| | 76.76.21.98 | 307 Temporary Redirect | 40 B |
URL User Request GET HTTP/2IP76.76.21.98:443
CertificateIssuerLet's Encrypt Subjectwww.url.zip Fingerprint03:9A:21:66:F4:59:76:E0:53:4A:6B:8E:F2:85:F4:FF:5E:9A:C8:5C ValidityWed, 27 Mar 2024 13:44:01 GMT - Tue, 25 Jun 2024 13:44:00 GMT
File typeASCII text, with no line terminators Hasheb0eb2de3a4dbf677090e00cea789cf0 c292a18eb0e29df3e5143f92f7c3fe28373871a1 f66aef31223cca9d36d4e67fd6321aeac192d7723805e4d8d6a53209700c3ecd
GET /b2cf401 HTTP/1.1
Host: www.url.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-type: text/plain; charset=utf-8
date: Sat, 04 May 2024 07:21:38 GMT
location: https://spain2fb.pages.net.br/spain2ydds
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /en/[shortId]
x-vercel-cache: MISS
x-vercel-id: arn1::iad1::wbg5c-1714807298558-882b3e6f602f
content-length: 40
X-Firefox-Spdy: h2
|
|
| spain2fb.pages.net.br/cdn-cgi/styles/cf.errors.css | 104.18.43.16 | 200 OK | 6.5 kB |
URL GET HTTP/3spain2fb.pages.net.br/cdn-cgi/styles/cf.errors.css IP104.18.43.16:443
Requested byhttps://spain2fb.pages.net.br/spain2ydds CertificateIssuerLet's Encrypt Subjectpages.net.br Fingerprint9B:65:DC:1A:3B:3C:01:08:30:AD:F0:F9:3C:6B:D1:4F:B9:93:CE:63 ValidityThu, 11 Apr 2024 04:31:13 GMT - Wed, 10 Jul 2024 04:31:12 GMT
File typegzip compressed data, from Unix Hashb74e17c77700975257213d49ebcf16e5 7d397061ae17e5f1e768c59617ef0d2e4860a8e1 b09f8486c98891a840089789a27bcda8a0255f162316b3ff98c917294602e788
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: spain2fb.pages.net.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spain2fb.pages.net.br/spain2ydds
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:21:39 GMT
content-type: text/css
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: W/"66310c39-5df3"
server: cloudflare
cf-ray: 87e6bc351863b518-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 04 May 2024 09:21:39 GMT
cache-control: max-age=7200, public
content-encoding: gzip
|
|
| | 76.76.21.21 | 308 Permanent Redirect | 4.4 kB |
URL User Request GET HTTP/2IP76.76.21.21:443
CertificateIssuerLet's Encrypt Subjecturl.zip Fingerprint92:F6:DC:53:FA:AE:36:42:3D:37:0D:C4:1A:C0:00:25:38:72:DD:20 ValidityWed, 27 Mar 2024 13:32:40 GMT - Tue, 25 Jun 2024 13:32:39 GMT
File typeHTML document, ASCII text, with very long lines (4649), with no line terminators Hashf7456b44a4d991df0ed453b31bbf0b53 c8b1cf34f59b07bd21d5bbcae42fbf79c1ee0186 302723b4a6fcdb05728cb384755be99e6d2eb383c425c2e35d1033fca498b3db
GET /b2cf401 HTTP/1.1
Host: url.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 308 Permanent Redirect
cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Sat, 04 May 2024 07:21:38 GMT
location: https://www.url.zip/b2cf401
refresh: 0;url=https://www.url.zip/b2cf401
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-id: arn1::6fkhj-1714807298397-74b1fbce5394
X-Firefox-Spdy: h2
|
|
| spain2fb.pages.net.br/spain2ydds | 104.18.43.16 | 200 OK | 4.4 kB |
URL User Request GET HTTP/2spain2fb.pages.net.br/spain2ydds IP104.18.43.16:443
CertificateIssuerLet's Encrypt Subjectpages.net.br Fingerprint9B:65:DC:1A:3B:3C:01:08:30:AD:F0:F9:3C:6B:D1:4F:B9:93:CE:63 ValidityThu, 11 Apr 2024 04:31:13 GMT - Wed, 10 Jul 2024 04:31:12 GMT
File typeHTML document, ASCII text, with very long lines (4649), with no line terminators Hashf7456b44a4d991df0ed453b31bbf0b53 c8b1cf34f59b07bd21d5bbcae42fbf79c1ee0186 302723b4a6fcdb05728cb384755be99e6d2eb383c425c2e35d1033fca498b3db
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /spain2ydds HTTP/1.1
Host: spain2fb.pages.net.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 07:21:39 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6bc338be5b4f9-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| spain2fb.pages.net.br/favicon.ico | 104.18.43.16 | 403 Forbidden | 4.5 kB |
URL GET HTTP/3spain2fb.pages.net.br/favicon.ico IP104.18.43.16:443
Requested byhttps://spain2fb.pages.net.br/spain2ydds CertificateIssuerLet's Encrypt Subjectpages.net.br Fingerprint9B:65:DC:1A:3B:3C:01:08:30:AD:F0:F9:3C:6B:D1:4F:B9:93:CE:63 ValidityThu, 11 Apr 2024 04:31:13 GMT - Wed, 10 Jul 2024 04:31:12 GMT
File typeHTML document, ASCII text, with very long lines (4752), with no line terminators Hashf39e442bc754454b1576830d5c61bfeb d38e7735b9fd016f999b94b2630249758486e3ce 29c4898985a40044a79e90503f5de30a9502e9581ce6da22d84f3459ab29a4fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: spain2fb.pages.net.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spain2fb.pages.net.br/spain2ydds
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Sat, 04 May 2024 07:21:39 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Sat, 04 May 2024 07:21:54 GMT
set-cookie: __cf_bm=tzAb_WT0E52_Ps8IXBr8XEsmgvuFbx9iUL22YrRyAgk-1714807299-1.0.1.1-ACLr25Z0mNejrXv_cbs4Yp1pAsenlDbvdO5kAYtdSdYhYYB1RdP24kecNOUn9CN1kqXK.8cehB9v4TQsOOFG3g; path=/; expires=Sat, 04-May-24 07:51:39 GMT; domain=.spain2fb.pages.net.br; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e6bc354895b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| spain2fb.pages.net.br/cdn-cgi/images/icon-exclamation.png?1376755637 | 104.18.43.16 | 200 OK | 452 B |
URL GET HTTP/3spain2fb.pages.net.br/cdn-cgi/images/icon-exclamation.png?1376755637 IP104.18.43.16:443
Requested byhttps://spain2fb.pages.net.br/spain2ydds CertificateIssuerLet's Encrypt Subjectpages.net.br Fingerprint9B:65:DC:1A:3B:3C:01:08:30:AD:F0:F9:3C:6B:D1:4F:B9:93:CE:63 ValidityThu, 11 Apr 2024 04:31:13 GMT - Wed, 10 Jul 2024 04:31:12 GMT
File typePNG image data, 54 x 54, 8-bit colormap, non-interlaced Hashc33de66281e933259772399d10a6afe8 b9f9d500f8814381451011d4dcf59cd2d90ad94f f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Sinkholed / Blocked | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
Host: spain2fb.pages.net.br
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://spain2fb.pages.net.br/cdn-cgi/styles/cf.errors.css
Cookie: __cf_bm=tzAb_WT0E52_Ps8IXBr8XEsmgvuFbx9iUL22YrRyAgk-1714807299-1.0.1.1-ACLr25Z0mNejrXv_cbs4Yp1pAsenlDbvdO5kAYtdSdYhYYB1RdP24kecNOUn9CN1kqXK.8cehB9v4TQsOOFG3g
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:21:39 GMT
content-type: image/png
content-length: 452
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: "66310c39-1c4"
server: cloudflare
cf-ray: 87e6bc3558a2b518-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sat, 04 May 2024 09:21:39 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
|
|