IP104.21.235.125:0
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: pnrtscr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 26 Apr 2024 20:41:57 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 26 Apr 2024 21:41:57 GMT
Location: https://pnrtscr.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFfvlAnvfWv6dg93naAgXimOKWifOKAOrhVMavfnJOlEF4oifGTWAJa53sRpYHqbf3pr%2BzIhxMkc3pDeu27rjwyAWoTpCN%2FhGMOgjD7QS52q9H70e81ZB0kAyViazA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a965881fa07731-LHR
alt-svc: h2=":443"; ma=60
|
URL User Request GET HTTP/2IP104.21.235.126:443
CertificateIssuerLet's Encrypt Subjectpnrtscr.com Fingerprint53:F1:19:68:6F:2D:E4:C7:2B:BB:78:77:0E:01:AE:8C:50:AA:AA:84 ValidityWed, 24 Apr 2024 09:42:16 GMT - Tue, 23 Jul 2024 09:42:15 GMT
File typeHTML document, ASCII text, with very long lines (460) Hashf423f8c8f6af26ae106e61e792cc60ee a5c7f8958468315b0043f7ec2f71294ecd02f6a7 8a4c759711610dcef2b09ef6ec245406506a73a85749e17e911c7f47eb3efd93
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /qlo1so%5E HTTP/1.1
Host: pnrtscr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 522 No Reason Phrase
date: Fri, 26 Apr 2024 20:42:14 GMT
content-type: text/html; charset=UTF-8
content-length: 7056
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFNWpr13pkvZFNdi8BqznqZr35RkY13wA3YMLg6MapIu5tQrz%2FWR9xWB0jS6M0aogOYoG5qw3%2BOAYNLhM7%2FC2mKvFfR6FjNGzirFmfBfWRMgl7lPoxJaO5YPrTeABQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
cf-ray: 87a96575ac8c94e4-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
URL User Request GET HTTP/2IP104.21.235.125:443
CertificateIssuerLet's Encrypt Subjectpnrtscr.com Fingerprint53:F1:19:68:6F:2D:E4:C7:2B:BB:78:77:0E:01:AE:8C:50:AA:AA:84 ValidityWed, 24 Apr 2024 09:42:16 GMT - Tue, 23 Jul 2024 09:42:15 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /qlo1so%5E HTTP/1.1
Host: pnrtscr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 26 Apr 2024 20:42:14 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 26 Apr 2024 21:42:14 GMT
Location: https://pnrtscr.com/qlo1so%5E
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Okp84C03J2qbePC9jdl6U3MC9iSsfkx8gL%2B5YVFuyAcEkjnP4sGD7H7I2x%2Flg3nslMEjMHaaN5aUVLrqPAaBQ6GbUFrd9R%2BE%2F8sXz1qk2MeRmt5D1kqumh2u0dZ7fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a965ef6a6d24f2-LHR
alt-svc: h2=":443"; ma=60
|
IP104.21.235.125:0
File typeHTML document, ASCII text, with very long lines (460) Hashbf1f22b42ddb044ade462783e09e315b c4dfc5c46d5d2b754dabfc21c17ca2c21039ee9a 6629d0654298ede8c9c06b4c2e3862f9e0c0fde89d975eac239f3172f8a573ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: pnrtscr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 522 No Reason Phrase
date: Fri, 26 Apr 2024 20:42:17 GMT
content-type: text/html; charset=UTF-8
content-length: 7056
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJknKplDckz7wTWd7%2FwPHzKAckexKeTFSvKHE%2BDQE%2BnO4ZmpgZ71UUWLZ80Vnx9RNPy%2BA%2F2oTLLewjyaJY7E1MdpG9kQCIqH8KTWWN3Bn5149GlXXfhvI23Y5QqCjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
cf-ray: 87a96588baf7948c-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|