| l24.im/Home/Main/assets/images/banklogos.png | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3l24.im/Home/Main/assets/images/banklogos.png IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typePNG image data, 429 x 32, 8-bit/color RGBA, non-interlaced Hashbd652944bc6ccda4690900baa6226ca9 eb3faf37fcecd7fb23e8270a298f56bfd0e3c14d d0ca4e684b6a94cdc68c6b622aa32ddefccf9f022a2b88cb0a38ce21e2d78e35
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/banklogos.png HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/png
content-length: 14196
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: "baaa9193ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1B93ys6%2B7IuH1KN1ky3eW9j5sjuX0X5e8l71%2FLoHw%2BB1s%2BJNmLSfNcxjshQirTQp6X4WG5gDKtETG0SGN9qUaIZpciJQu9Yy3nnPcSyr1Xgo%2BhWSPeoyrLI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3bba856b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css | 104.17.25.14 | 200 OK | 17 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css IP104.17.25.14:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65317) Hash8ef777107c4620d4ddd4f8c4bb14a36c 0ae47fa834fb55de7b50c79021aeabecfae50c9c c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
GET /ajax/libs/font-awesome/6.1.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: text/css; charset=utf-8
content-length: 17188
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62deef96-4324"
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 508
expires: Wed, 16 Apr 2025 03:10:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0686W48rqvfjFkdF6lMzSnwM1PzEQBVH5Kn8IDMCw8SBMhJuJm3Aw9JMF6%2Bk7OMWpL0Gpsbcg6ESa5WCZrxRk4Lk7C13NV0%2FXJ%2FJjDKUBQ2Df8dGAGE6BW4HKKBj%2BtULKVKxki7v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a360d3c8bdb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| l24.im/Home/Main/assets/images/loading-buffering.gif | 188.114.96.1 | 200 OK | 41 kB |
URL GET HTTP/3l24.im/Home/Main/assets/images/loading-buffering.gif IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeGIF image data, version 89a, 200 x 200 Hashcac6f4f6ddbe92403ef75aab346d1f59 92b129fe5eae789c5bdf9c88e56e6574004ab1b8 2eff2ae61047456178738bb7f10017cd66509ef3a547d5e3666267c7f4943b66
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/loading-buffering.gif HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/gif
content-length: 40957
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: "96810a3ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FVGWjd7gbXx0n47H1vgrL3mOQE1vYNrsLwPNdUSVSNk8D6esET7RUlEgXtcw%2FmCaKcqcCYiJZ9nRORrFmQiAo%2B0MYAKL0oQG9m1tPTj3TSZb0yYzDCSbJrQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3aba156b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-7N67D0CRJL | 142.250.74.72 | 200 OK | 101 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-7N67D0CRJL IP142.250.74.72:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size101 kB (101104 bytes) Hash9391c46f9d4713d898894c3c6b664007 a4b71b9fd1e49719139fd2c403079f2b7b173d7b 127be9acb5a88e402012d2e274e4ad4d037395b60cf9c4ddb5ccd50e144c326f
GET /gtag/js?id=G-7N67D0CRJL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 03:10:10 GMT
expires: Fri, 26 Apr 2024 03:10:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101104
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css | 151.101.193.229 | 200 OK | 3.4 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css IP151.101.193.229:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (12795), with no line terminators Hasha2d42584292f64c5827e8b67b1b38726 1be9b79be02a1cfc5d96c4a5e0feb8f472babd95 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
GET /gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.5.7
x-jsd-version-type: version
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 03:10:10 GMT
age: 20746566
x-served-by: cache-fra-eddf8230072-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3370
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js | 151.101.193.229 | 200 OK | 23 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js IP151.101.193.229:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (31972) Hash49a6b4d019a934bcf83f0c397eba82d8 6181412e73966696d08e1e5b1243a572d0f22ba6 cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
GET /gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.5.7
x-jsd-version-type: version
etag: W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 03:10:10 GMT
age: 22648478
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23149
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js | 142.250.74.170 | 200 OK | 34 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js IP142.250.74.170:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (32038) Hashf03e5a3bf534f4a738bc350631fd05bd 37b1db88b57438f1072a8ebc7559c909c9d3a682 aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 04:18:29 GMT
expires: Sat, 19 Apr 2025 04:18:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 600701
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| collect.segmage.dev/src/0745484d-e935-41b7-aa35-08db89e90583.js?v=6382554132080622165 | 188.114.96.1 | 404 Not Found | 0 B |
URL GET HTTP/2collect.segmage.dev/src/0745484d-e935-41b7-aa35-08db89e90583.js?v=6382554132080622165 IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /src/0745484d-e935-41b7-aa35-08db89e90583.js?v=6382554132080622165 HTTP/1.1
Host: collect.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 26 Apr 2024 03:10:10 GMT
content-length: 0
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SEIjAaYLvoXzRj99VMd1%2Bz3DJKRho7fDmOc6GDIpMlCbgdjWuZY4EuW%2BOwAKJcWJUXdJKBfVWuyZu7OjkloPYNgusGQb3y2P2UwX9VKuPs5Odrm0DAxsP%2Fxgj4GsHMHmIUa8K7Ga"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a360d43aaa56bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| l24.im/Home/Main/assets/images/facebook.svg | 188.114.96.1 | 200 OK | 1.6 kB |
URL GET HTTP/3l24.im/Home/Main/assets/images/facebook.svg IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeSVG Scalable Vector Graphics image Hashee7fdf6fb5991508411074973990791d 658e7e062c1008262ada8f6c5b2f373e9b5cec3a 6b3d272a2f70a01b602d8fe997f81a54b5ffffa9dfcaff5c9e6fe6c026c3b7a9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/facebook.svg HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: W/"f0eb9893ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vp05dpuX2gUu8qQ%2FwUecG05i%2B7A6nbO9burjMTGOwqI%2B5TrAWEq5pCHikahnIVQHuXn0XTR7BUVAqa30M62Wt6%2BFguduJAhUo%2BKlVficyKtHtpqAmzcViY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3bba656b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-MF73SG9J | 142.250.74.72 | 200 OK | 88 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-MF73SG9J IP142.250.74.72:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3041) Hash3be81af508bb464944a6ba7aa1e9e400 c67fe3cacb0a6587ed3cf0416d77cb88d1857a4a 83978f1bd63d0b81966edb188fa20cf3fc95ded8f1598d70e83375742d499fef
GET /gtm.js?id=GTM-MF73SG9J HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 03:10:10 GMT
expires: Fri, 26 Apr 2024 03:10:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| l24.im/Home/Main/assets/css/font.css | 188.114.96.1 | 200 OK | 761 B |
URL GET HTTP/3l24.im/Home/Main/assets/css/font.css IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeASCII text, with very long lines (653), with no line terminators Hasheac2867fde408de726bdcf8051f66b9f f369a2d186495ae2911ed878c4eb475bd848c720 e5e975a7a597a22af0528c541a81cf3c9a2a4ebdde459edd6fc351334f4d12cb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/css/font.css HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=947
etag: W/"4bc18093ea3d81:0"
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dbLfQWriAWJJi6eLVa8ThCNp2EXDOOaSC%2B6ctafeMM0%2F%2BK%2Bnfeuv6yEZoGYm1c4zi3HvRd8aB2%2FR0E0d1CFk7X3BsLX9GSDiv6hkpBL1%2FMsYwUgR%2BDQrjdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d39b9856b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/en/report-abuse.html | 188.114.96.1 | 200 OK | 13 kB |
URL User Request GET HTTP/2l24.im/Home/Main/en/report-abuse.html IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (376), with CRLF, LF line terminators Hasha7361f631b9bf067d6836a61a7579fb0 569ea17367cfe2e867d38f8f81d0060638f170d4 bf15228862280d4730277bbf5d31e74d15b989293c0534e005f56fd3e6586845
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/en/report-abuse.html HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 00:21:38 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5iElX9PIGK8l9L%2FTVpX%2B3l0mDkspWzAhVT3Bdqn5BcP04SQpVh%2BdRImJDIj2tYGD5FYY1XaI%2BfaVsanD8CqjVxteqZeR0WxJsOdZTTOLQvjWBFd6LmhPVb0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d0edb156ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| l24.im/Home/Main/assets/images/twitter.svg | 188.114.96.1 | 200 OK | 22 kB |
URL GET HTTP/3l24.im/Home/Main/assets/images/twitter.svg IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeSVG Scalable Vector Graphics image Hash71c636b942fa3cbee418a65aa476cb91 5f7b44ae7c4f5df6bed53a64f8b7d02e7842533f 731f6f8e0d18bfdab2c690939150426c469c4e7621b8679e769e32ead3db71c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/twitter.svg HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Jul 2022 11:26:26 GMT
etag: W/"e56021a3ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ra%2Bhc%2BD1KALRZmsdJq8Noestmqcmrz9WpIoqK%2BzKSHmDkJVocR%2F2In4JuuZLFyi1B52uVMOs2gL2Vp8xIkWfFNtoaqzJNLnrsLTt9C1zoE0rpWVpG1rWYxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3bba756b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 | 216.58.207.227 | 200 OK | 19 kB |
URL GET HTTP/2fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 IP216.58.207.227:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 19156, version 1.0 Hash0ceb759015a6df090ad355231fdb39f1 b947749baab5bfa0bee35d31e5a5050d4beefe9b db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
GET /s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:30:46 GMT
expires: Fri, 25 Apr 2025 02:30:46 GMT
cache-control: public, max-age=31536000
age: 88765
last-modified: Tue, 02 May 2023 16:04:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| l24.im/Home/Main/assets/js/form.js?v=1.0.4 | 188.114.96.1 | 200 OK | 19 kB |
URL GET HTTP/3l24.im/Home/Main/assets/js/form.js?v=1.0.4 IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (1321) Hash7e0647db52d6a3af2d8327b460a0a80a f9a41e8c9953463c3b1f1f5f906ba49ac7057f99 ce4375a84219a37a1adc48aa09b1571260b5e48854001319dea63924050028a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/js/form.js?v=1.0.4 HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=10736
etag: W/"de347ac894c9d91:0"
last-modified: Tue, 08 Aug 2023 01:08:03 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYCXGnezBQYN7WvqTY92tcYkPSdi4p4mPbXF2i8ZkQJGxK%2FEsfor5LFtPGl0Ng4A3j4Jmo4TOGb6wSTOFowKvKII%2FtdyWThSnIkZKROhEW5yBjUKnDrpu7s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3bbaa56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;400;500;600;700&family=Playfair+Display&display=swap | 142.250.74.106 | 200 OK | 21 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;400;500;600;700&family=Playfair+Display&display=swap IP142.250.74.106:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash37744d5085b4b472f9272fd7a8b4c508 ea208eca8af98d7ddabfa6b6f575679ce07a189b 033a8fea9cff56f36ceb42be10e6da94c739a8afd9b59defd062f5ef48cf8afa
GET /css2?family=IBM+Plex+Sans:wght@300;400;500;600;700&family=Playfair+Display&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 03:10:10 GMT
date: Fri, 26 Apr 2024 03:10:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| l24.im/Home/Main/assets/images/menuicon1.svg | 188.114.96.1 | 200 OK | 20 kB |
URL GET HTTP/3l24.im/Home/Main/assets/images/menuicon1.svg IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeSVG Scalable Vector Graphics image Hashc3780f989f484de2b8f0d3c1dbed8908 9e63c8651885230c9fd956e8826050cc394e8967 63b3c4e333558a101fd29cb6ecce29f9b3dee5de4765d77aec0367fd8eb8047b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/menuicon1.svg HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: W/"2eb712a3ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PmYMRU7ACHNX54%2B8Nkagjdk1P0uvJHVxWxtp9sTGZ2ZiaUGuXn3NlmtNquzjWHkH2v06tTk0RJQwuMXrIYGGRQuK2R9Ag8wcnviNEJQpD%2Bm2L3KYESAceY8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3ab9e56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2 | 216.58.207.227 | 200 OK | 19 kB |
URL GET HTTP/2fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2 IP216.58.207.227:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 19440, version 1.0 Hashf9b6356e32a9b93ae0f1c23aa537f2a1 0cc73519d7b7fb4e4268727490205df48bd570f6 fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678
GET /s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 17:46:32 GMT
expires: Tue, 22 Apr 2025 17:46:32 GMT
cache-control: public, max-age=31536000
age: 293019
last-modified: Tue, 02 May 2023 16:08:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| l24.im/Home/Main/assets/css/img/flags.png | 188.114.96.1 | 200 OK | 20 kB |
URL GET HTTP/3l24.im/Home/Main/assets/css/img/flags.png IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typePNG image data, 5630 x 15, 8-bit colormap, non-interlaced Hashca3277bf7783c9c969898ab5edfdfda4 b959a96337f43ac29cefe1be6b881cadee2101a2 da43d15740f2672964c941d07f8313d6d560db441ec04261f70c4241c49cc4e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/css/img/flags.png HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/assets/css/intlTelInput.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: image/png
content-length: 19470
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: "24a78293ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FtwL8Co4sJ%2BgsizKS%2BREiQs9yYJskmy4AtaIb2ZvqhRGO%2F10mz6tN%2Be4O2fv7A985kGi3skJRtHB1YGb1SjOm%2FxGNFEdiGRMQAs3JC9Wn0Eb8kMeCRYByY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d8cd4d56b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css | 104.17.25.14 | 200 OK | 17 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css IP104.17.25.14:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65317) Hash8ef777107c4620d4ddd4f8c4bb14a36c 0ae47fa834fb55de7b50c79021aeabecfae50c9c c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
GET /ajax/libs/font-awesome/6.1.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.l24.im
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: text/css; charset=utf-8
content-length: 17188
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62deef96-4324"
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 509
expires: Wed, 16 Apr 2025 03:10:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyTDsTIltRT8LaBFca9%2F8nCqaxAhBDHZk9do2dDPm%2BeO7UFCW0934trvOwEV10%2FQA0JAsXhf55JN1qE82bg9oBy98KcWML4KlYAo8hQGGglwTV4HYQRtnFBhuodnPtHrHsCfmenI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a360d92a5eb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css | 151.101.193.229 | 200 OK | 3.4 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css IP151.101.193.229:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (12795), with no line terminators Hasha2d42584292f64c5827e8b67b1b38726 1be9b79be02a1cfc5d96c4a5e0feb8f472babd95 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
GET /gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 3370
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.5.7
x-jsd-version-type: version
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 03:10:11 GMT
age: 20746567
x-served-by: cache-fra-eddf8230072-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js | 151.101.193.229 | 200 OK | 6.4 kB |
URL GET HTTP/3cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js IP151.101.193.229:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (23002) Hash00debcf6cf0789a19cee2278011afcd4 8017f8b1869077db728573f1ca4684a00af69462 faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6
GET /particles.js/2.0.0/particles.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 6363
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"5b44-gBf4sYaQd9tyhXPxykaEoAr2lGI"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 03:10:11 GMT
age: 1744001
x-served-by: cache-fra-eddf8230124-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| l24.im/Home/Main/assets/images/l24logo.svg | 188.114.96.1 | 200 OK | 26 kB |
URL GET HTTP/3l24.im/Home/Main/assets/images/l24logo.svg IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeSVG Scalable Vector Graphics image Hash225ffd833928e41b2c13172a1ffa7309 11097059d97e91f86bf4121b3d72c3c458e17055 105651637868eaeeb98db42c03082b8c2768c942ab30e8231967cfb9b2d1fcae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/l24logo.svg HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: W/"62cf893ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HggL3uM6smlxfDzJZT3op36USGF2V4Omm3S0mV0i%2BvrsEqjb2NpB%2F7gQUC4ps3Q8RxtVwwS3JGIOKNJD278DoZ47jLOaPyJ04ilvGZgOuVQ0NmDZckyvr4s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3ab9b56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js | 151.101.193.229 | 200 OK | 23 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js IP151.101.193.229:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (31972) Hash49a6b4d019a934bcf83f0c397eba82d8 6181412e73966696d08e1e5b1243a572d0f22ba6 cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
GET /gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 23149
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.5.7
x-jsd-version-type: version
etag: W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 03:10:11 GMT
age: 22648478
x-served-by: cache-fra-etou8220109-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-MF73SG9J | 142.250.74.72 | 200 OK | 87 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-MF73SG9J IP142.250.74.72:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3041) Hash0b57bd2944305a1e381e7b2ab5980b40 1121d4e42c006a76614d8d6c7c478842af5d4ab5 e24caa39b828d1481de8bbaf63150840ce11bedf86aa59f5d067915cfbe45313
GET /gtm.js?id=GTM-MF73SG9J HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 03:10:11 GMT
expires: Fri, 26 Apr 2024 03:10:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87359
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7N67D0CRJL&cid=1644663986.1714101011>m=45je44o0v876472101z89137687946za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1486215500 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7N67D0CRJL&cid=1644663986.1714101011>m=45je44o0v876472101z89137687946za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1486215500 IP142.250.74.163:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7N67D0CRJL&cid=1644663986.1714101011>m=45je44o0v876472101z89137687946za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1486215500 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Apr 2024 03:10:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| app.l24.im/styles.2df49dd6389696495d00.css | 188.114.96.1 | 200 OK | 421 kB |
URL GET HTTP/3app.l24.im/styles.2df49dd6389696495d00.css IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size421 kB (420910 bytes) Hashdba84f0276c594624d3d5c77fc978db5 a3fef693e646a2a62173cac3cdd123752496e821 4ca871830c95ec135ffd8dfbbe055590d500424b15b5b7225ef982962cc50d2b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /styles.2df49dd6389696495d00.css HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2677481
etag: W/"1d9c6e4b2f73be9"
last-modified: Fri, 04 Aug 2023 15:02:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3280
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ENzogZbilgsx2da9IYRMPyJkpiF7CVrI7GEyIOiBV59moHNv95tfuHp%2BwbSAdk4nh68IcbUmaOigRknxmeNhox0hhEsMy6GkeOam3znfrjJLn3sDmdQda1WR0aHz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d93dec56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/images/menuicon3.svg | 188.114.96.1 | 200 OK | 46 kB |
URL GET HTTP/3l24.im/Home/Main/assets/images/menuicon3.svg IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeSVG Scalable Vector Graphics image Hash2a3af5b285a3a7805140508bf45f748b b002087adf268a97853f8ab811121180e79528fc da4bfa55fc84463a44296293f88bb28e4b907c5d387a69c292c83eb722609533
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/menuicon3.svg HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: W/"fcff12a3ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6scva%2BiZtkAPaT%2F8X99mTjx1B%2BITxzPIVTpDd6B7tqHhQ%2BrMMmHjWJqMt%2BgHYlWfNIzCMTlEGMXTV504H9aJZZXeVStvNcOAc8eTBZLalpR3ALwvzIuMCvQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3aba056b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/css/intlTelInput.css | 188.114.96.1 | 200 OK | 70 kB |
URL GET HTTP/3l24.im/Home/Main/assets/css/intlTelInput.css IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeASCII text, with very long lines (21140), with no line terminators Hashcb5b1388162900660d327e2049fb4b94 379bf9699a1a5ed27b5a304726fe57f36dfb07ee dc8f4d6cd6a649aa1fe10aac766c959d35916597e811f166da26e41ff71c04b9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/css/intlTelInput.css HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=21155
etag: W/"dca28493ea3d81:0"
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYdcBd%2BMmTNNz0WL%2B0UwcQjZ8gATRDSi2X6HQfCdCE4rGf6LM0bSpd1Dp2anx0QJBQC5IyCxkFTyCAOTAhrWzAmmP4c8bDd8l3Qza1repcc3QcL1x%2B%2BZrTs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d39b9956b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7N67D0CRJL>m=45je44o0v876472101z89137687946za200&_p=1714101010828&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1644663986.1714101011&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714101011&sct=1&seg=0&dl=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html&dt=Report%20Abuse%20-%20Link%2024&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1421 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-7N67D0CRJL>m=45je44o0v876472101z89137687946za200&_p=1714101010828&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1644663986.1714101011&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714101011&sct=1&seg=0&dl=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html&dt=Report%20Abuse%20-%20Link%2024&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1421 IP216.239.32.36:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7N67D0CRJL>m=45je44o0v876472101z89137687946za200&_p=1714101010828&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1644663986.1714101011&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714101011&sct=1&seg=0&dl=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html&dt=Report%20Abuse%20-%20Link%2024&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1421 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://l24.im
date: Fri, 26 Apr 2024 03:10:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-7N67D0CRJL&l=dataLayer&cx=c | 142.250.74.72 | 200 OK | 101 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-7N67D0CRJL&l=dataLayer&cx=c IP142.250.74.72:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size101 kB (100609 bytes) Hashd6aac0da8e69a9d362c439f933eef87b 6e5be250ff47bee1dcd6bf3675428a80eea580e1 d1ceb7633997ca21ae9b8490083c5f8063535e0e2f920f3dc6f2fb06116e1e89
GET /gtag/js?id=G-7N67D0CRJL&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 03:10:13 GMT
expires: Fri, 26 Apr 2024 03:10:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| collect.segmage.dev/js/set?sr=1280x1024&sa=1280x1024&sc=24-bit&ul=en-US&cs=UTF-8&title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html&refUrl= | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/3collect.segmage.dev/js/set?sr=1280x1024&sa=1280x1024&sc=24-bit&ul=en-US&cs=UTF-8&title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html&refUrl= IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /js/set?sr=1280x1024&sa=1280x1024&sc=24-bit&ul=en-US&cs=UTF-8&title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html&refUrl= HTTP/1.1
Host: collect.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,d,ga,sg,source,t,tz,u
Referer: https://l24.im/
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 26 Apr 2024 03:10:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type,d,ga,sg,source,t,tz,u
access-control-allow-methods: POST,GET
access-control-allow-origin: https://l24.im
access-control-max-age: 604800
vary: Origin
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gGx%2F3%2BXC1YNwTK3zSk1LIFTBJOolFAxdIe64ASZoP6xa%2F5isMmACvxa%2FnzZaYTWuxUDoZjKrny01LvoPhlJpMpzLZbU4PDx36iL7BRRJ9hCXWwwu46ibiM5C4incKoK1I46CYt2Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a360e7df0c56c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| collect.segmage.dev/js/set?sr=1280x1024&sa=1280x1024&sc=24-bit&ul=en-US&cs=UTF-8&title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html&refUrl= | 188.114.96.1 | 200 OK | 36 B |
URL GET HTTP/3collect.segmage.dev/js/set?sr=1280x1024&sa=1280x1024&sc=24-bit&ul=en-US&cs=UTF-8&title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html&refUrl= IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
File typeASCII text, with no line terminators Hash93a0181e63ffc4ebd44c46f6e6d437be 224ebed0488e54cc4420f3fe988a32a46aed0e16 b607054409341623061097de4569b3183df8ae6eea5ce064b773784c514bac55
GET /js/set?sr=1280x1024&sa=1280x1024&sc=24-bit&ul=en-US&cs=UTF-8&title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html&refUrl= HTTP/1.1
Host: collect.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
source: 0745484d-e935-41b7-aa35-08db89e90583
sg: adbd3472-ca28-4709-8b4d-61fc2a0b26b9
u: null
tz: UTC
ga: GA1.1.1644663986.1714101011
t: Fri Apr 26 2024 03:10:13 GMT+0000 (GMT)
d: 2950329843
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: text/plain; charset=utf-8
content-length: 36
access-control-allow-credentials: true
access-control-allow-origin: https://l24.im
vary: Origin, Origin
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2F%2FpJCCL7SAzNAVEAiEHRQGnqse9KfUspnAeovt6Z6I29oOIzDFohhp5nbEdv6yQ6JH%2Bhh%2FEcUv4YXWNWuy5hO2Za05Rw%2FZZBEnwxN6XxAEEb0clTrBtipO2%2B3uvZ0GtElfiz5n2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a360e8ef5556c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/cdn-cgi/rum? | 188.114.96.1 | 204 No Content | 0 B |
IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1027
Origin: https://app.l24.im
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Cookie: _gcl_au=1.1.1501295584.1714101011; _ga_7N67D0CRJL=GS1.1.1714101011.1.1.1714101014.57.0.0; _ga=GA1.1.1644663986.1714101011; __sg=eyJkZXZpY2UiOiIyOTUwMzI5ODQzIiwiaWQiOiJhZGJkMzQ3Mi1jYTI4LTQ3MDktOGI0ZC02MWZjMmEwYjI2YjkiLCJ1c2VySWQiOm51bGx9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 26 Apr 2024 03:10:14 GMT
access-control-allow-origin: https://app.l24.im
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a360ec282856b1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| l24.im/cdn-cgi/rum? | 188.114.96.1 | 204 No Content | 0 B |
IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1077
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Cookie: _gcl_au=1.1.1501295584.1714101011; _ga_7N67D0CRJL=GS1.1.1714101011.1.1.1714101014.57.0.0; _ga=GA1.1.1644663986.1714101011; __sg=eyJkZXZpY2UiOiIyOTUwMzI5ODQzIiwiaWQiOiJhZGJkMzQ3Mi1jYTI4LTQ3MDktOGI0ZC02MWZjMmEwYjI2YjkiLCJ1c2VySWQiOm51bGx9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 26 Apr 2024 03:10:14 GMT
access-control-allow-origin: https://l24.im
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a360ec383256b1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| collect.segmage.dev/js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/3collect.segmage.dev/js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html HTTP/1.1
Host: collect.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,e,sg,source,u
Referer: https://l24.im/
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 26 Apr 2024 03:10:14 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type,e,sg,source,u
access-control-allow-methods: POST,GET
access-control-allow-origin: https://l24.im
access-control-max-age: 604800
vary: Origin
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EDCNYEFRpVMN7l%2Fh17JxIutNl2dt7%2BsGmTH1YHiuKYN45wTQYyI3ST82hnWjlTOD8Df%2F2N%2FMZpzcUzeVhSw8cSr0T4hhEULdiffpguECE54PjoOyMHTFHzl%2F%2BsUiZpBOXpVSrlmG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a360ed186856c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.segmage.dev/template.html | 188.114.96.1 | 200 OK | 55 kB |
URL GET HTTP/3cdn.segmage.dev/template.html IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
File typeHTML document, ASCII text Hash81727346cbe5d580c7bd4b64ca3bbd0f 7bf5bfa802ee5d2d94ab8889f525018ec4392a12 da685f9f6a3eb673d577be18066a003000d56335c4629fddd29e40e6a87a6b1e
GET /template.html HTTP/1.1
Host: cdn.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.l24.im/
Origin: https://app.l24.im
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:13 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-origin: https://app.l24.im
last-modified: Thu, 04 Apr 2024 10:55:30 GMT
vary: Origin
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WeIE2Iilx2s2jX%2FOVbMpb%2B6G5S7V%2FyDToWcR%2BI53H%2BGyzuMwfjY83C7zTUjSUd4ztjB387b992Eec0UiA1QcJFEXGNKNyX7bH05bMoSgxEgE2Y5J2K63fP8DMUCDXs%2F9O0s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a360e85f3656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| collect.segmage.dev/js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html | 188.114.96.1 | 200 OK | 36 B |
URL GET HTTP/3collect.segmage.dev/js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
File typeASCII text, with no line terminators Hash73157bcea1b435e361e7b573876154bf 81f55a5044aab807ce3620f4aef443c9fa7db2d4 ab2e1b843e1bb2ecce1ce9ab45d0c181268bcb2d9bddad6cdb8f8711f86e0e99
GET /js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Report+Abuse+-+Link+24&url=https%3A%2F%2Fl24.im%2FHome%2FMain%2Fen%2Freport-abuse.html HTTP/1.1
Host: collect.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
source: 0745484d-e935-41b7-aa35-08db89e90583
sg: adbd3472-ca28-4709-8b4d-61fc2a0b26b9
u: null
e: PAGE_VIEW
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: text/plain; charset=utf-8
content-length: 36
access-control-allow-credentials: true
access-control-allow-origin: https://l24.im
vary: Origin, Origin
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NeM%2F6ZGwVnuQPVg6KOdBooJxU7zBoDTzmVvB%2B1Eg1TjaODb5PwPvcnwrabqLur%2BX4yeUPe3saMtfB%2B2GdniVitPyP0bRh1qzMyDxML%2FQK9itX6LbRAJqrRh2YgbeDK3NGm6ptXP4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a360edb88c56c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/assets/i18n/tr.json | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3app.l24.im/assets/i18n/tr.json IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
Hashf31a2131bac35c50dbb492ef871749d0 c789e1a23a875b63757952a5fcfb9e592eba7a85 ababdc7a2a38093d5849b71446bd2abace9131ba5d651bdec41e763fb790cdd3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/i18n/tr.json HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Cookie: _gcl_au=1.1.1501295584.1714101011; _ga_7N67D0CRJL=GS1.1.1714101011.1.1.1714101013.58.0.0; _ga=GA1.1.1644663986.1714101011; __sg=eyJkZXZpY2UiOiIyOTUwMzI5ODQzIiwiaWQiOiJhZGJkMzQ3Mi1jYTI4LTQ3MDktOGI0ZC02MWZjMmEwYjI2YjkiLCJ1c2VySWQiOm51bGx9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: application/json
last-modified: Thu, 22 Jun 2023 08:38:56 GMT
etag: W/"1d9a4e4fb501b3d"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vElUPhYm2tx4t7FMDdXrU0o1mmjK%2FyoQ6oV9Y64YkaOl2xVq7Q7JXZ0bvIXDC%2B2eNWl%2FnayTC0RccSgUak89%2BgRvpYKu9PLSbhAPQSNadwMqbraMVbSkz7waRE%2F7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360eb5f2d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7N67D0CRJL>m=45je44o0v876472101z89137687946za200&_p=1714101011461&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1644663986.1714101011&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714101011&sct=1&seg=1&dl=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser&dr=https%3A%2F%2Fl24.im%2F&dt=Link%2024&en=page_view&tfd=3254 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-7N67D0CRJL>m=45je44o0v876472101z89137687946za200&_p=1714101011461&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1644663986.1714101011&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714101011&sct=1&seg=1&dl=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser&dr=https%3A%2F%2Fl24.im%2F&dt=Link%2024&en=page_view&tfd=3254 IP216.239.32.36:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7N67D0CRJL>m=45je44o0v876472101z89137687946za200&_p=1714101011461&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1644663986.1714101011&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714101011&sct=1&seg=1&dl=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser&dr=https%3A%2F%2Fl24.im%2F&dt=Link%2024&en=page_view&tfd=3254 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.l24.im
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://app.l24.im
date: Fri, 26 Apr 2024 03:10:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| app.l24.im/assets/i18n/en.json | 188.114.96.1 | 200 OK | 19 kB |
URL GET HTTP/3app.l24.im/assets/i18n/en.json IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
Hash44c6bf5d8204cdd32beb1b9ce5d3c03b f6bbac6f477fff3a84c6a01bcfc795e9fa623789 9c85212731987f72f2dd4c2f9cf9325d8140217ae4c1a904c67147bf722ea2bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/i18n/en.json HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Cookie: _gcl_au=1.1.1501295584.1714101011; _ga_7N67D0CRJL=GS1.1.1714101011.1.1.1714101013.58.0.0; _ga=GA1.1.1644663986.1714101011; __sg=eyJkZXZpY2UiOiIyOTUwMzI5ODQzIiwiaWQiOiJhZGJkMzQ3Mi1jYTI4LTQ3MDktOGI0ZC02MWZjMmEwYjI2YjkiLCJ1c2VySWQiOm51bGx9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: application/json
last-modified: Thu, 22 Jun 2023 08:38:56 GMT
etag: W/"1d9a4e4fb50ece2"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l5QunpWRbV6LOqWFru1NZC9MzYG2%2BIzCJ5YHFVK%2BcabzvTXRNLpye4ZsPVR5iAa70xiK%2Bdgf9eK459s4x0RsTELnQXps7s0hWVY5g9oWBwSH9FxZ5RnAgxFkfbyb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360eb6f3f56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7N67D0CRJL>m=45je44o0v876472101za200&_p=1714101011461&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1644663986.1714101011&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1714101011&sct=1&seg=1&dl=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser&dr=https%3A%2F%2Fl24.im%2F&dt=Link%2024&en=scroll&epn.percent_scrolled=90&tfd=8255 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-7N67D0CRJL>m=45je44o0v876472101za200&_p=1714101011461&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1644663986.1714101011&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1714101011&sct=1&seg=1&dl=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser&dr=https%3A%2F%2Fl24.im%2F&dt=Link%2024&en=scroll&epn.percent_scrolled=90&tfd=8255 IP216.239.32.36:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7N67D0CRJL>m=45je44o0v876472101za200&_p=1714101011461&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1644663986.1714101011&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1714101011&sct=1&seg=1&dl=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser&dr=https%3A%2F%2Fl24.im%2F&dt=Link%2024&en=scroll&epn.percent_scrolled=90&tfd=8255 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.l24.im
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://app.l24.im
date: Fri, 26 Apr 2024 03:10:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.segmage.dev/segmage.min.css | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3cdn.segmage.dev/segmage.min.css IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
File typeASCII text, with very long lines (7910), with no line terminators Hash6d1abfc8fa0ad40a3cb1d22147e6135e 8a4e225f31539953ec67488c9038a8bf1d1c8d4f 1d35e409281d2ada3ca5fd915d447340a9e87e19c1c6f69091204b1e4ed8cf2e
GET /segmage.min.css HTTP/1.1
Host: cdn.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: text/css
etag: W/"1da867e9bdfe3e6"
last-modified: Thu, 04 Apr 2024 10:55:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3281
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MxW39DxuBY1azDgjiWnZJEXZKfEFv31Ue%2BJ%2BiOzim8YoR7VByTa%2Bk5%2BO7RZ%2Bpn69V9RcPvkdwmpaWXDgM4J1gB9EWj3M6V567KXNZVN87TwylmPUT0HsSwrCeGAp3Gs5u18%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a360ec482c56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/6-es2015.ebf475ad843a9bca125d.js | 188.114.96.1 | 200 OK | 634 B |
URL GET HTTP/3app.l24.im/6-es2015.ebf475ad843a9bca125d.js IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeJavaScript source, ASCII text, with very long lines (1630), with no line terminators Hash947f8cfb6e3dfc384a5bcc2e8a8a69c6 8020cfa5764e7d632b07deae849b0984d86f9ccd 6ff5bb7b9a746fb72cc1fada34fb9554ea08c7ce98a59d6f05667a2797e6ac0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /6-es2015.ebf475ad843a9bca125d.js HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Cookie: _gcl_au=1.1.1501295584.1714101011; _ga_7N67D0CRJL=GS1.1.1714101011.1.1.1714101013.58.0.0; _ga=GA1.1.1644663986.1714101011; __sg=eyJkZXZpY2UiOiIyOTUwMzI5ODQzIiwiaWQiOiJhZGJkMzQ3Mi1jYTI4LTQ3MDktOGI0ZC02MWZjMmEwYjI2YjkiLCJ1c2VySWQiOm51bGx9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"1d9a5d027950d5e"
last-modified: Fri, 23 Jun 2023 12:42:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3281
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FRBwd57kIknPZA4AkbFOM9ghYpgUwxmYQTA2rEn%2FSwLzUFLHT1x88cccivMGS5Y1OM15CGK2lEDhExmeJOTDffyTzRkzkJBknwtfqGYqX0sHCCU4UXoPNaeSYyb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360eb8f4c56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/cdn-cgi/rum? | 188.114.96.1 | 204 No Content | 0 B |
IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /cdn-cgi/rum? HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 430
Origin: https://app.l24.im
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Fri, 26 Apr 2024 03:10:37 GMT
access-control-allow-origin: https://app.l24.im
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a3617c0bb656b1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| app.l24.im/runtime-es2015.a915d801e419b0c43a7e.js | 188.114.96.1 | 200 OK | 2.3 kB |
URL GET HTTP/3app.l24.im/runtime-es2015.a915d801e419b0c43a7e.js IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeJavaScript source, ASCII text, with very long lines (2363), with no line terminators Hash52f7a2e234f703e062f6cb1dba1b5560 c89ba81251c808c0e0e5c79a3a0e6cb6b1f8ab4a 5ceb0f1374b792833b07070b065aca2aaa23473b32b8f1dfeadb20f5b60ba886
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /runtime-es2015.a915d801e419b0c43a7e.js HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Cookie: _gcl_au=1.1.1501295584.1714101011
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"1d9a5d024018d0a"
last-modified: Fri, 23 Jun 2023 12:42:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jAqPCBD%2FDXjidqMHlbc7Mhxd6JWFo2wlsx2GtE%2BAmIRelKb%2BLvm%2Fv1UQ%2Bo4gdQvqj0cS4XVkqTgCQHISqBertHOX7iW4qvZO2AT%2Bk%2BWFxiYbzOSuxUZaipz86phC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d95e1c56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhd_eFb5N.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhd_eFb5N.woff2 IP216.58.207.227:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15724, version 1.0 Hash0e2c71ca88ef614ed360af7147277927 9eee92090322dc7f14422e5babc7a4239e334400 9a4ad5a9fd17ad03f878c0f1b126f460c4f409f29c633d5fc7c20276a7060914
GET /s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhd_eFb5N.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:45:28 GMT
expires: Fri, 25 Apr 2025 02:45:28 GMT
cache-control: public, max-age=31536000
age: 87883
last-modified: Tue, 02 May 2023 16:04:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| app.l24.im/main-es2015.fe4776dc21aed168eff8.js | 188.114.96.1 | 200 OK | 6.2 MB |
URL GET HTTP/3app.l24.im/main-es2015.fe4776dc21aed168eff8.js IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
Size6.2 MB (6211059 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /main-es2015.fe4776dc21aed168eff8.js HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Cookie: _gcl_au=1.1.1501295584.1714101011
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6211068
etag: W/"1d9c6e4e39ed3fc"
last-modified: Fri, 04 Aug 2023 15:03:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HqDmWJJgve%2FdFmSU9W1wxJiy%2F6vHbxSn46hf6QJeEUwrPwfK9tpKG12G2BZaxfX5UamglNu1gok6hazfbNTmzOr9ztGhCf8686V70Yw8LLswqJn%2FO9W24WS96IkC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d95e2f56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/assets/css/light.css | 188.114.96.1 | 200 OK | 1.3 kB |
URL GET HTTP/3app.l24.im/assets/css/light.css IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeASCII text, with very long lines (1309), with no line terminators Hash8a156f9c718c47fa08a1bbfa800c0365 1babac92eebc60b0a7d572b9e4c2c69e3d6044bf c82221f3e64064693cbf4e36aa4e577ff3b68f153c2897f85e5efbc862bf63e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/light.css HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Cookie: _gcl_au=1.1.1501295584.1714101011; _ga_7N67D0CRJL=GS1.1.1714101011.1.1.1714101013.58.0.0; _ga=GA1.1.1644663986.1714101011; __sg=eyJkZXZpY2UiOiIyOTUwMzI5ODQzIiwiaWQiOiJhZGJkMzQ3Mi1jYTI4LTQ3MDktOGI0ZC02MWZjMmEwYjI2YjkiLCJ1c2VySWQiOm51bGx9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1657
etag: W/"1d9a4e4fb509679"
last-modified: Thu, 22 Jun 2023 08:38:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHp3Qtlb0a1aEMs94XOASavHg2SNtAP3SRl826pVEHT2ZWUybYB%2FwTcXmiIz%2BHSDUw4qYPWpBh0QGwiPaA9r32pbcs%2FPPLOk5upfC9WIuWk9WMYCeIrL5P0e9YiO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360eb6f3a56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/js/l24-integration.js?v=1.0.4 | 188.114.96.1 | 200 OK | 8.6 kB |
URL GET HTTP/3l24.im/Home/Main/assets/js/l24-integration.js?v=1.0.4 IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (9011), with no line terminators Hashec60efaee3a38a460446cd1fb5ae3286 7ae9c0e67a95c3e6e20c044059d795df179de370 d13fd48bd3b8ef708740e01c85138cfbec3fa9fa21a91e43f270dd3df27af739
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/js/l24-integration.js?v=1.0.4 HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=13131
etag: W/"61ddeb6be9c6d91:0"
last-modified: Fri, 04 Aug 2023 15:36:22 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JehVUKvi9TS%2BqFnohpu44f36k7IWrISz8gJJnw%2FJd2GRuztvrU45kxeCY4BvaxWPVVhoDwtJ9PNAGN%2Fep8LIZcQkrtSOnf0fIGmkXiv1O7z3uDnXbwYMlNI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3bbae56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/assets/js/jquery.min.js | 188.114.96.1 | 200 OK | 183 kB |
URL GET HTTP/3app.l24.im/assets/js/jquery.min.js IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeJavaScript source, ASCII text, with very long lines (32040), with CRLF line terminators Size183 kB (182946 bytes) Hash48a72d06775ba5af55ee45f50532f0d4 c98a5353f8baa42e6407e75bca3684bfcfd4cc45 60358bb82642f13a2a9c00b4f2080fe03ebd5652ebf468685aa5aa28a7857afe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/jquery.min.js HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 07:46:28 GMT
etag: W/"1d89755d34768a2"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3280
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QZqEDVd5WH3iPFw3lqD4JnIYl84s%2Few1Or8yAn7K6MZxDGn13v1K1QAUK6r1Uwme5UG9wUsxYE2kjDyGYZ3bsYYmcONT74kYVKubgrmzqzfFfvfYLP3XZAMVOJ7c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d94dee56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/images/l24object22.svg | 188.114.96.1 | 200 OK | 1.5 kB |
URL GET HTTP/3l24.im/Home/Main/assets/images/l24object22.svg IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeSVG Scalable Vector Graphics image Hash59daaf381a6728fdb02803f7d9cbd2b0 8c70813e288cbe8effb267739714d63cb42bac33 0a027173961d9c41b45e105db9d438311c9519635bdd51d0ecfc782c73c19e88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/l24object22.svg HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: W/"c7462a3ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BSdRwYr1KnOxdsRHw18HHzl45Q%2FIk9b1zuS32M8u1sYvJ81HZJb0Eas8Keb9Xd8Au2uqL1%2F13yQCFvaAk4C2QUi8yEnuJ704avlRdeUmb4vumHHyQD71gvQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3aba256b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/images/l24object5.svg | 188.114.96.1 | 200 OK | 4.5 kB |
URL GET HTTP/3l24.im/Home/Main/assets/images/l24object5.svg IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeSVG Scalable Vector Graphics image Hash5b37fc8ee71f7199e9ef9cc1da9ddd71 345788f0e3fea0b108f0a8c2753abc9762be0a12 f1aefa9a5c5863c56e128dab4d2d7b222ee551b5dd9eb5bf51756b2114b5aa89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/l24object5.svg HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: W/"37514a3ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZTag%2BD3CLJnmmgmBnV0HWlMryWbAz0oJK9TZzbG1yLnS8FZCFLcvaGGFUE9yuUsL5rZbxKxatj6BJV0vAicK6V0JYVtk4tGK1GYSmmqdAkGNObSqFnRuh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3bba956b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/js/jquery.validationEngine-tr.js | 188.114.96.1 | 200 OK | 5.4 kB |
URL GET HTTP/3l24.im/Home/Main/assets/js/jquery.validationEngine-tr.js IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeUnicode text, UTF-8 text, with very long lines (5745), with no line terminators Hash12f85291571777db249823cc55c890ef 0c60cbc9abdf1cb78dced6a51e36226ac7ffd819 094bc0f14aad11c3bfe709d15da09624ac60fe01330c133b65a2c64fa254972e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/js/jquery.validationEngine-tr.js HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5644
etag: W/"199e2aa3ea3d81:0"
last-modified: Fri, 29 Jul 2022 11:26:26 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w75KOlFKSJ1zQJtahFtyF3PH7RW8eOJ%2F02joVHEJZQ6XsySlEmZcXm4vmEaVZrdlyVg3ZZuWl8G%2BXDsQMMK0rLwJyq13oVn%2Bh52AJnwYFXlXlVQq%2BFY%2BXv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3bbac56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2 | 216.58.207.227 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2 IP216.58.207.227:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20064, version 1.0 Hash767677e475131fa7d3f37880976bee39 386db54484cff1dfee2cbc4441ad790fe9829a6b 5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
GET /s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20064
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:28:16 GMT
expires: Fri, 25 Apr 2025 17:28:16 GMT
cache-control: public, max-age=31536000
age: 34915
last-modified: Tue, 02 May 2023 15:58:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| app.l24.im/scripts.2e43156fa3f3d689819e.js | 188.114.96.1 | 200 OK | 161 kB |
URL GET HTTP/3app.l24.im/scripts.2e43156fa3f3d689819e.js IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
Size161 kB (160893 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /scripts.2e43156fa3f3d689819e.js HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Cookie: _gcl_au=1.1.1501295584.1714101011
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"1d9c6e4b2dd957d"
last-modified: Fri, 04 Aug 2023 15:02:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3280
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5TjsioQFSXxzaVmb0NlMqZWWeG%2B548Mi59HBWyaDFmNd5P8Z1CcatayXwTX6i88OZ%2FYwWF0JCzdV5VhLoadvYHLdVAXZQXNHQWHKcU7oZEB2HqNnn6gjQNnjvw8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d95e2e56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/js/utils.js | 188.114.96.1 | 200 OK | 220 kB |
URL GET HTTP/3l24.im/Home/Main/assets/js/utils.js IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeJavaScript source, ASCII text, with very long lines (63133) Size220 kB (220450 bytes) Hash66279dba37947e1c3209f46b0052fa4d 525ba87022d9a9aad1b3e8a88e6f20204930d644 b92988bcc2243b41459ded302721b17a5155603a7cef0f46ba85ba836b366002
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/js/utils.js HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Cookie: _gcl_au=1.1.1501295584.1714101011; _ga_7N67D0CRJL=GS1.1.1714101011.1.1.1714101014.57.0.0; _ga=GA1.1.1644663986.1714101011; __sg=eyJkZXZpY2UiOiIyOTUwMzI5ODQzIiwiaWQiOiJhZGJkMzQ3Mi1jYTI4LTQ3MDktOGI0ZC02MWZjMmEwYjI2YjkiLCJ1c2VySWQiOm51bGx9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=223137
etag: W/"e84231a3ea3d81:0"
last-modified: Fri, 29 Jul 2022 11:26:26 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: REVALIDATED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2Be8fmgI4WePThR0Rw%2FOETj3n3NaHQ6RfXwvT8at9sHlWVsUTKTwbjss2ECLxsbIgfCWp2Y3W7q%2Fh9Yc7u7AHnTYauULgarnG8WI1FFMoD3S83n6LJhm7C4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360ec181b56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 | 216.58.207.227 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 IP216.58.207.227:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 21904, version 1.0 Hash27b2f94167bce460f3e669c52be7301e de5636d6096f5a29f0764aa563c54f157b1f9de9 51c8eae79bf05bbcc1811da8cb56ff69d87d40bafdce8282fea8a43259b4afcb
GET /s/playfairdisplay/v37/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:44:53 GMT
expires: Fri, 25 Apr 2025 17:44:53 GMT
cache-control: public, max-age=31536000
age: 33918
last-modified: Wed, 31 Jan 2024 23:15:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| l24.im/Home/Main/assets/images/l24icon.svg | 188.114.96.1 | 200 OK | 831 B |
URL GET HTTP/3l24.im/Home/Main/assets/images/l24icon.svg IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeSVG Scalable Vector Graphics image Hashcae499099d1837c60d71f8fc76218484 dfa2ddb26a98f7c4141d7f742d45bc3dcbc12956 e238fbea0b72c3e8e95d15a6ef7a0df8cea76d25d5f00cf088247292fa4e70f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/l24icon.svg HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: W/"5868f293ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aiY1LNq1W5S6eOoJdAoYy1N9x67gpaifJzNgzg%2BsxDDf0vcuaEmDN7efYcSvPop7VFYeHTbscSj9j6MtAdwfD0Yf1dOIpufn1TmUN3WE9DlWzxXFbX2ILbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d89d1156b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 | 104.16.79.73 | 200 OK | 19 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP104.16.79.73:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typeJavaScript source, ASCII text, with very long lines (19261), with no line terminators Hash3be93fd15d2f7dee2fc0c8981c6fa5c6 8cd88c36fad3e96641dbc4d781f5ddbe5123312f 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a360d42b0b5691-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:400,500 | 142.250.74.106 | 200 OK | 4.4 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto:400,500 IP142.250.74.106:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (4464), with no line terminators Hashb0f2cf0b2cc03ee279ef026dc8f69375 bb3c2f9e3eec3f59ad3704aeaf4e206a769744a4 f71b87e884b3b010c16fc48a499f4e3614d09f3b08c1bf2891ae8d4e8dc6d747
GET /css?family=Roboto:400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 03:10:11 GMT
date: Fri, 26 Apr 2024 03:10:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js | 151.101.193.229 | 200 OK | 84 kB |
URL GET HTTP/3cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js IP151.101.193.229:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65299) Hashf81d0a1705048649befc8b595e455a94 aec551e4d573463088fca7d14fb644eb389f1839 b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 23377
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 03:10:11 GMT
age: 6019533
x-served-by: cache-fra-etou8220121-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap IP142.250.74.106:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash6f4264922314e197fc902c7a7d4e849c a26f00f96fecb24c29e22253ee9bc7ab3d494087 d3b4c19dd9637fac6d936dd7300b6b18fea5a29c47ca1ad92a0e7a59e7d99e6e
GET /css?family=Roboto:300,400,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 03:10:11 GMT
date: Fri, 26 Apr 2024 03:10:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2 | 216.58.207.227 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2 IP216.58.207.227:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20356, version 1.0 Hashe78568807d101b47dfd21e34244e072f 4cfc3c246e975c42ef684033a58afdacf8d5f54b 31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6
GET /s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20356
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 07:26:49 GMT
expires: Wed, 23 Apr 2025 07:26:49 GMT
cache-control: public, max-age=31536000
age: 243802
last-modified: Tue, 02 May 2023 16:19:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Abril+Fatface&family=Acme&family=Alfa+Slab+One&family=Anton&family=Bebas+Neue&family=Dancing+Script:wght@400;500;600;700&family=Dela+Gothic+One&family=Fredoka+One&family=Kiwi+Maru:wght@300;400;500&family=Lobster&family=Monoton&family=Pacifico&family=Permanent+Marker&family=Ramabhadra&family=Righteous&family=Roboto:wght@100;300;400;700&family=Secular+One&family=Signika:wght@300;400;500;600;700&family=Train+One&family=Viga&display=swap | 142.250.74.106 | 200 OK | 601 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Abril+Fatface&family=Acme&family=Alfa+Slab+One&family=Anton&family=Bebas+Neue&family=Dancing+Script:wght@400;500;600;700&family=Dela+Gothic+One&family=Fredoka+One&family=Kiwi+Maru:wght@300;400;500&family=Lobster&family=Monoton&family=Pacifico&family=Permanent+Marker&family=Ramabhadra&family=Righteous&family=Roboto:wght@100;300;400;700&family=Secular+One&family=Signika:wght@300;400;500;600;700&family=Train+One&family=Viga&display=swap IP142.250.74.106:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1981) Size601 kB (600991 bytes) Hashd6b9e2ac578182433ae0bd6e35d0ffea 352bd2d9dcbaf6c91fa1e25240980e93b49f78fe 08ab7baceacd957366a018286fb63f1dc781959d724a3f12f3afd6c005acd157
GET /css2?family=Abril+Fatface&family=Acme&family=Alfa+Slab+One&family=Anton&family=Bebas+Neue&family=Dancing+Script:wght@400;500;600;700&family=Dela+Gothic+One&family=Fredoka+One&family=Kiwi+Maru:wght@300;400;500&family=Lobster&family=Monoton&family=Pacifico&family=Permanent+Marker&family=Ramabhadra&family=Righteous&family=Roboto:wght@100;300;400;700&family=Secular+One&family=Signika:wght@300;400;500;600;700&family=Train+One&family=Viga&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 03:10:11 GMT
date: Fri, 26 Apr 2024 03:10:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| app.l24.im/5-es2015.16fc982e6f8a852d9905.js | 188.114.96.1 | 200 OK | 543 B |
URL GET HTTP/3app.l24.im/5-es2015.16fc982e6f8a852d9905.js IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeJavaScript source, ASCII text, with very long lines (576), with no line terminators Hash04838e447720d651fd3fa1991357d9b7 a0d3b13e07a9c5c74757f0f29478e15f4eb663cb fef557237bfa1adbd147631ce00030e226737297056094d74e7713ecedc6fff6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5-es2015.16fc982e6f8a852d9905.js HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Cookie: _gcl_au=1.1.1501295584.1714101011; _ga_7N67D0CRJL=GS1.1.1714101011.1.1.1714101014.57.0.0; _ga=GA1.1.1644663986.1714101011; __sg=eyJkZXZpY2UiOiIyOTUwMzI5ODQzIiwiaWQiOiJhZGJkMzQ3Mi1jYTI4LTQ3MDktOGI0ZC02MWZjMmEwYjI2YjkiLCJ1c2VySWQiOm51bGx9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"1d9a5d02795091f"
last-modified: Fri, 23 Jun 2023 12:42:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3281
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U3a7A1cIaxSq6jbDf9sGM2jxmIS703X8RSzx%2BnAmgwjW7G02FBrfHnjIMR7VfAJIrrsLy1a9xZ%2BDIro0MzpBtO3SjTbCGzMxrvQJwDzbgS2cmdtA3x7LXsBGai3G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360ebcf6a56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/js/complainForm.js?v=1.0.10 | 188.114.96.1 | 200 OK | 2.3 kB |
URL GET HTTP/3l24.im/Home/Main/assets/js/complainForm.js?v=1.0.10 IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (2393), with no line terminators Hash99daf0ccae7cf7fac540c06de8c3d1e3 0acbfaa70adde8a5d0e8631e93f12d60a8bd1f4b f099f3bbfa84acc5d1fa4a81586d3f490f5fd4a4a5026cff7452460862a15af1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/js/complainForm.js?v=1.0.10 HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3399
etag: W/"214fe63497c9d91:0"
last-modified: Tue, 08 Aug 2023 01:25:24 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S4XhhQCSLUWOO0XVMjanvZmgy1fxJ70wkoh2aoMB%2BHjaXkKDZ%2BY2rqGuJDJeveJoeFoh0BR4QIgSejq2%2BqZF4u1A%2B3PzdMWQHhb3VZX13fhcuDKIBTgJkRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3bbad56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| collect.segmage.dev/js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Link+24&url=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser | 188.114.96.1 | 204 No Content | 0 B |
URL OPTIONS HTTP/3collect.segmage.dev/js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Link+24&url=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Link+24&url=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser HTTP/1.1
Host: collect.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,e,sg,source,u
Referer: https://app.l24.im/
Origin: https://app.l24.im
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Fri, 26 Apr 2024 03:10:14 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type,e,sg,source,u
access-control-allow-methods: POST,GET
access-control-allow-origin: https://app.l24.im
access-control-max-age: 604800
vary: Origin
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TnrzfqTwR9zUuSuERyEz6qEkKqd%2FnD3ErFdtumfglPAtseW6H%2BlUrtRthnh7iyhFCAArlVW7R79S2%2FJXm6n6lvFqd1%2B%2BH85I9eV5LldcsjIB8T%2FordeXxgSrErxWx1bZaxTsi6zL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a360ed387256c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/css/fonts/icomoon.ttf?im35gw | 188.114.96.1 | 200 OK | 1.3 kB |
URL GET HTTP/3l24.im/Home/Main/assets/css/fonts/icomoon.ttf?im35gw IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon Hash7884770eaf1d93e9eccd036fe0a60a03 ebe3722dfe9ed21ce9528473f44b8f7c6739ad8d 83e9ea82dbfbeea43439acd171ba6882284d1c23bc58b290a603b97ee9b61119
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/css/fonts/icomoon.ttf?im35gw HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/assets/css/font.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: application/octet-stream
content-length: 1284
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: "e3358193ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KxqfDl9rz9%2FhGDMjVsNWj6VhN3T1jrdH%2FGeCUtr9YkLKG%2BAlow3SWKhy9xAP9tE90my2sb0kwUKMlJdwWSqzYf2b3qHB8yrk6ARvrbDcYWRpFGqhlFpif%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d65c6a56b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.segmage.dev/segmage.min.js | 188.114.96.1 | 200 OK | 67 kB |
URL GET HTTP/3cdn.segmage.dev/segmage.min.js IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash7be0e3ff82027518c342e362e8609c5a e00524c6f06ed4d30ebed607f347bd0cfc72c479 f60b0e6d0bd6c5d921ed03561848edfee90d78c751a068ab639e57cf951e78d5
GET /segmage.min.js HTTP/1.1
Host: cdn.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: text/javascript
etag: W/"1da867e9a173cf3"
last-modified: Thu, 04 Apr 2024 10:55:27 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8UDmskP8HNszPH9U9EPnNsJBhfWqHhP4hrsb5NGveZbTecuRF62p9%2F8M9g34W4bDX69tqoopjR0F%2B8%2BL0K25%2F%2BUHCKmpF4Mu%2FaJvncyjUDKti2wJOVQFVua5yW15PNd9bHk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a360da3b6a56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/polyfills-es2015.7228265d48574b6b5adf.js | 188.114.96.1 | 200 OK | 38 kB |
URL GET HTTP/3app.l24.im/polyfills-es2015.7228265d48574b6b5adf.js IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeJavaScript source, ASCII text, with very long lines (37660), with no line terminators Hashabd2525eedb8a6321c99e53e01d75d37 3fc0cabedaefe7af15964afe691493fd1606203d 649baa63f06598655b146f6ce37865fabe947dfa0f542607899d9864f7588498
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /polyfills-es2015.7228265d48574b6b5adf.js HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Cookie: _gcl_au=1.1.1501295584.1714101011
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"1d9a5d02401171c"
last-modified: Fri, 23 Jun 2023 12:42:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cw1GUJk0toQkmQhD5IDq0sIinkRtxorABUE%2BM1SZUloEuM15P3OUfTt0CtLilyt%2BglzNL41bDsy%2BO3iYiEgg%2FrdCXuI7oarJVY8mPPlthu1sLdx9IEOKluoJ62Kz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d95e2d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/css/validationEngine.jquery.css | 188.114.96.1 | 200 OK | 2.7 kB |
URL GET HTTP/3l24.im/Home/Main/assets/css/validationEngine.jquery.css IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeASCII text, with very long lines (2690), with no line terminators Hash616af491bf214240696a2e07a9ac47ef 6fc869162f13dea3e9583a0fda1bf9e19d5fe5ed 405882a14f21c581526ccd4fd332413f8fdb22a706453e45cc9d0d1d2820fa6b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/css/validationEngine.jquery.css HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3077
etag: W/"35169093ea3d81:0"
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SnYZ0UH%2BnP56uZ269Xyd%2FDZiDyht%2BQWHArfdgOj4oou9CIvF1Y0sEDb27UZ57JVMg7j8OBP%2BbWmALzvEhXZtKt4f3GW3GPBoPc7tc7%2BMY9mauGRgGGJzMzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d39b9a56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/assets/css/owl.carousel.min.css | 188.114.96.1 | 200 OK | 4.3 kB |
URL GET HTTP/3app.l24.im/assets/css/owl.carousel.min.css IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeASCII text, with very long lines (4722), with no line terminators Hash68c468ba252d26cfd29958648502402a ca12a16931ca73835f185d5f552d045dc336bff9 869a17fededd70417a439bce81492d4c3fdf1bc9df4cd9265af10cc4d0b7d2bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/owl.carousel.min.css HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: text/css
last-modified: Thu, 14 Jul 2022 07:46:28 GMT
etag: W/"1d89755d345b2d0"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3280
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGQit45KeA0Dme8VKnhaL0gBq86YH%2B2gyPANz0NJNurMsUYrKzPbkWKjpIHh8vc1PIHsDnsfPXs5tMprh%2F0egV2CA77M0imbJ5dpPY966iFlgXL0ej57Ko2guKQ9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d90d9456b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.segmage.dev/json/0745484d-e935-41b7-aa35-08db89e90583.json | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3cdn.segmage.dev/json/0745484d-e935-41b7-aa35-08db89e90583.json IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /json/0745484d-e935-41b7-aa35-08db89e90583.json HTTP/1.1
Host: cdn.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://l24.im/
Origin: https://l24.im
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://l24.im
etag: W/"1da97239927473f"
last-modified: Thu, 25 Apr 2024 15:16:51 GMT
vary: Origin
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2BxdxVwyxNt4zXciBcgOF2ikSEFOF%2FTvuHcutwWsvn0b5sQFgOTt5yZG%2FTGq2FWt2twRgr33wZg%2FexHtcKNl0T6eD7MB7VJj4rGgncZ3zfGj9ezBGrOs8BTN%2BXJJNBa8GCs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a360ec583556c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/css/style.css?v=1.0.8 | 188.114.96.1 | 200 OK | 79 kB |
URL GET HTTP/3l24.im/Home/Main/assets/css/style.css?v=1.0.8 IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/css/style.css?v=1.0.8 HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=129625
etag: W/"9c2bfe52e2bfd91:0"
last-modified: Wed, 26 Jul 2023 16:57:56 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BpbGSUObC%2FdPL8tVW5RMvYP7tBdC1QGfknkkB%2F%2B8oIrlpK0v53t9FSN%2BpTA%2ByIFylkXxDu%2Fp4ZHZUUgIJ%2BncegVzvEjUgtZOwToCT%2BhGSanwK%2FAbN9NRkZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d39b9756b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 60 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js IP104.18.10.207:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (59729) Hash61f338f870fcd0ff46362ef109d28533 b3c116c65e6f053aaab45e5619a78ec00271a50f 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
GET /bootstrap/4.4.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.l24.im
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"61f338f870fcd0ff46362ef109d28533"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 01/04/2023 07:40:19
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1075
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ab93099d6e8af38645c533f7579fb2bd
cdn-cache: HIT
cf-cache-status: HIT
age: 2867627
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a360d96bc9712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 565 B |
URL GET HTTP/3fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (588), with no line terminators Hash959a533a3dc02649e0cc3f8f67d942af 34db49ff64aed8b51beaba5b9928ad504a4df335 24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 03:10:11 GMT
date: Fri, 26 Apr 2024 03:10:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 | 104.16.79.73 | 200 OK | 19 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP104.16.79.73:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typeJavaScript source, ASCII text, with very long lines (19261), with no line terminators Hash3be93fd15d2f7dee2fc0c8981c6fa5c6 8cd88c36fad3e96641dbc4d781f5ddbe5123312f 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app.l24.im
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a360d95cee5691-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| l24.im/Home/Main/assets/images/instagram.svg | 188.114.96.1 | 200 OK | 1.8 kB |
URL GET HTTP/3l24.im/Home/Main/assets/images/instagram.svg IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeSVG Scalable Vector Graphics image Hash58d3b961880fd0ecb4588350c80db807 21c77b261590dff60da521f85d0ae5f8a66773f3 4cd06ee838a98430216af7fa3b408db1f73cefea6506406b83336ba57a01a5c8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/instagram.svg HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: W/"24899e93ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CYYuWDEefPPUVIZQ8nizHwA2cCuTmUuNq8BAkgRjyFrtE7PVdqe9B7LHe6fFb1lS6fjKbKnpLfEXZ%2FW3v00wm9Ee4OyjjOHWpSuNe0k0wsuVkW6s3VVxj0A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3aba356b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/images/linkedin.svg | 188.114.96.1 | 200 OK | 944 B |
URL GET HTTP/3l24.im/Home/Main/assets/images/linkedin.svg IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeSVG Scalable Vector Graphics image Hash129ff0f3bbb95c68b773a35d80a97972 e70bc68fe46bc9c32b80ce086cc1deb69ab107c9 646bd8a75ddcb5ce6cb09da18dde2dc60020d8dfeef2c6f91d4b2a460343257a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/linkedin.svg HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: W/"82998a3ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6S%2FgUhJf8YF1OaeNJ3W1aX9hESk5MDEEOqhO%2FCo3wX%2F52eOPhXLx1mKpVbsUIh5pYGOPBSChMZKXgbjZyrFJgfxs8YkY7HYp3fH7v6j3BJryAzGcnfMc2R8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3aba456b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/js/jquery.TelMask.js?_=1714101011040 | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/3l24.im/Home/Main/assets/js/jquery.TelMask.js?_=1714101011040 IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash8f996c4c40ce49e85bc289c47a94667f da4d88c55ee9adb8c476008dac2753450fb3af23 667f4b1a1e9525e9383ecba5d39ac44391cc8fce58432351fd0c0d7cdbf4ee21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/js/jquery.TelMask.js?_=1714101011040 HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 11:26:26 GMT
etag: W/"0dd16a3ea3d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkdXVr%2BI4Rodv2NNVrwEdb1G30MqbW4HkUm%2Bc4%2Bde%2B%2BfEAxMAmFF75eWL5TH4J6T81w0gC4nKooVeChRygRY9wV9GzGpOUd1H8o6p2c%2BAYXFBum6vaZcBQY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d76cbf56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/js/intlTelInput.js?_=1714101011041 | 188.114.96.1 | 200 OK | 71 kB |
URL GET HTTP/3l24.im/Home/Main/assets/js/intlTelInput.js?_=1714101011041 IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/js/intlTelInput.js?_=1714101011041 HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 11:26:26 GMT
etag: W/"0dd16a3ea3d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a967RQ3Xao5Dc5KRM4tMTm2Gd9%2FAkTZ4zT%2FUOq1Bw4pRVti4GoIim9XKij52WL%2FYMN0T9vfmXLdnkEAQ7BsdXXhGVMlIMtDKjREEYeduqN1xx%2F6KmGJLfRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d76cc156b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/GetCurrentUser | 188.114.96.1 | 200 OK | 4.9 kB |
URL GET HTTP/3app.l24.im/GetCurrentUser IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5274), with no line terminators Hash8b7838bc88fb915da6e71fa22852094e 924f10e45ce8d1a608e9b59103cb707acb254032 c55a2f228310bf41b97cc132cbaeb1c6ef0d692f773d52970819370fd44f44e9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /GetCurrentUser HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: text/html
last-modified: Wed, 16 Aug 2023 14:42:11 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Im26qTHYjk5BNmU0AzfENvZ2Kq2JPggplBwQukNX3rsZEQq3UbiVpq3qh4tYsCyRX2g73hiw0G4JTE53AukB5Nfy438Qq%2BbUpwzkAxl0OVNYNf3Hv4pqSucVjNo6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d7ecdf56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.segmage.dev/segmage.min.js | 188.114.96.1 | 200 OK | 67 kB |
URL GET HTTP/3cdn.segmage.dev/segmage.min.js IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash7be0e3ff82027518c342e362e8609c5a e00524c6f06ed4d30ebed607f347bd0cfc72c479 f60b0e6d0bd6c5d921ed03561848edfee90d78c751a068ab639e57cf951e78d5
GET /segmage.min.js HTTP/1.1
Host: cdn.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:13 GMT
content-type: text/javascript
etag: W/"1da867e9a173cf3"
last-modified: Thu, 04 Apr 2024 10:55:27 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3282
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAz2e7g9epkObIC2I9VglZr4EIVttK0o4%2FMrNkiDZFzpxzw7kPWb2j8aso7sTvC2qx%2Fc36vql8U4%2BIbtzabeMh1ycY8wkP8P9Pytl67o%2FtJMNP2e9KKS4UHnAtF9bNccTH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a360e82f2356c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700 | 142.250.74.106 | 200 OK | 8.7 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto:300,400,500,700 IP142.250.74.106:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (8956), with no line terminators Hash91804c0df51e58b0bf469561e1ac2732 cc5a9023e310b49ef8f8ae32bb89ea774fe116ec 8a8aed46bfb9cdec8e34e76343b7e66796cf09926aef42efdfe5fa8a1fdda8aa
GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 03:10:11 GMT
date: Fri, 26 Apr 2024 03:10:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.segmage.dev/json/0745484d-e935-41b7-aa35-08db89e90583.json | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3cdn.segmage.dev/json/0745484d-e935-41b7-aa35-08db89e90583.json IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /json/0745484d-e935-41b7-aa35-08db89e90583.json HTTP/1.1
Host: cdn.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.l24.im/
Origin: https://app.l24.im
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://app.l24.im
etag: W/"1da97239927473f"
last-modified: Thu, 25 Apr 2024 15:16:51 GMT
vary: Origin
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEXnvyKiU4HCbcQJr5K2ZZtzUXBBkRTS56XIaSdCO8CfnXn2yYYIiUg94Wf9slvGltViaDQfbNweKKRugSHSDxeu%2BylQ18%2FK3Vh8fUFqMJmnkMJythcfjATrOY8u1NzCHpE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a360ec683a56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/assets/css/general.css | 188.114.96.1 | 200 OK | 54 kB |
URL GET HTTP/3app.l24.im/assets/css/general.css IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeASCII text, with CRLF line terminators Hash9430f603c397f4f0165c0089a308c586 7895d8a5c874d4085de84195218549814df73de3 ef11e6dfb581a3c69a9be7a460ff0c5ce562bf648508d4db51c95620a68599ce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/general.css HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: text/css
cf-bgj: minify
cf-polished: status=cannot_optimize
etag: W/"1d9a4e4fb50426e"
last-modified: Thu, 22 Jun 2023 08:38:56 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3280
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=17VKYSMuUQT6usjyV1PncmzK9hjHpzVh2jpXXlZNIoEjBwc%2FPL6sPhIM3RODGIwXdH1HkzbXMyVv5fAYy%2FRJDBKtAx4IWpjDPyLyLKBPyZlf1XZQNnTQbPREHS4L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d93dea56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/assets/js/owl.carousel.min.js | 188.114.96.1 | 200 OK | 44 kB |
URL GET HTTP/3app.l24.im/assets/js/owl.carousel.min.js IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeJavaScript source, ASCII text, with very long lines (31997), with CRLF line terminators Hash47c357c05cb99cedbac2874840319818 d8b05365de4b760618328fdeef7672e8374978e4 4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/owl.carousel.min.js HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Cookie: _gcl_au=1.1.1501295584.1714101011
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: application/javascript
last-modified: Thu, 14 Jul 2022 07:46:28 GMT
etag: W/"1d89755d3450f3c"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3280
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qyUHWXSOOonDAeOb%2Bokanm1K8JgeLseqldg70%2FTQzh5JHgj7b%2Bnq8qxe%2FRRpdf6Nbya%2BLrBzylVaNrsu3YskoY98h%2F83T1Jo1Avq9jGbS34W%2BwOek%2ByTXjltZiXJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d94dfb56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| collect.segmage.dev/js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Link+24&url=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser | 188.114.96.1 | 200 OK | 36 B |
URL GET HTTP/3collect.segmage.dev/js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Link+24&url=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectsegmage.dev Fingerprint6C:3B:84:6E:76:05:F9:D3:09:F6:6C:5E:83:77:A0:92:03:30:BB:BC ValiditySun, 14 Apr 2024 03:40:30 GMT - Sat, 13 Jul 2024 03:40:29 GMT
File typeASCII text, with no line terminators Hash76e84a5a3d780aeceaa38e71ed3ba72f 5d2868740f23aeae915f3e0df8eb9ed26e00fa53 43ee7b36082ddff905f57d334b00d94693350bb34baf447104ab2170a3297cae
GET /js/10d3aa95-1198-4243-85f5-08db896bd4f1?title=Link+24&url=https%3A%2F%2Fapp.l24.im%2FGetCurrentUser HTTP/1.1
Host: collect.segmage.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
source: 0745484d-e935-41b7-aa35-08db89e90583
sg: adbd3472-ca28-4709-8b4d-61fc2a0b26b9
u: null
e: PAGE_VIEW
Origin: https://app.l24.im
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:14 GMT
content-type: text/plain; charset=utf-8
content-length: 36
access-control-allow-credentials: true
access-control-allow-origin: https://app.l24.im
vary: Origin, Origin
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jC9DjdmCDomeeIasgrWwT5RHKDr5O8MfzcsoqtZS63e30YOMgnLRwOnvwm58lq2pxUy%2FwtHoCwWxT2qkWjey4AH7wsToLSVu1ySPGvnBrpx30hHL08%2Fgz7VWMbuhA6K7eZozGsOl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a360ee58c156c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| app.l24.im/assets/css/owl.theme.default.min.css | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3app.l24.im/assets/css/owl.theme.default.min.css IP188.114.96.1:443
Requested byhttps://app.l24.im/GetCurrentUser CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeASCII text, with very long lines (1028), with no line terminators Hashd40b17f73c40ed35e66bb2c80c723f0c e4eff54ed831a3852bad85c32fd18d80c0a11968 7246c1cd8950cc4773ef992278ca5438cca7684f8b4309a86f32a6c678ded313
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/owl.theme.default.min.css HTTP/1.1
Host: app.l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://app.l24.im/GetCurrentUser
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:11 GMT
content-type: text/css
last-modified: Thu, 14 Jul 2022 07:46:28 GMT
etag: W/"1d89755d345a1fa"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3280
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kS37Cj%2B2oho7uLypmFnnybIOakoXvs7dBMbBezxRCe9iXeBzmiO%2FHHhr3p2jijmNKKh8SregwLmJLWK120PsHZ70%2F2IoD%2FExYtOL8CJksCEyU5pVC9RhrKgPsw7l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d90da156b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/js/jquery.validationEngine.js | 188.114.96.1 | 200 OK | 31 kB |
URL GET HTTP/3l24.im/Home/Main/assets/js/jquery.validationEngine.js IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/js/jquery.validationEngine.js HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=33092
etag: W/"30c52aa3ea3d81:0"
last-modified: Fri, 29 Jul 2022 11:26:26 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8P3sMcGTb0WrmQEgSQ1LMQuCeyVFYIDGm86UNpCpNlSacVIYqcyGq3Hv6nQqCWplvoFnwiNBZy9f7YTOSPAaE3jhbX8FdF5xDlibbsqUkn%2FQ4uTALFylyNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3bbab56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/js/site.js?v=1.0.4 | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/3l24.im/Home/Main/assets/js/site.js?v=1.0.4 IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/js/site.js?v=1.0.4 HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=14114
etag: W/"9940a7d694c9d91:0"
last-modified: Tue, 08 Aug 2023 01:08:27 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sKrpfHXm9w%2BdOZ5moKcv2V%2FE40dVf0NdiBPiOEJ6hSeqOvRG5f%2BZ%2B98CpHVf1zdrhx3e2cKxE%2BMxasS9yYKya%2BhfOH5o8fcKwInZS1VHy0j7xY%2FzQL0kSJo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3bbaf56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l24.im/Home/Main/assets/images/menuicon2.svg | 188.114.96.1 | 200 OK | 397 B |
URL GET HTTP/3l24.im/Home/Main/assets/images/menuicon2.svg IP188.114.96.1:443
Requested byhttps://l24.im/Home/Main/en/report-abuse.html CertificateIssuerGoogle Trust Services LLC Subjectl24.im FingerprintA8:C0:26:5A:F1:5E:BC:99:14:92:9F:04:2D:87:E6:60:C5:F3:61:63 ValidityMon, 01 Apr 2024 09:05:27 GMT - Sun, 30 Jun 2024 09:05:26 GMT
File typeSVG Scalable Vector Graphics image Hashf78787de5ef78e47fdcc6fe4b59ae29c 46fb390275fd2a975dd256cc6100d522b375f2fb cc0a880d0d6e1ee1a2ecbcf1bc99ee2647ce9b837aedc2332e5b934e9d14aa2a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Home/Main/assets/images/menuicon2.svg HTTP/1.1
Host: l24.im
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://l24.im/Home/Main/en/report-abuse.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:10:10 GMT
content-type: image/svg+xml
last-modified: Fri, 29 Jul 2022 11:26:25 GMT
etag: W/"35db12a3ea3d81:0"
x-powered-by: ASP.NET
cache-control: max-age=345600
cf-cache-status: HIT
age: 3279
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CwDqTP9Cu%2B4hZZkYDsvHg2Ulqjq5d6coZ7eCpQHxtvoiUADZgzL9dEto%2FRxznyeolzoLRjAzs7owNTPND4gH3htLkRpPnH%2BhUbsGKkZPwhPjl7fMDMQhEbQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a360d3ab9f56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|