| GET myr0o3xzhf.pages.dev/assets/img/z3ag5659ar.gif |  172.66.46.220 | 200 OK | 28 kB |
URL GET HTTP/3myr0o3xzhf.pages.dev/assets/img/z3ag5659ar.gif IP172.66.46.220:443
Requested byhttps://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net CertificateIssuerGoogle Trust Services Subjectmyr0o3xzhf.pages.dev Fingerprint90:2D:FC:D9:C5:49:BE:C6:AC:32:8C:2C:80:95:FA:A9:08:76:21:6C ValidityWed, 11 Dec 2024 10:32:26 GMT - Tue, 11 Mar 2025 11:26:04 GMT
File typeGIF image data, version 89a, 200 x 200 Hashe0157316aa11444323098860a0676a2d fdfaeb2064c66ac8b6e350ba46646d965ee7db85 7f5e002aa2a98fdaa630c31c79bbec6758f54c923eb799a2c5b7dbe3f0645f33
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/img/z3ag5659ar.gif HTTP/1.1
Host: myr0o3xzhf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Dec 2024 15:24:51 GMT
content-type: image/gif
content-length: 27797
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "aee63cdfc5b3913f9277f4450cd1d362"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xX2daXMhtow0dBL3chFIabHyDAtouxmjedlWwFKK%2B%2Fs77x50LsOmpGwepwiPlWrAoYATCcS2o53pXlbTH%2BR%2FOLOFrFr2GIxdt8NymtEGdmwNtpHzDHe4kjWiakNVSLjcHgvmHsLUEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f1f34085ddeb527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5293&min_rtt=1689&rtt_var=3207&sent=26&recv=13&lost=0&retrans=0&sent_bytes=16172&recv_bytes=3361&delivery_rate=351497&cwnd=12000&unsent_bytes=0&cid=2699b8783051483a&ts=345&x=1", cfExtPri, cfHdrFlush;dur=1
|
|
| GET myr0o3xzhf.pages.dev/assets/img/kslyucn4lo.png | 172.66.46.220 | 200 OK | 305 B |
URL GET HTTP/3myr0o3xzhf.pages.dev/assets/img/kslyucn4lo.png IP172.66.46.220:443
Requested byhttps://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net CertificateIssuerGoogle Trust Services Subjectmyr0o3xzhf.pages.dev Fingerprint90:2D:FC:D9:C5:49:BE:C6:AC:32:8C:2C:80:95:FA:A9:08:76:21:6C ValidityWed, 11 Dec 2024 10:32:26 GMT - Tue, 11 Mar 2025 11:26:04 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash48448577196f55ee85da0c358a9fec86 00ff4aba140ff0141585956a7d3ad78cdc16a702 7bd30ad4ed1836cc34283582c537c93d191d1d006cdd4bde54a24e273762c5ae
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/img/kslyucn4lo.png HTTP/1.1
Host: myr0o3xzhf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Dec 2024 15:24:51 GMT
content-type: image/png
content-length: 305
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "9a2fd65a8a7c55bc9739ffe0c87c3668"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fi3pvq8%2FPRp8oG983kdIcByf6arMTc49vVnsStr%2B%2FYX%2BLzgvYOPR7%2BieSnNL%2Fl%2BJw%2Bv0Dk0a4c3MRtFvPRufCjF4My1%2BrkUb4aZ37zgiP5Mh70is5j34hVOCHseejlavEYS2bxvGrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f1f34085de1b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5293&min_rtt=1689&rtt_var=3207&sent=26&recv=13&lost=0&retrans=0&sent_bytes=16172&recv_bytes=3361&delivery_rate=351497&cwnd=12000&unsent_bytes=0&cid=2699b8783051483a&ts=343&x=1", cfExtPri, cfHdrFlush;dur=7
|
|
| GET myr0o3xzhf.pages.dev/assets/img/gpkvtm999e.png | 172.66.46.220 | 200 OK | 7.8 kB |
URL GET HTTP/3myr0o3xzhf.pages.dev/assets/img/gpkvtm999e.png IP172.66.46.220:443
Requested byhttps://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net CertificateIssuerGoogle Trust Services Subjectmyr0o3xzhf.pages.dev Fingerprint90:2D:FC:D9:C5:49:BE:C6:AC:32:8C:2C:80:95:FA:A9:08:76:21:6C ValidityWed, 11 Dec 2024 10:32:26 GMT - Tue, 11 Mar 2025 11:26:04 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hash37a543d0520840977af622389e43817e ba78e69994273e8712a783414cbfe8093f419f93 387913bc791bb7f249ef2723708f7f73a207afe375dea52c50b4ab1bf458cb00
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/img/gpkvtm999e.png HTTP/1.1
Host: myr0o3xzhf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Dec 2024 15:24:51 GMT
content-type: image/png
content-length: 7821
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "090450d559c08bd41ae92f3711794d09"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rOv%2F9AmF0CxmJqbgvVcv4R5za7y6d4RkT%2B0M6XxvPSCJj3%2BlXywuMErrb0B5LKb0A2%2BpeDXlAk329e92RVEDwjYUh0aPcXzZCjW1XjiLsnOkGIe49l9zQrpg4CNg1Xy%2FOBh%2BXoOcRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f1f34085de4b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5293&min_rtt=1689&rtt_var=3207&sent=26&recv=13&lost=0&retrans=0&sent_bytes=16172&recv_bytes=3361&delivery_rate=351497&cwnd=12000&unsent_bytes=0&cid=2699b8783051483a&ts=344&x=1", cfExtPri, cfHdrFlush;dur=6
|
|
| GET myr0o3xzhf.pages.dev/assets/img/hqgn3ufmll.png | 172.66.46.220 | 200 OK | 16 kB |
URL GET HTTP/3myr0o3xzhf.pages.dev/assets/img/hqgn3ufmll.png IP172.66.46.220:443
Requested byhttps://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net CertificateIssuerGoogle Trust Services Subjectmyr0o3xzhf.pages.dev Fingerprint90:2D:FC:D9:C5:49:BE:C6:AC:32:8C:2C:80:95:FA:A9:08:76:21:6C ValidityWed, 11 Dec 2024 10:32:26 GMT - Tue, 11 Mar 2025 11:26:04 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hash0db69f465c1599e2304f0bac7bb6320e db90a66f49995eb2d0a68ac29ce63ff1c8ef8a5a 4ac3b54a1f4857d42fdff9f24bea56fc6714a6d6fff2284c0321db5725876bb9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/img/hqgn3ufmll.png HTTP/1.1
Host: myr0o3xzhf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 14 Dec 2024 15:24:52 GMT
content-type: image/png
content-length: 16295
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "4d90a2dc08cfc4bd2680240e02af3311"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2Bmkly7vY7YNceTihB2DJjJGkdqoIWRFSXyK7jJ7IHkgDG8fRV9m8MKFSktXQe6iISc65CUeGGumLhJJyfvrsbDoS%2B4s9s1NK5KWhJgaDDHKAbUtGYPRe4SgGgZ%2BF1q%2F6cee0LFTEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f1f34097f78b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4329&min_rtt=1689&rtt_var=2806&sent=72&recv=17&lost=0&retrans=0&sent_bytes=65034&recv_bytes=3824&delivery_rate=5160489&cwnd=48000&unsent_bytes=0&cid=2699b8783051483a&ts=509&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| GET myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net | 172.66.46.220 | 200 OK | 865 B |
URL User Request GET HTTP/2myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net IP172.66.46.220:443
CertificateIssuerGoogle Trust Services Subjectmyr0o3xzhf.pages.dev Fingerprint90:2D:FC:D9:C5:49:BE:C6:AC:32:8C:2C:80:95:FA:A9:08:76:21:6C ValidityWed, 11 Dec 2024 10:32:26 GMT - Tue, 11 Mar 2025 11:26:04 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash852b8089442d29d539de06601463e7e7 b4c92f553f64c2966dbcd8f40e36745b03989f30 e914c87a7cd653a07fa1f9aaf79e6333a3ae48beffa6038f9c4fcc0fb59af07d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net HTTP/1.1
Host: myr0o3xzhf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 14 Dec 2024 15:24:51 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKB4kBjjZDWFNpYTvHfFRE06WQpn8DWymErpBsWrxZYRL0HG1etNWR76UHhgnHD%2BWGmiEUt8VZg%2BtcHiAfSr%2FCvGmJHMH3JBhV3MbPX4PnkOTZzoV38Aw%2FUpEfgo97L6T1HbgYASKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f1f3405ef1f0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6500&min_rtt=462&rtt_var=12084&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3303&recv_bytes=1293&delivery_rate=7362711&cwnd=254&unsent_bytes=0&cid=c7dc2945150e4690&ts=70&x=0"
X-Firefox-Spdy: h2
|
|
| GET myr0o3xzhf.pages.dev/assets/css/style.css | 172.66.46.220 | 200 OK | 14 kB |
URL GET HTTP/3myr0o3xzhf.pages.dev/assets/css/style.css IP172.66.46.220:443
Requested byhttps://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net CertificateIssuerGoogle Trust Services Subjectmyr0o3xzhf.pages.dev Fingerprint90:2D:FC:D9:C5:49:BE:C6:AC:32:8C:2C:80:95:FA:A9:08:76:21:6C ValidityWed, 11 Dec 2024 10:32:26 GMT - Tue, 11 Mar 2025 11:26:04 GMT
Hashf68cc2a75b667ef4e624316b3faebe83 4094111d3ba3a9d87b368406a790904e63e315c1 896e842ad2f8d6200056930cec9b1323496ae19e10f5613ee5744308b0b8cc5d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/css/style.css HTTP/1.1
Host: myr0o3xzhf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Dec 2024 15:24:51 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"eee64515888456cbb9672e6e189d6d72"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CwSWr%2FJmwQI6rdEjbT82Uh6GH2LQXhZKFEt%2Fh%2F3M4PgjxJYO2kok%2BTVaiNjLqP4NVAt9qrjcGM2j%2FKl8q9t8ztiYCXBbr%2F9WkmmE2OgdXJTmbGS5Z2fzurq1FVEcwletdk3v2RrI4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f1f34085dd8b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5293&min_rtt=1689&rtt_var=3207&sent=23&recv=13&lost=0&retrans=0&sent_bytes=13161&recv_bytes=3361&delivery_rate=351497&cwnd=12000&unsent_bytes=0&cid=2699b8783051483a&ts=343&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| GET myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net | 172.66.46.220 | 200 OK | 2.5 kB |
URL GET HTTP/3myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net IP172.66.46.220:443
Requested byhttps://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net CertificateIssuerGoogle Trust Services Subjectmyr0o3xzhf.pages.dev Fingerprint90:2D:FC:D9:C5:49:BE:C6:AC:32:8C:2C:80:95:FA:A9:08:76:21:6C ValidityWed, 11 Dec 2024 10:32:26 GMT - Tue, 11 Mar 2025 11:26:04 GMT
File typeHTML document, ASCII text, with very long lines (2699), with no line terminators Hash1100cc402371d852c06ceaeb9996389c 5760b92a0df0300d087eb1f946f90b05f0e8ec0d 59eb76d1de816817872882437f79bf6e5ff757a6140713f54245a1fad7d67b5e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net HTTP/1.1
Host: myr0o3xzhf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Dec 2024 15:24:51 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sOUxLhrDa3e2njfj8CI%2FNMV1kP5ZKDGAqyTWfP1JADxXV99lOpkXCCloduBii54BwQfS3Az8UfTeVgIggCvrSrm%2FFfGf3EQ1cEkob%2FKFrWugpoo3Bomhm0Xha8tEMyJ8iPSQU2v%2Few%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f1f34085de0b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4850&min_rtt=1689&rtt_var=3292&sent=47&recv=14&lost=0&retrans=0&sent_bytes=40172&recv_bytes=3405&delivery_rate=36900&cwnd=24000&unsent_bytes=0&cid=2699b8783051483a&ts=350&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| GET myr0o3xzhf.pages.dev/assets/js/cbv6636upb.js | 172.66.46.220 | 200 OK | 54 kB |
URL GET HTTP/3myr0o3xzhf.pages.dev/assets/js/cbv6636upb.js IP172.66.46.220:443
Requested byhttps://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net CertificateIssuerGoogle Trust Services Subjectmyr0o3xzhf.pages.dev Fingerprint90:2D:FC:D9:C5:49:BE:C6:AC:32:8C:2C:80:95:FA:A9:08:76:21:6C ValidityWed, 11 Dec 2024 10:32:26 GMT - Tue, 11 Mar 2025 11:26:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/cbv6636upb.js HTTP/1.1
Host: myr0o3xzhf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Dec 2024 15:24:51 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"f36d5ae9b9bed46e97125ec52844d27f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uU4ugjF%2BCKc%2FAteh6HcPzLjVxM2yKHlA%2Fu%2BOPw2O9Dq2DA5%2B75i2YrzzCuI1bONTGYgOkx9DTQQbpvYnanIlzAPUrNOvPXtuRb8JpDOVBVxUxnv06SctxGg0%2FhVzmJ2xLEriXDhyVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f1f34085debb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5293&min_rtt=1689&rtt_var=3207&sent=16&recv=13&lost=0&retrans=0&sent_bytes=5054&recv_bytes=3361&delivery_rate=351497&cwnd=12000&unsent_bytes=0&cid=2699b8783051483a&ts=343&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| GET myr0o3xzhf.pages.dev/favicon.ico | 172.66.46.220 | 404 Not Found | 0 B |
URL GET HTTP/3myr0o3xzhf.pages.dev/favicon.ico IP172.66.46.220:443
Requested byhttps://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net CertificateIssuerGoogle Trust Services Subjectmyr0o3xzhf.pages.dev Fingerprint90:2D:FC:D9:C5:49:BE:C6:AC:32:8C:2C:80:95:FA:A9:08:76:21:6C ValidityWed, 11 Dec 2024 10:32:26 GMT - Tue, 11 Mar 2025 11:26:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: myr0o3xzhf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 14 Dec 2024 15:24:52 GMT
content-length: 0
access-control-allow-origin: *
cache-control: no-store
referrer-policy: strict-origin-when-cross-origin
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHbQrVxQGHVCPZ8TUwaNaH%2FQTnq%2FmkBFJY7n01qAbNTMpxapb43QMXD7nxwc70Ac%2BaegPjU0fhmgvvNbb9xLiAqXZzY3EaifzCS9JnKRChukypyJuyc8tYnF2LZ8kg%2Fvrti0wmDCWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f1f340d7db5b527-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5894&min_rtt=1689&rtt_var=5233&sent=88&recv=19&lost=0&retrans=0&sent_bytes=82469&recv_bytes=4189&delivery_rate=553755&cwnd=48000&unsent_bytes=0&cid=2699b8783051483a&ts=1184&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| GET myr0o3xzhf.pages.dev/assets/js/aovoqg3s8e.js | 172.66.46.220 | 200 OK | 815 B |
URL GET HTTP/3myr0o3xzhf.pages.dev/assets/js/aovoqg3s8e.js IP172.66.46.220:443
Requested byhttps://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net CertificateIssuerGoogle Trust Services Subjectmyr0o3xzhf.pages.dev Fingerprint90:2D:FC:D9:C5:49:BE:C6:AC:32:8C:2C:80:95:FA:A9:08:76:21:6C ValidityWed, 11 Dec 2024 10:32:26 GMT - Tue, 11 Mar 2025 11:26:04 GMT
File typeASCII text, with very long lines (885), with no line terminators Hash86831317dc042c84755ff95d5c6bb3b1 ea04dfa194562c8cf7af34a27777999c30d5bac4 c349f34396bfd03b3da050c784e19216a02d7c19867ac878f17f55c9dcdb5368
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/aovoqg3s8e.js HTTP/1.1
Host: myr0o3xzhf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Dec 2024 15:24:51 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"4cc4150cd986e3fbb52bbb023be3a9f3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDNgOHgEswaUI1xmE0KwHf3vH6hg%2Bx2HmXVuxq3GCvBM7qNXqzhWvs2C%2FPECiXI%2FhCb9Ah4%2FYiE3pr%2FJJc2J3%2Fdx8Cp72FAde1MJlRhjvYA9vPUWDNEkDQgKpuUqRO8jj1KAzJ7%2F9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f1f34085de8b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5293&min_rtt=1689&rtt_var=3207&sent=26&recv=13&lost=0&retrans=0&sent_bytes=16172&recv_bytes=3361&delivery_rate=351497&cwnd=12000&unsent_bytes=0&cid=2699b8783051483a&ts=345&x=1", cfExtPri, cfHdrFlush;dur=5
|
|
| GET myr0o3xzhf.pages.dev/assets/js/lr6g6jn5tj.js | 172.66.46.220 | 200 OK | 208 B |
URL GET HTTP/3myr0o3xzhf.pages.dev/assets/js/lr6g6jn5tj.js IP172.66.46.220:443
Requested byhttps://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net CertificateIssuerGoogle Trust Services Subjectmyr0o3xzhf.pages.dev Fingerprint90:2D:FC:D9:C5:49:BE:C6:AC:32:8C:2C:80:95:FA:A9:08:76:21:6C ValidityWed, 11 Dec 2024 10:32:26 GMT - Tue, 11 Mar 2025 11:26:04 GMT
File typeASCII text, with no line terminators Hash9b4cef13158dc92fea5f9ad9f98fbb55 0342b635da423c1f8c93d1c77ebb3c5fcb5f4ed8 ab033352e5214ace5db92e0f2a599af0064cfefbdcea17b14c961f59d569711f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/lr6g6jn5tj.js HTTP/1.1
Host: myr0o3xzhf.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://myr0o3xzhf.pages.dev/qjgdikgs?gvqi07evft=vincenzo.schiavone@slurpmail.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 14 Dec 2024 15:24:51 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"d1bda64c48e335affd5165a904539df8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMEEnhYVDmG46S47CoH6KKSBLPKS3i%2F2eKrC0kSrpfv5SsmkCj8Ep7DkOnBWOTSOXab0pcFZycrD3SU0pQI%2F8CpuedtumY21OZiV4HgrPD59maA%2F8tWjCfeeBXrKJZUmsiuZvP4k7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f1f34085de9b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5293&min_rtt=1689&rtt_var=3207&sent=15&recv=13&lost=0&retrans=0&sent_bytes=4172&recv_bytes=3361&delivery_rate=351497&cwnd=12000&unsent_bytes=0&cid=2699b8783051483a&ts=342&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
172.66.45.36