| feeram3x.cc/js/app.20c8416a.js | 172.67.187.148 | 200 OK | 26 kB |
URL GET HTTP/3feeram3x.cc/js/app.20c8416a.js IP172.67.187.148:443
Requested byhttps://feeram3x.cc/img/icons/favicon.svg CertificateIssuerGoogle Trust Services LLC Subjectfeeram3x.cc Fingerprint31:D3:AF:D1:8C:C3:58:1E:4C:15:4B:74:F2:D2:FA:06:DB:81:3F:D1 ValidityTue, 07 May 2024 08:09:11 GMT - Mon, 05 Aug 2024 08:09:10 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash5aaaba666c5ca5fa034181f89e56269f 98beb12b0feb7848549620a240bdf11e6b6ff435 2452b7d59919d04bc5ec3bc756c3ecd14decb34db17cea2b4258f765c5580aa2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/app.20c8416a.js HTTP/1.1
Host: feeram3x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feeram3x.cc/img/icons/favicon.svg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 11:57:10 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 10 May 2024 08:23:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RuwJWYcOJCospgTDLQWIWiemYX%2Fl3O5bghzNFWvd%2B0prkUEwLWp7XI1cJOk7CrB1m%2BzamrV%2Fo2Bycgz22EvncZwSIVgUOqU%2BDdZeHBYHHokin0sry2P1DEq309gXtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819c0073a07712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.discordapp.com/attachments/1238156399721185334/1238156427558654013/dfb156e.mp4?ex=663e4288&is=663cf108&hm=2d79d5623c8b2d251d7e2af5f5436245f251be095554581baacb31c013a0a6d0& | 162.159.129.233 | | 233 B |
URL cdn.discordapp.com/attachments/1238156399721185334/1238156427558654013/dfb156e.mp4?ex=663e4288&is=663cf108&hm=2d79d5623c8b2d251d7e2af5f5436245f251be095554581baacb31c013a0a6d0& IP162.159.129.233:0
File typeXML 1.0 document, ASCII text, with no line terminators Hash7b0553fcff1ba00dd300568febb5e7eb 5cd82fdf167f8c9370262619b7fa53ea014d5cec 6714eb016a51486ae0c328b25410cef9491515e67949c6d4e302526913169b58
GET /attachments/1238156399721185334/1238156427558654013/dfb156e.mp4?ex=663e4288&is=663cf108&hm=2d79d5623c8b2d251d7e2af5f5436245f251be095554581baacb31c013a0a6d0& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://feeram3x.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 10 May 2024 11:57:11 GMT
content-type: application/xml; charset=UTF-8
content-length: 233
cf-ray: 8819c0131f1d56c7-OSL
cf-cache-status: EXPIRED
accept-ranges: bytes
cache-control: public, max-age=31536000
content-disposition: attachment
expires: Sat, 10 May 2025 11:57:11 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-guploader-uploadid: ABPtcPpj-DdBLWK1tpZko1DhySL4SuqzBykwGh7N6TXhxxOgbK-W4FoIOQnFy_FLLy__gOoDpyQ
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2grS2BgIdS4KfJ6V2ACvAYcNDAi3oP9eEvNTFO3%2FMSmnKWCZG9umXHdJ2YsUE4gh2k0wBxWWMHsvlvL4D6VDyXS3nmiKqGNIoa6no49FaAnMEg1G7HF5Ptjshu%2FaWzC8VB6Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=3RATflagS2NZNaNBzyJ1WopfH86n3V3gB38I11UMUmg-1715342231-1.0.1.1-kFfUghtMTzePa5BOzN6jVw9OxjmYcRCK5T15RsuZpWM1W.sXwi.L_.TaGtbKSNEP0WEmOqlSZL026SuGyrGSQA; path=/; expires=Fri, 10-May-24 12:27:11 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=26MVYcapytW5or25FhcbwMZSiWsC5Btlo0Fru8QZd1Y-1715342231738-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| femkk4ax.cc/socket.io/?EIO=3&transport=websocket | 172.67.150.235 | | 0 B |
URL femkk4ax.cc/socket.io/?EIO=3&transport=websocket IP172.67.150.235:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: femkk4ax.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://feeram3x.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3a66qJW6zjOoKnh3Eh/ACg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 10 May 2024 11:57:11 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: VRiusHtHRvVcvPweTGPK6EQLufI=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CSQHcpjF%2BXLsN8VpyqCsTCYpUrV08oUq86og3DMTUEF6vK6AEjefhA%2FMTdQwwi5M5xuUO%2Bk1BSWA8mFhui6I%2FvMst8TcmndeAH%2F7MclNNrNb686m4sf4YyZoD0aJKw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8819c012ee9856bf-OSL
alt-svc: h3=":443"; ma=86400
|
|
| feeram3x.cc/img/icons/apple-touch-icon-152x152.png | 172.67.187.148 | 200 OK | 4.0 kB |
URL GET HTTP/3feeram3x.cc/img/icons/apple-touch-icon-152x152.png IP172.67.187.148:443
Requested byhttps://feeram3x.cc/img/icons/favicon.svg CertificateIssuerGoogle Trust Services LLC Subjectfeeram3x.cc Fingerprint31:D3:AF:D1:8C:C3:58:1E:4C:15:4B:74:F2:D2:FA:06:DB:81:3F:D1 ValidityTue, 07 May 2024 08:09:11 GMT - Mon, 05 Aug 2024 08:09:10 GMT
File typePNG image data, 152 x 152, 8-bit/color RGB, non-interlaced Hash1a034e64d80905128113e5272a5ab95e 92328e60f63d690f33cd4961b9934a539dc29b82 4d9685d610c4411caadd8d36ce94d3303cf5b05c8e04d67fc232c16a4469a135
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icons/apple-touch-icon-152x152.png HTTP/1.1
Host: feeram3x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feeram3x.cc/img/icons/favicon.svg
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 11:57:12 GMT
content-type: image/png
content-length: 4046
last-modified: Fri, 10 May 2024 08:23:37 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3TNMEQ8hdLU%2FM6Vq%2FpnVvHQzrcEe4Sgb7%2BVUCBjeuBYPYeU%2FTbAXsCYBHoUS6B2AtxFS0eWxPo5F9wxbLTE%2FpXddwGii%2FwKJOtqP4xp6bnfyUMbh5rm%2BCWUAwV4lUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819c0159b36712e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ocsp.sectigochina.com/ | 104.18.38.66 | | 472 B |
IP104.18.38.66:0
Hash12650d96eac59b7ac2f24d7ad085c8ba 89ec765ffac48207f6bf73085cd4d0cd3858bf9e 58054f19bb692f233f1c6c9667262ce6e998627ae3a60b5b0aab327c425a4d1a
POST / HTTP/1.1
Host: ocsp.sectigochina.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 11:57:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 May 2024 12:42:44 GMT
Expires: Wed, 15 May 2024 12:42:43 GMT
Etag: "89ec765ffac48207f6bf73085cd4d0cd3858bf9e"
Cache-Control: max-age=435018,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8819c01dae21b50b-OSL
|
|
| b.yzcdn.cn/vant/icon-demo-1126.png | 154.85.69.57 | 200 OK | 8.9 kB |
URL GET HTTP/2b.yzcdn.cn/vant/icon-demo-1126.png IP154.85.69.57:443 ASN#139057 LEGEND DYNASTY PTE. LTD.
Requested byhttps://feeram3x.cc/img/icons/favicon.svg CertificateIssuersslTrus Subject*.yzcdn.cn Fingerprint6A:A8:BA:7C:D4:B4:86:0B:74:EB:E6:19:C8:69:2E:8B:13:6C:1E:1B ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hashf87c46f346a5548224ccbe0b6bd75df5 8e8b8bd4ba3e6b6c8557d94a726061fdd62492fd b6304eb9b754d38d3ad74d0acce42c156536840351368ed3e4895a6b50cd9370
GET /vant/icon-demo-1126.png HTTP/1.1
Host: b.yzcdn.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feeram3x.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 11:57:13 GMT
content-type: image/png
content-length: 8886
server: openresty
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
access-control-max-age: 2592000
cache-control: public, max-age=2592000
content-disposition: inline; filename="icon-demo-1126.png"; filename*=utf-8''icon-demo-1126.png
content-md5: +HxG80alVIIkzL4La9dd9Q==
content-transfer-encoding: binary
etag: "Fo6Li9S6PmtshVfZSnJgYf3WJJL9"
last-modified: Mon, 26 Nov 2018 11:08:05 GMT
x-reqid: YyIAAAASg9geDiAX
x-svr: IO
x-qiniu-zone: 0
x-log: X-Log
x-ser: BC5_dx-lt-yd-zhejiang-huzhou-3-cache-7, BC165_lt-obgp-fujian-xiamen-33-cache-1, BC132_IT-Lombardia-Milan-1-cache-1, BC46_DE-Frankfurt-Frankfurt-11-cache-4
x-cache: HIT from BC46_DE-Frankfurt-Frankfurt-11-cache-4(baishan)
X-Firefox-Spdy: h2
|
|
| feeram3x.cc/js/chunk-vendors.ea790e22.js | 172.67.187.148 | 200 OK | 949 kB |
URL GET HTTP/3feeram3x.cc/js/chunk-vendors.ea790e22.js IP172.67.187.148:443
Requested byhttps://feeram3x.cc/img/icons/favicon.svg CertificateIssuerGoogle Trust Services LLC Subjectfeeram3x.cc Fingerprint31:D3:AF:D1:8C:C3:58:1E:4C:15:4B:74:F2:D2:FA:06:DB:81:3F:D1 ValidityTue, 07 May 2024 08:09:11 GMT - Mon, 05 Aug 2024 08:09:10 GMT
Size949 kB (949174 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/chunk-vendors.ea790e22.js HTTP/1.1
Host: feeram3x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feeram3x.cc/img/icons/favicon.svg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 11:57:10 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 10 May 2024 08:23:48 GMT
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0gj7CE%2FgaUFYinvWIgkIv37p4Yv03OSdjb3DF3FC%2BPdLvP0aah1tgYy6EXaYVgubh6p3jd7glzseE%2BtROpJemYlJSyWEGRw6rpUZZm45xmjv%2Fk7vTYvOTfijOhJp5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819c0073a06712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| feeram3x.cc/css/app.e0fccd45.css | 172.67.187.148 | 200 OK | 16 kB |
URL GET HTTP/3feeram3x.cc/css/app.e0fccd45.css IP172.67.187.148:443
Requested byhttps://feeram3x.cc/img/icons/favicon.svg CertificateIssuerGoogle Trust Services LLC Subjectfeeram3x.cc Fingerprint31:D3:AF:D1:8C:C3:58:1E:4C:15:4B:74:F2:D2:FA:06:DB:81:3F:D1 ValidityTue, 07 May 2024 08:09:11 GMT - Mon, 05 Aug 2024 08:09:10 GMT
File typeASCII text, with very long lines (15613), with no line terminators Hash72903d8b1b7154919b0b5b5fb28dfcf6 503e21d9e0eae88f7932705334608e6e3358f123 1155b36789104041196f507452d831fe3244e4956a6bed747afc6fb189db6fd7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/app.e0fccd45.css HTTP/1.1
Host: feeram3x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feeram3x.cc/img/icons/favicon.svg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 11:57:10 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 10 May 2024 08:23:34 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YgsuzkL9OM4aHkmLDFiVxT%2Fzz8EOYfQJvtCpSaWU20wz0lDO%2BO229sDpc%2BF6fKtfWCYxqCFwy4cTVfaWHYAOoaADv5faOwL634i1VRvj0gCLfRoAKdWNmCW1zXX0yA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819c0073a0c712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| feeram3x.cc/getlog | 172.67.187.148 | 200 OK | 12 kB |
IP172.67.187.148:443
Requested byhttps://feeram3x.cc/img/icons/favicon.svg CertificateIssuerGoogle Trust Services LLC Subjectfeeram3x.cc Fingerprint31:D3:AF:D1:8C:C3:58:1E:4C:15:4B:74:F2:D2:FA:06:DB:81:3F:D1 ValidityTue, 07 May 2024 08:09:11 GMT - Mon, 05 Aug 2024 08:09:10 GMT
Hasha843fbf692164d5ca424f9e9dc69ac02 3547563d8ed91478015437b38c66cae45bedc979 09af2dccfb302b9a3b0c708941b66c016e9d0377a6ac03221ba0e86e54d4d5fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /getlog HTTP/1.1
Host: feeram3x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feeram3x.cc/enter/register
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 11:57:11 GMT
content-type: application/json; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r6ZbWZndgZKO7zC8qYus4YRN3hWYfpkXtAqz3fgZ0x0ycQu9wvT0LjZk62aKyeEMkWqJS4TgQIUl0LsAXVPBBL9NY%2BD02vDj4wv3w9cyrgRa%2BIKaKApeWDe1wxLang%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8819c0127f77712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| femkk4ax.cc/socket.io/?EIO=3&transport=websocket | 172.67.150.235 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1femkk4ax.cc/socket.io/?EIO=3&transport=websocket IP172.67.150.235:443
Requested byhttps://feeram3x.cc/img/icons/favicon.svg CertificateIssuerLet's Encrypt Subjectfemkk4ax.cc Fingerprint0D:C8:D7:C1:8D:69:DF:27:53:F9:55:1A:52:5A:F1:BF:FD:08:B9:08 ValidityFri, 10 May 2024 06:55:57 GMT - Thu, 08 Aug 2024 06:55:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: femkk4ax.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://feeram3x.cc
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3a66qJW6zjOoKnh3Eh/ACg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 10 May 2024 11:57:11 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: VRiusHtHRvVcvPweTGPK6EQLufI=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CSQHcpjF%2BXLsN8VpyqCsTCYpUrV08oUq86og3DMTUEF6vK6AEjefhA%2FMTdQwwi5M5xuUO%2Bk1BSWA8mFhui6I%2FvMst8TcmndeAH%2F7MclNNrNb686m4sf4YyZoD0aJKw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8819c012ee9856bf-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.discordapp.com/attachments/1238156399721185334/1238156427558654013/dfb156e.mp4?ex=663e4288&is=663cf108&hm=2d79d5623c8b2d251d7e2af5f5436245f251be095554581baacb31c013a0a6d0& | 162.159.129.233 | 404 Not Found | 0 B |
URL GET HTTP/2cdn.discordapp.com/attachments/1238156399721185334/1238156427558654013/dfb156e.mp4?ex=663e4288&is=663cf108&hm=2d79d5623c8b2d251d7e2af5f5436245f251be095554581baacb31c013a0a6d0& IP162.159.129.233:443
Requested byhttps://feeram3x.cc/img/icons/favicon.svg CertificateIssuerCloudflare, Inc. Subjectdiscordapp.com Fingerprint97:8B:EE:AD:1E:BF:A1:69:E7:94:29:F7:55:7A:29:64:19:C7:81:39 ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /attachments/1238156399721185334/1238156427558654013/dfb156e.mp4?ex=663e4288&is=663cf108&hm=2d79d5623c8b2d251d7e2af5f5436245f251be095554581baacb31c013a0a6d0& HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://feeram3x.cc/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 10 May 2024 11:57:11 GMT
content-type: application/xml; charset=UTF-8
content-length: 233
cf-ray: 8819c0131f1d56c7-OSL
cf-cache-status: EXPIRED
accept-ranges: bytes
cache-control: public, max-age=31536000
content-disposition: attachment
expires: Sat, 10 May 2025 11:57:11 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-guploader-uploadid: ABPtcPpj-DdBLWK1tpZko1DhySL4SuqzBykwGh7N6TXhxxOgbK-W4FoIOQnFy_FLLy__gOoDpyQ
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2grS2BgIdS4KfJ6V2ACvAYcNDAi3oP9eEvNTFO3%2FMSmnKWCZG9umXHdJ2YsUE4gh2k0wBxWWMHsvlvL4D6VDyXS3nmiKqGNIoa6no49FaAnMEg1G7HF5Ptjshu%2FaWzC8VB6Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cf_bm=3RATflagS2NZNaNBzyJ1WopfH86n3V3gB38I11UMUmg-1715342231-1.0.1.1-kFfUghtMTzePa5BOzN6jVw9OxjmYcRCK5T15RsuZpWM1W.sXwi.L_.TaGtbKSNEP0WEmOqlSZL026SuGyrGSQA; path=/; expires=Fri, 10-May-24 12:27:11 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
_cfuvid=26MVYcapytW5or25FhcbwMZSiWsC5Btlo0Fru8QZd1Y-1715342231738-0.0.1.1-604800000; path=/; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| feeram3x.cc/img/icons/favicon.svg | 172.67.187.148 | 200 OK | 2.7 kB |
URL GET HTTP/3feeram3x.cc/img/icons/favicon.svg IP172.67.187.148:443
Requested byhttps://feeram3x.cc/img/icons/favicon.svg CertificateIssuerGoogle Trust Services LLC Subjectfeeram3x.cc Fingerprint31:D3:AF:D1:8C:C3:58:1E:4C:15:4B:74:F2:D2:FA:06:DB:81:3F:D1 ValidityTue, 07 May 2024 08:09:11 GMT - Mon, 05 Aug 2024 08:09:10 GMT
File typeHTML document, ASCII text, with very long lines (2872), with no line terminators Hash3b3000ef7638c098fe8b3d913e0edb6a 4262d92113a3048f5fcb07d3ba837696f8aa0272 348d3667d6b737479a24ac131192a2d4da4ee9bf2f2621355c72e26231ba244a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icons/favicon.svg HTTP/1.1
Host: feeram3x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feeram3x.cc/img/icons/favicon.svg
Cookie: inviteNumber=-1; username=; hasLogin=false; tier=-1; password=; userId=-1; hasGuide=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 11:57:11 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-cache-status: HIT
age: 2
last-modified: Fri, 10 May 2024 11:57:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OOJHAAWlJI3dWbpgegZkrA3TTigib%2FpGly3EG0PudpkqootdEBKSkHQPepcRHK%2BK9ue47egLwA8nmChkiicDWrOuRzdsHj9E6euU33fSdtEIQjcpRnMiQDI5tn8fsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819c015ab39712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| feeram3x.cc/img/icons/favicon.svg | 172.67.187.148 | 200 OK | 2.7 kB |
URL User Request GET HTTP/2feeram3x.cc/img/icons/favicon.svg IP172.67.187.148:443
CertificateIssuerGoogle Trust Services LLC Subjectfeeram3x.cc Fingerprint31:D3:AF:D1:8C:C3:58:1E:4C:15:4B:74:F2:D2:FA:06:DB:81:3F:D1 ValidityTue, 07 May 2024 08:09:11 GMT - Mon, 05 Aug 2024 08:09:10 GMT
File typeHTML document, ASCII text, with very long lines (2872), with no line terminators Hash3b3000ef7638c098fe8b3d913e0edb6a 4262d92113a3048f5fcb07d3ba837696f8aa0272 348d3667d6b737479a24ac131192a2d4da4ee9bf2f2621355c72e26231ba244a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/icons/favicon.svg HTTP/1.1
Host: feeram3x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 11:57:09 GMT
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 09:14:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5aIyWMkiFLsbXAI3phCJLM1tmLoGuCm9lI6H587fp%2B835XjPO1cAoRepnienlOS0tOlbKSm0xy3oelLU1v3JVRz96eZGrlkjyle6LLBK82nKY3uZftue6S9q82wkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819c0035c937130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| feeram3x.cc/css/chunk-vendors.c57533e1.css | 172.67.187.148 | 200 OK | 156 kB |
URL GET HTTP/3feeram3x.cc/css/chunk-vendors.c57533e1.css IP172.67.187.148:443
Requested byhttps://feeram3x.cc/img/icons/favicon.svg CertificateIssuerGoogle Trust Services LLC Subjectfeeram3x.cc Fingerprint31:D3:AF:D1:8C:C3:58:1E:4C:15:4B:74:F2:D2:FA:06:DB:81:3F:D1 ValidityTue, 07 May 2024 08:09:11 GMT - Mon, 05 Aug 2024 08:09:10 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size156 kB (156544 bytes) Hashebfffebc1f62c3be51082e6595a0a005 e278fbd6fd48150b3f366b50ed388983d934978c f5ce9e73e1f7cea326eedd4f39d9b2d703ba4ccb31a6078cdc1fb16481298a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/chunk-vendors.c57533e1.css HTTP/1.1
Host: feeram3x.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://feeram3x.cc/img/icons/favicon.svg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 11:57:10 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 10 May 2024 08:23:35 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2F2ng0nfEGPBIPmlqmo03bPCKf%2BEdERk1yc2iTeOMsLqhIxf55YU%2FDjXkBDqviVNaLKurBmeYQ9Cz81K5YGPOCBnqj7KQDHhm%2BbH5LxNqVhu5qfrLkdg5SIvrb6xrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8819c0073a08712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|