144.208.68.185301 Moved Permanently 0 B URL User Request GET HTTP/2 IP 144.208.68.185:443
Certificate IssuercPanel, Inc.
Subjectyouaresorandom.com
FingerprintD3:B5:1F:D7:54:AA:83:E2:88:D0:E5:27:97:BB:BC:2F:49:5D:93:8B
ValidityFri, 01 Mar 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.youaresorandom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
vary: Accept-Encoding,Cookie,User-Agent
x-redirect-by: WordPress
location: https://youaresorandom.com/
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 06:33:23 GMT
server: Apache
X-Firefox-Spdy: h2
144.208.68.185301 Moved Permanently 0 B URL User Request GET HTTP/2 IP 144.208.68.185:443
Certificate IssuercPanel, Inc.
Subjectyouaresorandom.com
FingerprintD3:B5:1F:D7:54:AA:83:E2:88:D0:E5:27:97:BB:BC:2F:49:5D:93:8B
ValidityFri, 01 Mar 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.youaresorandom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Thu, 18 Apr 2024 06:33:25 GMT
Server: Apache
Vary: Accept-Encoding,Cookie,User-Agent
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://youaresorandom.com/
Content-Length: 0
Keep-Alive: timeout=3, max=100
Content-Type: text/html; charset=UTF-8
144.208.68.185200 OK 9.9 kB URL User Request GET HTTP/2 IP 144.208.68.185:443
Certificate IssuercPanel, Inc.
Subjectyouaresorandom.com
FingerprintD3:B5:1F:D7:54:AA:83:E2:88:D0:E5:27:97:BB:BC:2F:49:5D:93:8B
ValidityFri, 01 Mar 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (15258)
Hash c1811393466aa8f23146cf9e213e2247
2f499e0e171933d43194152c73a48410bb57a622
60864af74059289e303983730a0a0a7fe6d6fc9fbbe3afe4ec399e25e4583336
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: youaresorandom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,Cookie,User-Agent
link: <https://youaresorandom.com/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
content-length: 9856
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 06:33:28 GMT
server: Apache
X-Firefox-Spdy: h2
144.208.68.185200 OK 9.9 kB URL User Request GET HTTP/2 IP 144.208.68.185:443
Certificate IssuercPanel, Inc.
Subjectyouaresorandom.com
FingerprintD3:B5:1F:D7:54:AA:83:E2:88:D0:E5:27:97:BB:BC:2F:49:5D:93:8B
ValidityFri, 01 Mar 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (15258)
Hash a6715e91e262fb34130630ad540a69d5
32a60d88757e65f6c1e062b7abf9a4e847ae92b1
7889f1fe0c49df8a2f11b14ab770b9ea3960937320dd85ed645285955744aa0f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: youaresorandom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 06:33:30 GMT
Server: Apache
Vary: Accept-Encoding,Cookie,User-Agent
Cache-Control: max-age=3, must-revalidate
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 9860
Keep-Alive: timeout=3, max=100
Content-Type: text/html; charset=UTF-8
youaresorandom.com/wp-content/themes/upsidedown/style.css?ver=1.0.5
144.208.68.185200 OK 764 B URL GET HTTP/2 youaresorandom.com/wp-content/themes/upsidedown/style.css?ver=1.0.5
IP 144.208.68.185:443
Requested by https://youaresorandom.com/
Certificate IssuercPanel, Inc.
Subjectyouaresorandom.com
FingerprintD3:B5:1F:D7:54:AA:83:E2:88:D0:E5:27:97:BB:BC:2F:49:5D:93:8B
ValidityFri, 01 Mar 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
Hash 5bfc72629f6b5ccc96917eb9b82a2a7b
b5c8b24164ad49acf2d39bf93716d122fbf058bc
ed52a6609a3d67486ef3af286e4dafb442c66ad274ecd1c915b39347ed8b78a4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/upsidedown/style.css?ver=1.0.5 HTTP/1.1
Host: youaresorandom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youaresorandom.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Apr 2024 23:01:17 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 764
content-type: text/css
date: Thu, 18 Apr 2024 06:33:31 GMT
server: Apache
X-Firefox-Spdy: h2
youaresorandom.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
144.208.68.185200 OK 5.1 kB URL GET HTTP/2 youaresorandom.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
IP 144.208.68.185:443
Requested by https://youaresorandom.com/
Certificate IssuercPanel, Inc.
Subjectyouaresorandom.com
FingerprintD3:B5:1F:D7:54:AA:83:E2:88:D0:E5:27:97:BB:BC:2F:49:5D:93:8B
ValidityFri, 01 Mar 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (15752)
Hash b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.2 HTTP/1.1
Host: youaresorandom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youaresorandom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Apr 2024 23:13:16 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5062
content-type: application/javascript
date: Thu, 18 Apr 2024 06:33:31 GMT
server: Apache
X-Firefox-Spdy: h2
youaresorandom.com/wp-content/themes/upsidedown/assets/fonts/roboto_700.ttf
144.208.68.185200 OK 96 kB URL GET HTTP/2 youaresorandom.com/wp-content/themes/upsidedown/assets/fonts/roboto_700.ttf
IP 144.208.68.185:443
Requested by https://youaresorandom.com/
Certificate IssuercPanel, Inc.
Subjectyouaresorandom.com
FingerprintD3:B5:1F:D7:54:AA:83:E2:88:D0:E5:27:97:BB:BC:2F:49:5D:93:8B
ValidityFri, 01 Mar 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
File type gzip compressed data, from Unix
Hash dd44ad69608db139e3414cdddda028b3
fca247e22051214e4cddf0b8dc8ffeb87ccbd2a4
3bed674d19f41c089619b901b4dd0a5827cc57dea86734f2ee8629f93ab74671
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/upsidedown/assets/fonts/roboto_700.ttf HTTP/1.1
Host: youaresorandom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youaresorandom.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Apr 2024 23:01:17 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: font/ttf
date: Thu, 18 Apr 2024 06:33:31 GMT
server: Apache
X-Firefox-Spdy: h2
youaresorandom.com/favicon.ico
144.208.68.185302 Found 0 B URL GET HTTP/2 youaresorandom.com/favicon.ico
IP 144.208.68.185:443
Requested by https://youaresorandom.com/
Certificate IssuercPanel, Inc.
Subjectyouaresorandom.com
FingerprintD3:B5:1F:D7:54:AA:83:E2:88:D0:E5:27:97:BB:BC:2F:49:5D:93:8B
ValidityFri, 01 Mar 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: youaresorandom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youaresorandom.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
vary: Accept-Encoding,Cookie,User-Agent
link: <https://youaresorandom.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://youaresorandom.com/wp-includes/images/w-logo-blue-white-bg.png
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 06:33:31 GMT
server: Apache
X-Firefox-Spdy: h2
youaresorandom.com/wp-includes/images/w-logo-blue-white-bg.png
144.208.68.185200 OK 4.1 kB URL GET HTTP/2 youaresorandom.com/wp-includes/images/w-logo-blue-white-bg.png
IP 144.208.68.185:443
Requested by https://youaresorandom.com/
Certificate IssuercPanel, Inc.
Subjectyouaresorandom.com
FingerprintD3:B5:1F:D7:54:AA:83:E2:88:D0:E5:27:97:BB:BC:2F:49:5D:93:8B
ValidityFri, 01 Mar 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: youaresorandom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://youaresorandom.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 12:34:02 GMT
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Thu, 18 Apr 2024 06:33:33 GMT
server: Apache
X-Firefox-Spdy: h2
youaresorandom.com/wp-content/themes/upsidedown/assets/fonts/roboto_regular.ttf
144.208.68.185200 OK 168 kB URL GET HTTP/2 youaresorandom.com/wp-content/themes/upsidedown/assets/fonts/roboto_regular.ttf
IP 144.208.68.185:443
Requested by https://youaresorandom.com/
Certificate IssuercPanel, Inc.
Subjectyouaresorandom.com
FingerprintD3:B5:1F:D7:54:AA:83:E2:88:D0:E5:27:97:BB:BC:2F:49:5D:93:8B
ValidityFri, 01 Mar 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob
Size 168 kB (168260 bytes)
Hash 8a36205bd9b83e03af0591a004bc97f4
56c5c0d38bde4c1f1549dda43db37b09c608aad3
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/upsidedown/assets/fonts/roboto_regular.ttf HTTP/1.1
Host: youaresorandom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youaresorandom.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 03 Apr 2024 23:01:17 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: font/ttf
date: Thu, 18 Apr 2024 06:33:31 GMT
server: Apache
X-Firefox-Spdy: h2