| cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js |  104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP104.17.24.14:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ng.nairaintheget.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:17:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 236556
expires: Tue, 08 Apr 2025 11:17:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y6A9fYRjUowsXeePoClditXIFmQHDdOSJY2P1z8TYcAywMKFmhCb5NCnuTeUCTCBFRLBZvSwf6b42hz6%2FbSymRgJFREOygs0q9iGrjeazQzHX7T6IkNgTn0kevi9MeISpwZuh%2Bhq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87643fa36ed1b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ng.nairaintheget.xyz/6/Wow_files/env_prize.png |  172.67.179.157 | 200 OK | 28 kB |
URL GET HTTP/3ng.nairaintheget.xyz/6/Wow_files/env_prize.png IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typePNG image data, 257 x 184, 8-bit/color RGBA, non-interlaced Hash810629e8af79cea550fe80b331ceb34e 9b76c8d9e49438dfa4b19a4534bba147cd486875 f0167c5e70765299536011353e73eae70f126629bb5e9b3b2b8f05378fc55a61
GET /6/Wow_files/env_prize.png HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:17:28 GMT
content-type: image/png
content-length: 27988
x-amz-id-2: OxASUpLdiD1JGpAoZKbQj6b+NMWYU4UIfl8RszGItKMgLOjB0CbAwwDwny6pmmuMuGOseQc/qu0=
x-amz-request-id: HV2XP1688C9T8026
last-modified: Sun, 11 Feb 2024 15:00:01 GMT
etag: "810629e8af79cea550fe80b331ceb34e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Ad2eJV5jK7vJruMpz6bj%2BiheKkIPE0dPGI5g7lsMTdbPbVkAvcBkDBHWm3se53u60ttzN0wM7xerAv7juZzRsZxN9ziJy07Kt1CT%2FvpmHqdbPxhq3L6dsIEmBYhiwZx5nIjveq59Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643fa36cac569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ng.nairaintheget.xyz/6/Wow_files/env_closed.png | 172.67.179.157 | 200 OK | 2.3 kB |
URL GET HTTP/3ng.nairaintheget.xyz/6/Wow_files/env_closed.png IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typePNG image data, 257 x 184, 8-bit colormap, non-interlaced Hash57cffe641003f9a80834df4f706d16c3 900af1f1f75f11f547bf4bab2f9f88f0b3b0c38d fd0a52dab9715198deaac93ec52117c0443279db1ed9b186790806d7542e98aa
GET /6/Wow_files/env_closed.png HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:17:28 GMT
content-type: image/png
content-length: 2283
x-amz-id-2: 1b5oeiaeZwEB0/vrfPfrmzzuqRZtToFLzuNnvU6ZBHD2ZiwRTmazdU7kB3AJIQOvbsmZl98aUoI=
x-amz-request-id: 4F4JE4E1D8T6CMP9
last-modified: Sun, 11 Feb 2024 14:59:58 GMT
etag: "57cffe641003f9a80834df4f706d16c3"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LyRX9FgRFYWV6O0F5J%2B3Mn0ztkFu2gqS3Qf%2BsfT%2FDd%2B%2BdrT%2FTsqC82sJ7eO4KjeJB7OnW2y1%2Bqt%2BULOO%2B2pC3ozxe%2BFNCTj89V2jnQQkVPQsMCK4w6gghV2%2FcrNxr%2BnA%2FaQFCLwIUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643fa35c96569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| woudaufe.net/zone?&pub=0&zone_id=5615385&is_mobile=false&domain=ng.nairaintheget.xyz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.500&trace_id=04f53510-face-4dab-9b38-b15bbe793e97&action=prerequest |  139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2woudaufe.net/zone?&pub=0&zone_id=5615385&is_mobile=false&domain=ng.nairaintheget.xyz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.500&trace_id=04f53510-face-4dab-9b38-b15bbe793e97&action=prerequest IP139.45.197.251:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerLet's Encrypt Subjectwoudaufe.net Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5 ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5615385&is_mobile=false&domain=ng.nairaintheget.xyz&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.500&trace_id=04f53510-face-4dab-9b38-b15bbe793e97&action=prerequest HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ng.nairaintheget.xyz
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 11:17:29 GMT
content-length: 0
x-trace-id: 89d166612b1601690def36e5c85b2714
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ng.nairaintheget.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 470
Origin: https://ng.nairaintheget.xyz
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 2bfd65e73a25f02224bf78977ad53929
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ng.nairaintheget.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 472
Origin: https://ng.nairaintheget.xyz
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b29ab65f6ee6679df605bcbb5ea0eb84
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ng.nairaintheget.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 473
Origin: https://ng.nairaintheget.xyz
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 495af21d4f8cf28d01d25bf1f1d4cc2c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ng.nairaintheget.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ng.nairaintheget.xyz/
Origin: https://ng.nairaintheget.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ng.nairaintheget.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| ng.nairaintheget.xyz/6/Wow_files/nig1.jpg | 172.67.179.157 | 200 OK | 254 kB |
URL GET HTTP/3ng.nairaintheget.xyz/6/Wow_files/nig1.jpg IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Converted from WebP to JPG using ezgif.com", baseline, precision 8, 1200x1200, components 3 Size254 kB (253688 bytes) Hash1531c7fdd75b339d29da825611e2753d f4231edead77493063bf5e93b6cf18f5ef25c16e 9ce9caf4ab2995de82c7fe2b15ed17b3da80171149c691e6a042a9d13721a05b
GET /6/Wow_files/nig1.jpg HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/Wow_files/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: image/jpeg
content-length: 253688
x-amz-id-2: DeIyt8yCbWJwxYHXB/p6M+KaYzrxJeP5LFaW+v/nMhQOEKbovnAP+Ixf83C4rc/dX2nBKH10TuY=
x-amz-request-id: 0B4BMRB8VRRWE2BE
last-modified: Sun, 11 Feb 2024 15:00:16 GMT
etag: "1531c7fdd75b339d29da825611e2753d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TgiKFno7z7xHtuaxaLbxKR2GthDfXceRCMbyBS8s59KqXGel8QNI6YsjaR6jqgrrCEDZjpNYuVzMfJlKd1Q12pkaCAnKgQysAp8i%2By3K4pRWinUhcYkxPutVAe035RTA3gOU5zOWkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643fa7cbf6569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ng.nairaintheget.xyz/6/Wow_files/ng2.jpg | 172.67.179.157 | 200 OK | 19 kB |
URL GET HTTP/3ng.nairaintheget.xyz/6/Wow_files/ng2.jpg IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 600x416, Scaling: [none]x[none], YUV color, decoders should clamp Hashb42bcb9c4989e82773642eb876eeeb6f d1e76811c62211b7cff8191a7339244a2b9d7e7a 841d59cdcc060e3366a5cb3381ef4d8e0b09a06d5231b07f244a62b6f856a34b
GET /6/Wow_files/ng2.jpg HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/Wow_files/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: image/jpeg
content-length: 18728
x-amz-id-2: Q13Z8v06FMhFnQv9VGMfTblG1///Nstmdfwk2q6WqbRg/wxQ1Q1/3L/6Xk0QquBG4J9wJzp7tIw=
x-amz-request-id: MTVWND1R48V5T672
last-modified: Sun, 11 Feb 2024 15:00:09 GMT
etag: "b42bcb9c4989e82773642eb876eeeb6f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KU2waoulRcLAHFaVl8qJGLitpvqtU5X8aq3K4fJ4TzyGXtXaFw7aNcu2DmDzXNTrgyIAm03Oy0sCJixpYQt%2BTvBtWHm0ikm4%2F5YUflCWV0xWEq87Q9%2BUBIJu45mEHeYYMMmEECRUfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643fa7cbf4569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ng.nairaintheget.xyz/6/Wow_files/ng4.jpg | 172.67.179.157 | 200 OK | 8.0 kB |
URL GET HTTP/3ng.nairaintheget.xyz/6/Wow_files/ng4.jpg IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=1], baseline, precision 8, 275x183, components 3 Hash13927e3f3e1e9dd4da043478a2426bfe ebab60939afabda4d6730f3b8dfa7061fe133acb bbbc1fe136c12a17974ed20f7ecd8224ab912ab65c518f745c45a0beae377ccc
GET /6/Wow_files/ng4.jpg HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/Wow_files/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: image/jpeg
content-length: 8037
x-amz-id-2: J+vovKtdwic2GrXL1XqFXP4rm9CoYDSiffPFOIkk5WDdwX2SUzL5k55mBKnlSIxjW+s53jXWIn8=
x-amz-request-id: 57CK202SBQKFB2DD
last-modified: Sun, 11 Feb 2024 15:00:12 GMT
etag: "13927e3f3e1e9dd4da043478a2426bfe"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXux79%2FWSxH0vv7EFn9ZCVL2GOkNriRudoMg2lcpxdL437VPBJqka3SUdCFnd%2FBQJ5rwdJ8kORi2vUl4Ba0Xd%2F1gbg1%2BR%2BFkutxcsNuwU6CunkiBEuS%2BoGHzGrwFQTkW7Cg47mcwjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643fa7dc05569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash6507dff9c52dc98c12f9d491774447cf 668d0d49566a22a5b56008298ea9c11b02e02d82 d7ddbc57bb2263113415d89ceed0216c56ef6c22f9ec34ca65f539e3347e8a30
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ng.nairaintheget.xyz/
Content-Type: application/json
Content-Length: 1088
Origin: https://ng.nairaintheget.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ng.nairaintheget.xyz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ng.nairaintheget.xyz/6/Wow_files/Jerry-Ojumah.png | 172.67.179.157 | 200 OK | 888 kB |
URL GET HTTP/3ng.nairaintheget.xyz/6/Wow_files/Jerry-Ojumah.png IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typePNG image data, 1440 x 960, 8-bit/color RGB, non-interlaced Size888 kB (887466 bytes) Hash78e4bed7dc12ad7964c289ca9d02ae26 9ebc3cb02a5cf660d691f846fbcd06dd33e5c055 922f3463136ddfcffde76c37b3e0ed509038a49a71bde0aea65da6a7f6b107c4
GET /6/Wow_files/Jerry-Ojumah.png HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/Wow_files/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: image/png
content-length: 887466
x-amz-id-2: Zr9XeDtbD8SBRuWmYbcZfZE72F0p6I+TiWVhVCOc8EY2+YDaYxKt9hz3/Ff54mxvzw0ChpDHmzY=
x-amz-request-id: 0B40WPHVX9JCJ0MA
last-modified: Sun, 11 Feb 2024 15:00:05 GMT
etag: "78e4bed7dc12ad7964c289ca9d02ae26"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FNzVC9hzaGqZcnQNeWeg3uuWDrWy9yIKFpXAgpm8gHYs0Q7ZVHk9%2BHv8Vp%2Bo7roHNLOOyWQNK1%2FkcMsooDS1QH5YGqcehVgc%2B2KLhzKdi7vomykjUjuWinuN45PwbSCTPEBkSM3BgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643fa7cbf3569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ng.nairaintheget.xyz/6/Wow_files/nigflag.png | 172.67.179.157 | 200 OK | 14 kB |
URL GET HTTP/3ng.nairaintheget.xyz/6/Wow_files/nigflag.png IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hash4f0ce3ee8974b1568fc18bada517b418 86ac212f10d86689245130a3c2921b29c760be2a f73f1dea5d1e1817f2399e7a292145d1dba84be26326ea00aae9fbe4b1a487fb
GET /6/Wow_files/nigflag.png HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/Wow_files/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: image/png
content-length: 13527
x-amz-id-2: p35ldClcFezqwMqI6BCj7WMxnvpiE4hh25QsDa56v8+D63NtZU93GxIF/oUHOHXauVG86eTFO5U=
x-amz-request-id: 57CG7KN24XNN4DDK
last-modified: Sun, 11 Feb 2024 15:00:17 GMT
etag: "4f0ce3ee8974b1568fc18bada517b418"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJYYRW8TMN%2BYa%2FS4Of0bdauUwyj3xbu87i2PxXI%2FB6tsPWZqkw8%2F%2B4t9Ja5X%2BHkWcoSlBoCOlvWc8JzyEpMTXe%2FR0g5yk58Q0zR21ZyYxqcUde3zG%2BKB8kr5Jrwn1tEMo%2Fa8oB9PvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643fa7cbf0569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ng.nairaintheget.xyz/6/Wow_files/nh3.png | 172.67.179.157 | 200 OK | 199 kB |
URL GET HTTP/3ng.nairaintheget.xyz/6/Wow_files/nh3.png IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typePNG image data, 289 x 285, 8-bit/color RGBA, non-interlaced Size199 kB (199315 bytes) Hash1065ebed25d5896df0fb704d40906574 54ecd5fd8bb72389205a1fe8148229e3af765c31 0e353e4dfcc946ec5be8c36670ef399d0960da2382f143d48f2d87f02e7e00f5
GET /6/Wow_files/nh3.png HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/Wow_files/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: image/png
content-length: 199315
x-amz-id-2: OgrcWSViGUTBPlQsKpVmu+LfruM1f5r0OB2fcHMCtaXslMq60P7iP6JO+rKFoskI6x0DKOKngbs=
x-amz-request-id: 57CPVYJCFR25486H
last-modified: Sun, 11 Feb 2024 15:00:14 GMT
etag: "1065ebed25d5896df0fb704d40906574"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fy52X4sVb2cmU9%2B7wHPUeLopr2L67R180JdFli2xsHPOxGXfXgmCuYtn5ms2ttnEJj4AFOGOG4F7uRKQoJyVxY9cUjRD4tuJdqHh%2FaJGvGG6S5WbhYlOstFYKqsvsseFmNdEhAQqgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643fa7dbfb569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ng.nairaintheget.xyz/6/Wow_files/bckbton.js | 172.67.179.157 | 200 OK | 833 B |
URL GET HTTP/3ng.nairaintheget.xyz/6/Wow_files/bckbton.js IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typeJavaScript source, ASCII text, with very long lines (901), with no line terminators Hash3583bb84d6ebeca4aafb06d6c94e4687 0bb76fca357356abe66354240e43c42a2514b399 426cac7803821ba2a61d9a2673490bd48cf41faa467bc8755abb6a5b8da1ba23
GET /6/Wow_files/bckbton.js HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:17:28 GMT
content-type: application/javascript
x-amz-id-2: /KoKp9RSMo1qo6BjNlCAdlU62IS/65w3xDgbxoQSLXDUTW7sjIZhFUeduy6oRO4CQgmDB36DJYQ=
x-amz-request-id: HV2MM16GTWDKZK0D
last-modified: Sun, 11 Feb 2024 14:59:56 GMT
etag: W/"6d1333b717d1eabeccff8b713f875b40"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=If0wGxcJRAu6X3h%2BUVKFPjLVxU3RD8muBcX5rmTxLgOcgYmwyU7ZnmY5y6%2FPzmVm6qjkrPD%2Bk1Jm13xiZkZRzSlQBB511tlPCHrnKOWBxCQlCSah1hP3tIZZOfyEuRaSnixjPKH%2FpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643fa36cad569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ng.nairaintheget.xyz/favicon.ico | 172.67.179.157 | 404 Not Found | 539 B |
URL GET HTTP/3ng.nairaintheget.xyz/favicon.ico IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typeHTML document, ASCII text, with very long lines (559), with no line terminators Hash7726b756f40eff68e7cad513b411487a 9f992b52498bd6e4aa3965c68d15f028a5362a1b a0ac7c3768aca15437196444ffc741f5f0efe672a17f8788e3bb476cba8b7aa8
GET /favicon.ico HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: text/html; charset=utf-8
x-amz-request-id: 57CVACRYC76PZEZZ
x-amz-id-2: M5jngA9nZElP8xczQNRlP+r4v3LpznARsSwmFUQVgjzuRfdj2bldtMmDx9CjrCZIu+NDPVGlC9E=
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3eX14iJ832X7rfaUUjkzvK48fnNLl6mN2a2dPEtD0p7d%2BwFCrjQkUHVo8nC0jAeh5b%2BJqRbJfh8K5DVlUQZtr5MBcY8eZ7BTO5040trsJJfkFdIc3yFNuyANEjjflfq9lAZ%2BxFL4Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643fab9b43569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| woudaufe.net/pfe/current/micro.tag.min.js?z=5615385&sw=/sw-check-permissions-30a34.js | 139.45.197.251 | 200 OK | 36 kB |
URL GET HTTP/2woudaufe.net/pfe/current/micro.tag.min.js?z=5615385&sw=/sw-check-permissions-30a34.js IP139.45.197.251:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerLet's Encrypt Subjectwoudaufe.net Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5 ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT
File typeJavaScript source, ASCII text, with very long lines (36528), with no line terminators Hashb64d3763f9aa99e7edc76dc0dd29d030 9b5d6da9384fe75fcc5a4f79ad2cde0399bfd523 e64712048ba884038027c9037196f430b7ae020a3ec9679dfd577a6fb58f9de3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=5615385&sw=/sw-check-permissions-30a34.js HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 11:17:29 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 15:56:40 GMT
etag: W/"661e9fb8-8eb0"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ | 172.67.179.157 | 200 OK | 16 kB |
URL User Request GET HTTP/2ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ IP172.67.179.157:443
CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 11:17:28 GMT
content-type: text/html
x-amz-id-2: 8Y9R+tGpBwi4xleMwFKdC/LK4TzoF3v7zSEDnu9mXjgsMdvKzP+z9wkBYXj7y0jt23B0hywWeBM=
x-amz-request-id: XD18MR9EDD0EVE7R
last-modified: Sun, 11 Feb 2024 15:03:51 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJd8ZVHYOqD9Cto3bSGdxaFtUaoatM%2BsM1RhDz1FrPXg9%2FH3bToIRE%2FlHGLHbtTNM2drs3REbGNmVkUHd%2B7ZeXl%2BR%2F3gt9vw%2FwKUyayqqTkoJXwV6p4OoMtKZXFFS4aUe4d6J7g9fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87643fa03963b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ng.nairaintheget.xyz/6/Wow_files/main.css | 172.67.179.157 | 200 OK | 95 kB |
URL GET HTTP/3ng.nairaintheget.xyz/6/Wow_files/main.css IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typeASCII text, with very long lines (349), with CRLF line terminators Hash3c2e07f55de8da912e0818519f03c858 4d9eee9ad6c9435af403f1cc44abef75c5b5f56e bf605c8632208808c4e71ae3a6ae69996e6502478563e26495b5ec842cf5be65
GET /6/Wow_files/main.css HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:17:28 GMT
content-type: text/css
x-amz-id-2: 8XKIl5nmDTj256GzH3YfRBRwnbTl1AMg/HnfkEVvoTzmE1RMiHHwyk2r3/k2J5qy5OhmI0A2VIo=
x-amz-request-id: 17241CVXKHSBDDN3
last-modified: Sun, 11 Feb 2024 15:00:06 GMT
etag: W/"3c2e07f55de8da912e0818519f03c858"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Ftlxzb6wLXI9hgeBZbCZqjaranM0heAGRI6wWKwn0Y3vfYFMUdqt8Fv0MpFY4V%2BRpYNQhs8cOQ3lh33aamlsjHKOVpz5d7l0VDR%2FXrTi5Rt90%2BIa3DtZIzHJ0hPAgL25v1RPTzOosA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643fa34c86569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ng.nairaintheget.xyz/sw-check-permissions-30a34.js?zoneId=5615385 | 172.67.179.157 | 200 OK | 566 B |
URL GET HTTP/3ng.nairaintheget.xyz/sw-check-permissions-30a34.js?zoneId=5615385 IP172.67.179.157:443
Requested byhttps://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/ CertificateIssuerGoogle Trust Services LLC Subjectnairaintheget.xyz Fingerprint49:C4:BA:2D:AA:45:F9:61:08:6C:A9:95:CE:A1:AD:5C:06:77:A9:B6 ValidityWed, 10 Apr 2024 13:14:35 GMT - Tue, 09 Jul 2024 13:14:34 GMT
File typeASCII text, with very long lines (605), with no line terminators Hasha8559f98a2ec82062864672f0b6bae5b 52d941267b3a032c2d4a5f79b01fef2088db6235 9970594ee8e0ee73de1fc6876f5e3bd2a9921e7e937c0476c0137c658a8d3093
GET /sw-check-permissions-30a34.js?zoneId=5615385 HTTP/1.1
Host: ng.nairaintheget.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ng.nairaintheget.xyz/6/indexH.html?domain=www.trknationwide.xyz&carrier=&bemobdata=c=260d26a1-6db6-4636-b6bb-7d1a4c3aea38..l=77961f07-1fe2-4f35-ab01-a4cd7d0f2bce..a=0..b=0..r=www~BEMOB_DOT~trknationwide~BEMOB_DOT~xyz..ts=1713423509319/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 11:17:30 GMT
content-type: application/javascript
x-amz-id-2: sXxpaskqxfawicOsz5DVZ+mS70o637SAHcFRyaYbYQf2TaFBj+F9fFsH3NX2oQPoTnrEwmdszHo=
x-amz-request-id: 57CTGP2VXPARB68N
last-modified: Sun, 11 Feb 2024 15:02:16 GMT
etag: W/"8731d0e15415390028fc7632952fa672"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SY87IH69emW97ceaJD3o7%2BS5V6C8G8FuRCSghowHoeg2o7FQW7bcL8Lfal%2BKkWzqVtWmrL8t44na0H0DPWDD3ZtFt%2BUbPoncN8E%2FjWRZHCWx8V3vh%2FwStqhDj5wlon2%2F%2F9HRmdmcEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87643facee4a569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|