| ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js |  142.250.74.42 | 200 OK | 33 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js IP142.250.74.42:443
Requested byhttps://randmmineenisnosnnoif.pages.dev/robots.txt CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32769) Hashddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://randmmineenisnosnnoif.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33333
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:47:11 GMT
expires: Fri, 02 May 2025 02:47:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 257544
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-light.woff |  2.18.172.165 | 200 OK | 18 kB |
URL GET HTTP/2img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-light.woff IP2.18.172.165:443
Requested byhttps://randmmineenisnosnnoif.pages.dev/robots.txt CertificateIssuerDigiCert Inc Subjectimg.ui-portal.de Fingerprint08:99:FE:75:41:6F:09:D0:44:0F:99:57:49:77:38:72:97:18:8C:03 ValidityMon, 08 Apr 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 18080, version 1.0 Hash7d3616c7d04a9ae474875e42c4bc0496 4d0137dd6f1e5325eb3ba3e7bc4d577e68c75d46 7676e0d97793004054c4ec3e7cbd2d98c52fabc90479b7e3d5cfbb62f4e7a5af
GET /ci/webde/global/fonts/web.de-sans/web.de-sans-light.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://randmmineenisnosnnoif.pages.dev/
Origin: https://randmmineenisnosnnoif.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Apache
last-modified: Tue, 30 Jun 2015 08:59:54 GMT
etag: "46a0-519b86e043680-gzip"
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=543656
date: Sun, 05 May 2024 02:19:35 GMT
content-length: 18080
X-Firefox-Spdy: h2
|
|
| img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-medium.woff | 2.18.172.165 | 200 OK | 18 kB |
URL GET HTTP/2img.ui-portal.de/ci/webde/global/fonts/web.de-sans/web.de-sans-medium.woff IP2.18.172.165:443
Requested byhttps://randmmineenisnosnnoif.pages.dev/robots.txt CertificateIssuerDigiCert Inc Subjectimg.ui-portal.de Fingerprint08:99:FE:75:41:6F:09:D0:44:0F:99:57:49:77:38:72:97:18:8C:03 ValidityMon, 08 Apr 2024 00:00:00 GMT - Mon, 07 Apr 2025 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 18052, version 1.0 Hash99eafbdc5f638d2fec6e869e5005f8f9 9f8f73605e41dc0eef8b5f5a46d3906716a7b3a5 01e773facc13e915276219573795dcf3f2a0fe00fca0841af95b21769872ff48
GET /ci/webde/global/fonts/web.de-sans/web.de-sans-medium.woff HTTP/1.1
Host: img.ui-portal.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://randmmineenisnosnnoif.pages.dev/
Origin: https://randmmineenisnosnnoif.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Apache
last-modified: Tue, 30 Jun 2015 08:59:54 GMT
etag: "4684-519b86e043680-gzip"
x-robots-tag: noindex
access-control-allow-origin: *
content-type: font/woff
vary: Accept-Encoding
cache-control: public, max-age=543707
date: Sun, 05 May 2024 02:19:35 GMT
content-length: 18052
X-Firefox-Spdy: h2
|
|
| api.ipify.org/?format=json |  104.26.13.205 | 200 OK | 21 B |
URL GET HTTP/2api.ipify.org/?format=json IP104.26.13.205:443
Requested byhttps://randmmineenisnosnnoif.pages.dev/robots.txt CertificateIssuerGoogle Trust Services LLC Subjectipify.org FingerprintC8:1A:05:47:C5:73:C6:CE:DF:1D:A6:DE:00:11:A9:9A:8C:DB:EF:A7 ValidityThu, 21 Mar 2024 19:56:02 GMT - Wed, 19 Jun 2024 19:56:01 GMT
Hash7d69c71af0f191e9a72db6153f8018d1 f67c5f2887bc05654b47f76e9621e53a4091aed1 5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65
GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://randmmineenisnosnnoif.pages.dev/
Origin: https://randmmineenisnosnnoif.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 02:19:35 GMT
content-type: application/json
content-length: 21
access-control-allow-origin: *
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87ed3f1b080a5699-OSL
X-Firefox-Spdy: h2
|
|
| randmmineenisnosnnoif.pages.dev/css/ua-parser.min.js | 172.66.44.146 | 200 OK | 20 kB |
URL GET HTTP/3randmmineenisnosnnoif.pages.dev/css/ua-parser.min.js IP172.66.44.146:443
Requested byhttps://randmmineenisnosnnoif.pages.dev/robots.txt CertificateIssuerGoogle Trust Services LLC Subjectrandmmineenisnosnnoif.pages.dev Fingerprint39:7D:2E:1B:80:99:39:C1:EB:EC:5E:D2:11:C6:34:F5:6E:56:C2:7F ValiditySat, 04 May 2024 11:05:22 GMT - Fri, 02 Aug 2024 11:05:21 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (314), with CRLF line terminators Hashca3cc054c864b363084231991e4da6e2 51c448161c05877374f88f5c838a01e9abdc45ec 764d6e025797264c4aa4046b939bb54770c0f1009eac4832502c38ccdf050df0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/ua-parser.min.js HTTP/1.1
Host: randmmineenisnosnnoif.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://randmmineenisnosnnoif.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 02:19:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c76b32fe2f67ed0d8dfddc3b2a1312b4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckHbVRt4skYuazsSLYIgSxSbPYaDxqaW4ofsJldUkDRtyariLw%2Bahc08SV0VmjtYCdI7%2FgFdbSWiluzTl6hnOA%2FAk6cRm8IXxzSknrKyyilTCVgz%2BVc9vQaO2%2FuEwoxoPTIs%2BMeScQWraaKIH2FFArVF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed3f16d84356bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| randmmineenisnosnnoif.pages.dev/favicon.ico | 172.66.44.146 | 200 OK | 12 kB |
URL GET HTTP/3randmmineenisnosnnoif.pages.dev/favicon.ico IP172.66.44.146:443
Requested byhttps://randmmineenisnosnnoif.pages.dev/robots.txt CertificateIssuerGoogle Trust Services LLC Subjectrandmmineenisnosnnoif.pages.dev Fingerprint39:7D:2E:1B:80:99:39:C1:EB:EC:5E:D2:11:C6:34:F5:6E:56:C2:7F ValiditySat, 04 May 2024 11:05:22 GMT - Fri, 02 Aug 2024 11:05:21 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (3617), with CRLF line terminators Hash031c8821dca77e6af6f127ca9712a9f6 c4a98c81c32e8205c4a25ab18682af3be9b4a0ac 956997564b1425028806714c90287116cd40dbecf8b7b5ce3963269c4640b522
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: randmmineenisnosnnoif.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://randmmineenisnosnnoif.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 02:19:35 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"216905f57fa59d29407ecbc6ac07a512"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vtPWsdesf9uKGYs%2FHS9dLdmoYu%2F2pEftMNK%2FpX%2BiGj%2Bkcz8dSXbI2WQ%2B8gn34KuyCGxfvl6lsybjKHJe2Imor4vg1Iva3ghQ60AgiDf0t3HT9WJVPvdZWZ2hVWE%2FudKSXyT%2FxEf2K3ve1l2XqTQHAw5S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed3f1ae99b56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| randmmineenisnosnnoif.pages.dev/css/iwerr7.css | 172.66.44.146 | 200 OK | 61 kB |
URL GET HTTP/3randmmineenisnosnnoif.pages.dev/css/iwerr7.css IP172.66.44.146:443
Requested byhttps://randmmineenisnosnnoif.pages.dev/robots.txt CertificateIssuerGoogle Trust Services LLC Subjectrandmmineenisnosnnoif.pages.dev Fingerprint39:7D:2E:1B:80:99:39:C1:EB:EC:5E:D2:11:C6:34:F5:6E:56:C2:7F ValiditySat, 04 May 2024 11:05:22 GMT - Fri, 02 Aug 2024 11:05:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/iwerr7.css HTTP/1.1
Host: randmmineenisnosnnoif.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://randmmineenisnosnnoif.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:19:34 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"913361259c5be24a5dff7650edb8c128"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZ7v0wgfFda6mn0C0X1%2FVFsx1F3m6JAZSn%2BxPqX5FULOtJrERz1cXEVOTgOuJMkuhKBOqH43na%2By7bEowLS84y1jld3XmYnNdaKmIwwNCsXn1vw0lpne89V89JWA6dY1kfDGyna2GQg96J%2BuZYOTwPWr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed3f16d84256bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| randmmineenisnosnnoif.pages.dev/css/tgfiles.js | 172.66.44.146 | 200 OK | 561 B |
URL GET HTTP/3randmmineenisnosnnoif.pages.dev/css/tgfiles.js IP172.66.44.146:443
Requested byhttps://randmmineenisnosnnoif.pages.dev/robots.txt CertificateIssuerGoogle Trust Services LLC Subjectrandmmineenisnosnnoif.pages.dev Fingerprint39:7D:2E:1B:80:99:39:C1:EB:EC:5E:D2:11:C6:34:F5:6E:56:C2:7F ValiditySat, 04 May 2024 11:05:22 GMT - Fri, 02 Aug 2024 11:05:21 GMT
File typeASCII text, with very long lines (636), with no line terminators Hash72cb92df9a2346b07dd60333225fda92 b5ad61fc46ffc4a3c38405fb778d1ce4d347202b f53b1f1dc5b3ddb95ae7471f173367ca30d5e0abdd61b55ec5cf11ac90d38d65
| Analyzer | Verdict | Alert |
|---|
| urlquery | suspicious | Suspicious - Suspicious Javascript code | | Quad9 DNS | malicious | Sinkholed |
GET /css/tgfiles.js HTTP/1.1
Host: randmmineenisnosnnoif.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://randmmineenisnosnnoif.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:19:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0986bbeb5334cef96d9f7436b32f734e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CuDmlfe%2BhcpvqNGAV%2BAPNp0ryWpRfVwQyQf%2Fy61K0tIEZULoSmPfIh2JD6M3t1hZTrpS9wM3sFg0NTmhYRCZRvCVFVHzWW8iVWCGIMpIYbWUdJmgcEUsiQdF8ExQuK%2BjVEkqUNz5%2F3llAHJUxzYno4XK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed3f16d84456bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ipapi.co/91.90.42.154/json | 172.67.69.226 | 200 OK | 744 B |
URL GET HTTP/2ipapi.co/91.90.42.154/json IP172.67.69.226:443
Requested byhttps://randmmineenisnosnnoif.pages.dev/robots.txt CertificateIssuerLet's Encrypt Subjectipapi.co FingerprintF4:65:F9:9B:26:CD:26:53:C7:F0:24:4D:F3:3B:E2:8E:8F:8F:60:D7 ValiditySat, 09 Mar 2024 17:29:09 GMT - Fri, 07 Jun 2024 17:29:08 GMT
File typeASCII text, with very long lines (870), with no line terminators Hashf55d46bc645189e127961c66c5efb9b4 6ae674e090a2e80a4d512a8848ab34d7c11b65bc 6cb703f7995717251d724238bca09c5dc99a14d99aafd1836fc59ada3d36101f
GET /91.90.42.154/json HTTP/1.1
Host: ipapi.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://randmmineenisnosnnoif.pages.dev/
Origin: https://randmmineenisnosnnoif.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 02:19:36 GMT
content-type: application/json
allow: HEAD, GET, OPTIONS, POST, OPTIONS
x-frame-options: DENY
vary: Host, origin
access-control-allow-origin: https://randmmineenisnosnnoif.pages.dev
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cNvGkuHH2OpHsNUOcTwdGGLytb51rP1YDnN7ogZoCvaKwQIWE0myfqgjysRBfNYSKkOKatnCYQbEro3ZPXiDjTA5vpnRWrUqrH7mtmaxraV%2F9mhCNuXF19i7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed3f1cbb27b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| randmmineenisnosnnoif.pages.dev/robots.txt | 172.66.44.146 | 200 OK | 13 kB |
URL User Request GET HTTP/2randmmineenisnosnnoif.pages.dev/robots.txt IP172.66.44.146:443
CertificateIssuerGoogle Trust Services LLC Subjectrandmmineenisnosnnoif.pages.dev Fingerprint39:7D:2E:1B:80:99:39:C1:EB:EC:5E:D2:11:C6:34:F5:6E:56:C2:7F ValiditySat, 04 May 2024 11:05:22 GMT - Fri, 02 Aug 2024 11:05:21 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /robots.txt HTTP/1.1
Host: randmmineenisnosnnoif.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 02:19:34 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"216905f57fa59d29407ecbc6ac07a512"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ShOD2naT2taaSKGuiLZVvFWmB6UAIi6a8U6w7gslqGPxTanAYPafJoFRkYedQptwmTMDkRNB7uGMTqtxZJzslrK2%2Bx5k9o1vj9ca7iVfX02LccU%2FL3TSSA1%2FN1ryb6b59g4bI5YE5TgwgIafcMYyx0dC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed3f143d2156b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| randmmineenisnosnnoif.pages.dev/css/neat.js | 172.66.44.146 | 200 OK | 4.3 kB |
URL GET HTTP/3randmmineenisnosnnoif.pages.dev/css/neat.js IP172.66.44.146:443
Requested byhttps://randmmineenisnosnnoif.pages.dev/robots.txt CertificateIssuerGoogle Trust Services LLC Subjectrandmmineenisnosnnoif.pages.dev Fingerprint39:7D:2E:1B:80:99:39:C1:EB:EC:5E:D2:11:C6:34:F5:6E:56:C2:7F ValiditySat, 04 May 2024 11:05:22 GMT - Fri, 02 Aug 2024 11:05:21 GMT
File typeJavaScript source, ASCII text, with very long lines (4645), with no line terminators Hashebbc486f1e2e7f4513775072ba334668 9a5e24d8bcc2c8451ae9a42f049a31b8cbc407a6 e4cd7696516e5d4de7de5dfb338a561053d1f51419e9344e0aa0b5c679021cb3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/neat.js HTTP/1.1
Host: randmmineenisnosnnoif.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://randmmineenisnosnnoif.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 02:19:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ecce696794c11130c70e4e1f5d9c6e0b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qIMqDOOpB%2BrGgt97wQWB1QXoJeDGuJpb%2Fatti3rV78ZCSN6aR85AIpEhVRtGoglrZZqDh0L%2F%2BT6gxlL%2FjaDeW%2BFg%2BPC0Z0m5kIx6NmGRIRCjEpocA2%2BL%2BvrB6v0CsgcPB3Ylh%2BlMWMzwTGWtVNNre4Nw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed3f16d84556bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|