| cdn.discordapp.com/attachments/1232353276025114708/1232353295092158494/dfvergr8.mp4?ex=662925f1&is=6627d471&hm=8bff2d4d6db619ecce286dab5653043b919f180941b03b94350e812e9e240d7d& | 162.159.135.233 | | 36 B |
URL cdn.discordapp.com/attachments/1232353276025114708/1232353295092158494/dfvergr8.mp4?ex=662925f1&is=6627d471&hm=8bff2d4d6db619ecce286dab5653043b919f180941b03b94350e812e9e240d7d& IP162.159.135.233:0
File typeASCII text, with no line terminators Hasha1ca4bebcd03fafbe2b06a46a694e29a ffc88125007c23ff6711147a12f9bba9c3d197ed c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65
GET /attachments/1232353276025114708/1232353295092158494/dfvergr8.mp4?ex=662925f1&is=6627d471&hm=8bff2d4d6db619ecce286dab5653043b919f180941b03b94350e812e9e240d7d& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://cowy83aex.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 27 Apr 2024 00:06:52 GMT
content-type: text/plain;charset=UTF-8
content-length: 36
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umf6tx8P%2BXZw%2BgfTXdRgtqDaY9QQRzX0OlwPtFSbl2tyFW9ad3a0SWcG8KA3rDgV0D4GjVExayVpDqVx5pOvJ%2BKPxoyUKfMv%2Fh6TtbT3EpAnsvPln3bJ6rz7aoiKgao6zWmWag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=UT8Hj5OOHK25sb9blrlanrykCT45CsW_mkojBTwr8Y0-1714176412-1.0.1.1-ofppELxaHxs_vak1Uie0lGu4GAYl.YxEJRY5jXmuJEAKcrCeBfGLi9ZIrLTZNOCNcMrBy2Ec2sQtsWCyCDUr6Q; path=/; expires=Sat, 27-Apr-24 00:36:52 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=vI6f.GF3a0KY4CYq8QtMzFhZBYgB4aZU3UmaPxhrTY8-1714176412903-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87aa91b49e871bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| b.yzcdn.cn/vant/icon-demo-1126.png | 154.85.69.54 | 200 OK | 8.9 kB |
URL GET HTTP/2b.yzcdn.cn/vant/icon-demo-1126.png IP154.85.69.54:443 ASN#139057 LEGEND DYNASTY PTE. LTD.
CertificateIssuersslTrus Subject*.yzcdn.cn Fingerprint6A:A8:BA:7C:D4:B4:86:0B:74:EB:E6:19:C8:69:2E:8B:13:6C:1E:1B ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hashf87c46f346a5548224ccbe0b6bd75df5 8e8b8bd4ba3e6b6c8557d94a726061fdd62492fd b6304eb9b754d38d3ad74d0acce42c156536840351368ed3e4895a6b50cd9370
GET /vant/icon-demo-1126.png HTTP/1.1
Host: b.yzcdn.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowy83aex.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 Apr 2024 00:06:52 GMT
content-type: image/png
content-length: 8886
server: openresty
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
access-control-max-age: 2592000
cache-control: public, max-age=2592000
content-disposition: inline; filename="icon-demo-1126.png"; filename*=utf-8''icon-demo-1126.png
content-md5: +HxG80alVIIkzL4La9dd9Q==
content-transfer-encoding: binary
etag: "Fo6Li9S6PmtshVfZSnJgYf3WJJL9"
last-modified: Mon, 26 Nov 2018 11:08:05 GMT
x-reqid: YyIAAAASg9geDiAX
x-svr: IO
x-qiniu-zone: 0
x-log: X-Log
x-ser: BC5_dx-lt-yd-zhejiang-huzhou-3-cache-7, BC165_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, BC46_DE-Frankfurt-Frankfurt-11-cache-4
x-cache: HIT from BC46_DE-Frankfurt-Frankfurt-11-cache-4(baishan)
X-Firefox-Spdy: h2
|
|
| cowy83aex.cc/socket.io/?EIO=3&transport=websocket | 104.21.17.252 | | 0 B |
URL cowy83aex.cc/socket.io/?EIO=3&transport=websocket IP104.21.17.252:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: cowy83aex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://cowy83aex.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: khsVRxM6YfR8x5cNI03hRQ==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 27 Apr 2024 00:06:53 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DSa97QSBgzs/wK45xLApJp7/n+U=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FPmQV2yBR%2BNwkDryZfuY7UNNR4migNMkQ7nu1BYLBCqYz5%2F4%2FXwn2OpHbuYLW7VUmaiedCNX%2Fn%2FX06uv3K7EfLcS5OZnmudzMI0iaaWoUhrH8qvAkUw0alnWTUIRlfc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa91b44b12568e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cowy83aex.cc/img/icons/apple-touch-icon-152x152.png | 104.21.17.252 | 200 OK | 4.0 kB |
URL GET HTTP/3cowy83aex.cc/img/icons/apple-touch-icon-152x152.png IP104.21.17.252:443
CertificateIssuerGoogle Trust Services LLC Subjectcowy83aex.cc Fingerprint49:DC:F3:EA:2A:69:44:FB:A1:0C:F4:F9:FE:51:E9:06:FF:46:B5:24 ValidityThu, 25 Apr 2024 08:35:31 GMT - Wed, 24 Jul 2024 08:35:30 GMT
File typePNG image data, 152 x 152, 8-bit/color RGB, non-interlaced Hash1a034e64d80905128113e5272a5ab95e 92328e60f63d690f33cd4961b9934a539dc29b82 4d9685d610c4411caadd8d36ce94d3303cf5b05c8e04d67fc232c16a4469a135
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: cowy83aex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowy83aex.cc/
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:06:53 GMT
content-type: image/png
content-length: 4046
last-modified: Fri, 26 Apr 2024 15:43:39 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3266
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRrWG%2FA7LvgIXMvUT%2FMWBt0ioAJQ6yG142Z8jjwB3YobIcHZ9GK6qHgkm8iv3X4NDVX30EafoVzWnK4wuVhm8zm2ji7szAt6QReUkfIYxlRCya4Neo67WnD5EKEZdYM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa91b5ee315691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cowy83aex.cc/js/app.ecc1f801.js | 104.21.17.252 | 200 OK | 28 kB |
URL GET HTTP/3cowy83aex.cc/js/app.ecc1f801.js IP104.21.17.252:443
CertificateIssuerGoogle Trust Services LLC Subjectcowy83aex.cc Fingerprint49:DC:F3:EA:2A:69:44:FB:A1:0C:F4:F9:FE:51:E9:06:FF:46:B5:24 ValidityThu, 25 Apr 2024 08:35:31 GMT - Wed, 24 Jul 2024 08:35:30 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash98af046e8d379b491e75701d15e3d5ac 48b1ffd9206d42a078c6b4dc6d224690d12f2e32 90c562ace11b148c062c4a43e6eecacadd7bb8730691d6a2d875215bc0b50e56
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/app.ecc1f801.js HTTP/1.1
Host: cowy83aex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowy83aex.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:06:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 26 Apr 2024 15:43:51 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1460
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3J%2FWQnJ6qv9LTFMnCkB4317NN9QR32yXtgi50sp9wfuZZ3EBwpsdy9IvKTObo1gWEGWy3xdhfDjPMEfcJ0ihRibx20FyGsEzR4539S3khTGo%2FKmW4xROzANyMLrbFQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa91b15c905691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cowy83aex.cc/getlog | 104.21.17.252 | 200 OK | 9.7 kB |
IP104.21.17.252:443
CertificateIssuerGoogle Trust Services LLC Subjectcowy83aex.cc Fingerprint49:DC:F3:EA:2A:69:44:FB:A1:0C:F4:F9:FE:51:E9:06:FF:46:B5:24 ValidityThu, 25 Apr 2024 08:35:31 GMT - Wed, 24 Jul 2024 08:35:30 GMT
Hashf04872c735636383f6545ee032ba5ed1 7816a316b3f1ac3097b26b71d31a3879efceefc5 03cb3a2ea34c274c9583e2ccad70b3ede18dee2e2fcb039fc976875b0e4a6995
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /getlog HTTP/1.1
Host: cowy83aex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowy83aex.cc/enter/register
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:06:57 GMT
content-type: application/json; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wsYhQBhtuF%2Fh7gefstwAbWkNbMeoX1CnkaGlBLtC4JHo%2B2MjAMGhRu7HlzRftZpkixzgx9StTVt3SEEThrFJNYITgnev%2BLZY6wyUzkXq%2FemnNDoPMF0laTn%2BaxECIu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa91b41d8b5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cowy83aex.cc/js/chunk-vendors.ea790e22.js | 104.21.17.252 | 200 OK | 949 kB |
URL GET HTTP/3cowy83aex.cc/js/chunk-vendors.ea790e22.js IP104.21.17.252:443
CertificateIssuerGoogle Trust Services LLC Subjectcowy83aex.cc Fingerprint49:DC:F3:EA:2A:69:44:FB:A1:0C:F4:F9:FE:51:E9:06:FF:46:B5:24 ValidityThu, 25 Apr 2024 08:35:31 GMT - Wed, 24 Jul 2024 08:35:30 GMT
Size949 kB (949174 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/chunk-vendors.ea790e22.js HTTP/1.1
Host: cowy83aex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowy83aex.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:06:52 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 26 Apr 2024 15:43:59 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1460
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n48LuuTdRzdfHRSxc475pzG3ysOF3Od6n0sYYISekvpWCxOxUsKbmsA2IooGT2U3iDZK%2Fprdz508NoUs6vA8ll2lwDqYDmgRpzukEgAZAYNerCHJID0FOcECD2pYloQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa91b15c8f5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.discordapp.com/attachments/1232353276025114708/1232353295092158494/dfvergr8.mp4?ex=662925f1&is=6627d471&hm=8bff2d4d6db619ecce286dab5653043b919f180941b03b94350e812e9e240d7d& | 162.159.135.233 | 404 Not Found | 0 B |
URL GET HTTP/2cdn.discordapp.com/attachments/1232353276025114708/1232353295092158494/dfvergr8.mp4?ex=662925f1&is=6627d471&hm=8bff2d4d6db619ecce286dab5653043b919f180941b03b94350e812e9e240d7d& IP162.159.135.233:443
CertificateIssuerCloudflare, Inc. Subjectdiscordapp.com Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39 ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /attachments/1232353276025114708/1232353295092158494/dfvergr8.mp4?ex=662925f1&is=6627d471&hm=8bff2d4d6db619ecce286dab5653043b919f180941b03b94350e812e9e240d7d& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://cowy83aex.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 27 Apr 2024 00:06:52 GMT
content-type: text/plain;charset=UTF-8
content-length: 36
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=umf6tx8P%2BXZw%2BgfTXdRgtqDaY9QQRzX0OlwPtFSbl2tyFW9ad3a0SWcG8KA3rDgV0D4GjVExayVpDqVx5pOvJ%2BKPxoyUKfMv%2Fh6TtbT3EpAnsvPln3bJ6rz7aoiKgao6zWmWag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=UT8Hj5OOHK25sb9blrlanrykCT45CsW_mkojBTwr8Y0-1714176412-1.0.1.1-ofppELxaHxs_vak1Uie0lGu4GAYl.YxEJRY5jXmuJEAKcrCeBfGLi9ZIrLTZNOCNcMrBy2Ec2sQtsWCyCDUr6Q; path=/; expires=Sat, 27-Apr-24 00:36:52 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=vI6f.GF3a0KY4CYq8QtMzFhZBYgB4aZU3UmaPxhrTY8-1714176412903-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87aa91b49e871bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cowy83aex.cc/img/icons/favicon.svg | 104.21.17.252 | 200 OK | 2.7 kB |
URL GET HTTP/3cowy83aex.cc/img/icons/favicon.svg IP104.21.17.252:443
CertificateIssuerGoogle Trust Services LLC Subjectcowy83aex.cc Fingerprint49:DC:F3:EA:2A:69:44:FB:A1:0C:F4:F9:FE:51:E9:06:FF:46:B5:24 ValidityThu, 25 Apr 2024 08:35:31 GMT - Wed, 24 Jul 2024 08:35:30 GMT
File typeHTML document, ASCII text, with very long lines (2873), with no line terminators Hash7e9b7ba4733a3ee0d169bafd2e4777a0 7ef418e706ae5835eecb8b091b0ecc29993aad01 dcf7c3bbdaee4b80cb6dba54e88f3cdcdd8b199b3705bf03849aa9ace594c178
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icons/favicon.svg HTTP/1.1
Host: cowy83aex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowy83aex.cc/
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:06:53 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-cache-status: HIT
age: 7095
last-modified: Fri, 26 Apr 2024 22:08:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FuINMrE14raPLU%2F0cHz2bkNZ5vH%2BrYs%2BNYDDg0k4Db65Y7BtteBFWp4QMh3jp%2BL8Wj7qiNZb0CI34MJRc7SoGSClAVz30pcVs7ciHDgo2rgLahMHtnFKBoZML6lBApo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa91b5ee325691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.17.252 | 200 OK | 2.7 kB |
URL User Request GET HTTP/2IP104.21.17.252:443
CertificateIssuerGoogle Trust Services LLC Subjectcowy83aex.cc Fingerprint49:DC:F3:EA:2A:69:44:FB:A1:0C:F4:F9:FE:51:E9:06:FF:46:B5:24 ValidityThu, 25 Apr 2024 08:35:31 GMT - Wed, 24 Jul 2024 08:35:30 GMT
File typeHTML document, ASCII text, with very long lines (2873), with no line terminators Hash7e9b7ba4733a3ee0d169bafd2e4777a0 7ef418e706ae5835eecb8b091b0ecc29993aad01 dcf7c3bbdaee4b80cb6dba54e88f3cdcdd8b199b3705bf03849aa9ace594c178
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: cowy83aex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 Apr 2024 00:06:52 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 26 Apr 2024 15:43:34 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=en3jvIhdIzwh4hJUyMl3ITNvXxlm89RDLCU9G%2F9GohhpcPXJRxKFXCFCoQQmNPqoqYHnntwrLTQiAvNmelCmtgu4nZvNLcP5sdVKj10inDlNqJpTait0vONVCYwMJM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa91ae8a71712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cowy83aex.cc/css/chunk-vendors.c57533e1.css | 104.21.17.252 | 200 OK | 156 kB |
URL GET HTTP/3cowy83aex.cc/css/chunk-vendors.c57533e1.css IP104.21.17.252:443
CertificateIssuerGoogle Trust Services LLC Subjectcowy83aex.cc Fingerprint49:DC:F3:EA:2A:69:44:FB:A1:0C:F4:F9:FE:51:E9:06:FF:46:B5:24 ValidityThu, 25 Apr 2024 08:35:31 GMT - Wed, 24 Jul 2024 08:35:30 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size156 kB (156544 bytes) Hashebfffebc1f62c3be51082e6595a0a005 e278fbd6fd48150b3f366b50ed388983d934978c f5ce9e73e1f7cea326eedd4f39d9b2d703ba4ccb31a6078cdc1fb16481298a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/chunk-vendors.c57533e1.css HTTP/1.1
Host: cowy83aex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowy83aex.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:06:52 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 26 Apr 2024 15:43:33 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oqjutw8ghO8tTMAR%2FmxPFEsPZxWICM3Fks5%2FTpCNOW%2BmADU824ZObOK61Iz8xyAzyRrDCJ1ZFKiGsnVPlYCKsJTXH4VVsGHho2NXS6nhP1TaZB5gQ9c00KR5djth5MU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa91b15c915691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cowy83aex.cc/css/app.7808801c.css | 104.21.17.252 | 200 OK | 14 kB |
URL GET HTTP/3cowy83aex.cc/css/app.7808801c.css IP104.21.17.252:443
CertificateIssuerGoogle Trust Services LLC Subjectcowy83aex.cc Fingerprint49:DC:F3:EA:2A:69:44:FB:A1:0C:F4:F9:FE:51:E9:06:FF:46:B5:24 ValidityThu, 25 Apr 2024 08:35:31 GMT - Wed, 24 Jul 2024 08:35:30 GMT
File typeASCII text, with very long lines (14103), with no line terminators Hash09bda476e97e84f4991aa7f962c1a847 11058b19e444399d43119af97da784641f81bdbd c7b8c8a9e2240d4749e76faf713c062b80be5568116bcf58249d6a9a3e8f27f9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/app.7808801c.css HTTP/1.1
Host: cowy83aex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cowy83aex.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 Apr 2024 00:06:52 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 26 Apr 2024 15:43:31 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zATXuMhOQ1J15fHhUJ%2BE5T0y1IOIePwntQrxezcuB9Yq0dzD3lqbCWp%2BFgcos5HnInOiqmCHPPDa72x5MIPk6VpKkyCqQ0qTVxsa22EWJSl7NQE1BC9jsuHwOD7dTFY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa91b15c925691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cowy83aex.cc/socket.io/?EIO=3&transport=websocket | 104.21.17.252 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1cowy83aex.cc/socket.io/?EIO=3&transport=websocket IP104.21.17.252:443
CertificateIssuerGoogle Trust Services LLC Subjectcowy83aex.cc Fingerprint49:DC:F3:EA:2A:69:44:FB:A1:0C:F4:F9:FE:51:E9:06:FF:46:B5:24 ValidityThu, 25 Apr 2024 08:35:31 GMT - Wed, 24 Jul 2024 08:35:30 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: cowy83aex.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://cowy83aex.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: khsVRxM6YfR8x5cNI03hRQ==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 27 Apr 2024 00:06:53 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DSa97QSBgzs/wK45xLApJp7/n+U=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FPmQV2yBR%2BNwkDryZfuY7UNNR4migNMkQ7nu1BYLBCqYz5%2F4%2FXwn2OpHbuYLW7VUmaiedCNX%2Fn%2FX06uv3K7EfLcS5OZnmudzMI0iaaWoUhrH8qvAkUw0alnWTUIRlfc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87aa91b44b12568e-OSL
alt-svc: h3=":443"; ma=86400
|
|