IP104.26.9.202:0
File typeASCII text, with no line terminators Hash14380b81da6c1f82d54ddad07bdca87c a72b216e23ce2fd0c275f0c66381255e2b34c1be 6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a
GET /js/ads.js HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImYwQ0ZreG82aWlDeEo1WUtMQnB1UHc9PSIsInZhbHVlIjoiZTNTR2tIUE1QN2RkZnlxVVorSThFR0NmVjR4aDZ5bUJoL29oRlQ0WS9FOGtCVGp5Y1phQXFUeEU1U2NuZ0RkZTU0TmpxMkhidUs4N2Q2WVA5WUsyOG5kNU1BY29iaE80MDh4aEx6OHpGWkxDc05PUW5PaGt1WlhnVzU2RUVyc2MiLCJtYWMiOiIzNTY2NmViM2ViNjZkNTU4MjI4ZTA0MTdjYzc2ZTEyMzIxODYzYjAwM2FjYmM4YzI5NjhmM2NiN2E4ZThkYjhlIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Inh2UnMvbW5kVmlkUndpb3JNbkFqdmc9PSIsInZhbHVlIjoiVnFrT3ZiSmFmOEpIUmpFMCttUHJISG12T3JXS1VQUHU4aTlZSlp6UnJmWGhTUE44ZGZpUzZ5Nlg3Y1Z2SExPKzNXZ093TjArK0pGYittZWY3VFFSYkVuVm5WcVZwTTZvY2k5YlowY1UvQUVxVVh2L1NWOVEzNVF2bi9RSnF0WDciLCJtYWMiOiIwMTJmZGU2MTYxODNiYjYxM2M3OTlhYTZjZDE5OWRjY2Y4MzlmZDgyYzhlNTczNDU1YTYxYWZkOTRiNjlhZWUwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:03:13 GMT
content-type: application/javascript
content-length: 19
cf-bgj: minify
cf-polished: origSize=22
etag: "16-60f850cd8071e"
last-modified: Mon, 22 Jan 2024 08:59:40 GMT
cf-cache-status: HIT
age: 985
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7NkXySxHJETFTnnwDfRifCNXBdtos6r%2FLgvfI3%2Blec8dkPV%2BvhIJ72AeiaV9b%2FyjH1IABY3RUyPGVfrWn1bVY9Mg%2BwMyD0Hy9v5W6oajuXZ9PzACNJ8JA7gm9c7xhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766e9e6683a56c6-OSL
alt-svc: h3=":443"; ma=86400
|
| static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 | 104.16.79.73 | | 6.6 kB |
URL static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP104.16.79.73:0
File typeJavaScript source, ASCII text, with very long lines (19261), with no line terminators Hash3be93fd15d2f7dee2fc0c8981c6fa5c6 8cd88c36fad3e96641dbc4d781f5ddbe5123312f 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:03:13 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Mon, 15 Apr 2024 22:09:58 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766e9e67e5cb509-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
| grabify.link/cdn-cgi/rum? | 104.26.9.202 | | 0 B |
URL grabify.link/cdn-cgi/rum? IP104.26.9.202:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 493
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImVNeHpackJmUlcwMnZEbXY2bGFmWkE9PSIsInZhbHVlIjoiTWNUZjd1dGtaU3NSK2xUKzduSDczb2t4c3VGVWIrUmlhd2hjb2RsdzZKOTRxc1JwVnFxc3pDaFpGdFJLckJCcVhlSUR2dGdxOHpqWldlMWtCcFE1UWZTb0tXcVVJanY2LzJmYWRTTVFhaFFrcCtGYXFoRVlmZ1VGaThUYWpTeFMiLCJtYWMiOiIxNGE4M2UyNjYwNzk5MGFjODU2ODBkNzE2NzMwZTFjOGEyNGM3ZjA2ZjY2ZTVjMzc0ZTE3MWIyYWI3MzE3ZGY2IiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Ik1uUDZIczJxLzMwRkpsYVM3L25XdFE9PSIsInZhbHVlIjoiTXJTRVlnY1picVJIY0REK09RU3BmbnNBWEtlUGE0T3ZMVE5TcFhsdHZRdWEybE5uYjhQdDA3Ymk2dWt5aHpEcmltUWE2a0ZIUlFoZDNValpkQmJ6b29kVTkxR1h1cFlCTWJWN1FKY1pyKzNFWmlOcG5laXNINHMyTEVlZEpWWW0iLCJtYWMiOiJhNjQ5MzFkMTU2ZTZjZjQyOGI2ZDI4YTg0NWIwZTFiYWE5MTI1NGY3MWQ0OTgxN2M1OTNkMGEwZjcxOTIyYmZjIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Thu, 18 Apr 2024 19:03:15 GMT
access-control-allow-origin: https://grabify.link
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8766e9f3285756c6-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
IP104.26.9.202:0
Hashb36bd517e6bd757dea0fe824a0b11d31 7e86838ac0103a610de5fddb426c2f1ebeb01e42 25b030b2192bba7f61f1707c44f5cb875a6cd5bfb4867e548757392c30d693b3
POST /api/js HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
User-Agents: RnJSQnlrTlJZc3dsUkhvb25hUjlvYjJkVU9McHk5NkRmNjNhc1BjdA==
X-CSRF-TOKEN: FrRBykNRYswlRHoonaR9ob2dUOLpy96Df63asPct
Content-Length: 3370
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImYwQ0ZreG82aWlDeEo1WUtMQnB1UHc9PSIsInZhbHVlIjoiZTNTR2tIUE1QN2RkZnlxVVorSThFR0NmVjR4aDZ5bUJoL29oRlQ0WS9FOGtCVGp5Y1phQXFUeEU1U2NuZ0RkZTU0TmpxMkhidUs4N2Q2WVA5WUsyOG5kNU1BY29iaE80MDh4aEx6OHpGWkxDc05PUW5PaGt1WlhnVzU2RUVyc2MiLCJtYWMiOiIzNTY2NmViM2ViNjZkNTU4MjI4ZTA0MTdjYzc2ZTEyMzIxODYzYjAwM2FjYmM4YzI5NjhmM2NiN2E4ZThkYjhlIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Inh2UnMvbW5kVmlkUndpb3JNbkFqdmc9PSIsInZhbHVlIjoiVnFrT3ZiSmFmOEpIUmpFMCttUHJISG12T3JXS1VQUHU4aTlZSlp6UnJmWGhTUE44ZGZpUzZ5Nlg3Y1Z2SExPKzNXZ093TjArK0pGYittZWY3VFFSYkVuVm5WcVZwTTZvY2k5YlowY1UvQUVxVVh2L1NWOVEzNVF2bi9RSnF0WDciLCJtYWMiOiIwMTJmZGU2MTYxODNiYjYxM2M3OTlhYTZjZDE5OWRjY2Y4MzlmZDgyYzhlNTczNDU1YTYxYWZkOTRiNjlhZWUwIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:03:15 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 10
x-ratelimit-remaining: 5
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6ImVNeHpackJmUlcwMnZEbXY2bGFmWkE9PSIsInZhbHVlIjoiTWNUZjd1dGtaU3NSK2xUKzduSDczb2t4c3VGVWIrUmlhd2hjb2RsdzZKOTRxc1JwVnFxc3pDaFpGdFJLckJCcVhlSUR2dGdxOHpqWldlMWtCcFE1UWZTb0tXcVVJanY2LzJmYWRTTVFhaFFrcCtGYXFoRVlmZ1VGaThUYWpTeFMiLCJtYWMiOiIxNGE4M2UyNjYwNzk5MGFjODU2ODBkNzE2NzMwZTFjOGEyNGM3ZjA2ZjY2ZTVjMzc0ZTE3MWIyYWI3MzE3ZGY2IiwidGFnIjoiIn0%3D; expires=Fri, 19 Apr 2024 00:03:15 GMT; Max-Age=18000; path=/; secure
g_session=eyJpdiI6Ik1uUDZIczJxLzMwRkpsYVM3L25XdFE9PSIsInZhbHVlIjoiTXJTRVlnY1picVJIY0REK09RU3BmbnNBWEtlUGE0T3ZMVE5TcFhsdHZRdWEybE5uYjhQdDA3Ymk2dWt5aHpEcmltUWE2a0ZIUlFoZDNValpkQmJ6b29kVTkxR1h1cFlCTWJWN1FKY1pyKzNFWmlOcG5laXNINHMyTEVlZEpWWW0iLCJtYWMiOiJhNjQ5MzFkMTU2ZTZjZjQyOGI2ZDI4YTg0NWIwZTFiYWE5MTI1NGY3MWQ0OTgxN2M1OTNkMGEwZjcxOTIyYmZjIiwidGFnIjoiIn0%3D; expires=Fri, 19 Apr 2024 00:03:15 GMT; Max-Age=18000; path=/; secure; httponly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zep6w2IQ7%2F7d3EAqBLpX%2FntdjZAExK9Q3GLckL%2FdNcItxBaDWubKwHyRjZfAlu2xv6OuZmaiUk%2Bza4sybD7BZ4lqtAq3KWzgoFB3X1RF2QIJ%2FVtFG%2Fs92xaYeAOHIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766e9f0dd5c56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: rimworld
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|