f8b85d903c7988d1074895e63fd3b2a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1/src/images/favicon.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Cookie: GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:57 GMT
content-type: image/png
content-length: 12373
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-3055"
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| | 45.141.156.111 | 200 OK | 15 kB |
URL User Request GET HTTP/2IP45.141.156.111:443 ASN#206776 Ophidian Network Limited
CertificateIssuerLet's Encrypt Subjectcerfoben.xyz FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5 ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashc6ccdd4d37f89172683c464c14796cb4 62dc901e955418a67bcce640fc93b8579bd68862 00aa0db73faa2b6ddfd0aee7a9c9ca7d05c687448b5f1ecf1c94919d945c961e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1/7.html HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: text/html
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
vary: Accept-Encoding
etag: W/"65d7bdd6-3abc"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/f182237388.js | 104.21.27.152 | 200 OK | 9.5 kB |
URL GET HTTP/2use.fontawesome.com/f182237388.js IP104.21.27.152:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (9731), with no line terminators Hash2cacb88151a513dc4eaf4bde78faff7b a4c63129b001af45bd8c1e60a462a87edd9be8e9 2cfdf34668c0492fe9303c1210943aa7f4a5353e4674812bb96c79542802ebf7
GET /f182237388.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: text/javascript
etag: W/"642925e489914ab3dd425cb843636667"
last-modified: Fri, 22 Sep 2023 01:40:28 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 2214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zG4wWzQDHGcOB3kS9UV2AKjNFl%2BRM7F7w%2F3YzsfcuODE0ZAVviZsTsJvUFrTgjZ23quDDoe5mQJoMyEmrbMhsjHbxmQ6POFwAdG3hG3ZuXVgXYbr87BnaQp5qShBsB5aPwyxm2Yu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794cd897cdb0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2 | 104.21.27.152 | 200 OK | 77 kB |
URL GET HTTP/2use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2 IP104.21.27.152:443
Requested byhttps://cerfoben.xyz/1/7.html CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /releases/v4.7.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:42:57 GMT
content-type: application/font-woff2
content-length: 77160
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRd9%2F3bWUXkNCeKStL56IFY1L1A5yYCfhDeuppUS0WffJ0NjdjFmoVDbDN97uK%2BWhONUdba4WDZJ1%2FWL7l2fRPyPa1YBhmSEFkX2Q3F1de9H9AsW%2B69VhWO8is8PP0CmK%2F17YSI3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794cd8cbec00afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|