Report - oerdg.yncproof.top/

Report Overview

Visited public
2023-12-07 23:35:26
Tags
URL
oerdg.yncproof.top/
Finishing URL
oerdg.yncproof.top/
IP / ASN
104.21.5.123
#13335 CLOUDFLARENET
Title
CNAME Cross-User Banned | Cloudflare

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
vdms-ssl.cedexis-test.com	11236	2014-07-09	2018-01-31 01:38:28	2023-12-05 14:30:13	432 B	103 kB	152.195.34.116
performance.radar.cloudflare.com	unknown	2009-02-17	2022-06-29 12:44:51	2023-12-07 12:31:47	1.6 kB	10 kB	104.18.30.78
oerdg.yncproof.top	unknown	unknown	No data	No data	1.3 kB	14 kB	172.67.133.113
benchmark.1e100cdn.net	10208	2016-01-26	2016-02-04 21:53:58	2023-12-06 17:54:00	419 B	103 kB	35.190.26.57
p29.cedexis-test.com	11105	2014-07-09	2020-07-30 13:41:39	2023-12-06 20:32:33	421 B	103 kB	143.204.55.123
fastly.cedexis-test.com	11512	2014-07-09	2015-03-12 03:39:16	2023-12-05 18:42:22	430 B	103 kB	151.101.130.6
ptcfc.com	9736	2017-05-26	2017-02-07 00:13:51	2023-12-04 16:23:36	414 B	103 kB	104.16.53.99
stackpath-map3.cedexis-test.com	18581	2014-07-09	2017-08-14 23:10:21	2023-12-04 22:42:25	432 B	103 kB	151.139.128.10
cedexis-test.akamaized.net	20968	2014-03-18	2020-08-26 09:30:59	2023-12-03 22:18:12	427 B	103 kB	23.73.4.214
p17003.cedexis-test.com	unknown	2014-07-09	2022-06-07 16:58:09	2023-12-05 08:05:37	430 B	103 kB	178.79.213.113
ipv6-check-perf.radar.cloudflare.com	unknown	2009-02-17	2022-05-30 10:17:29	2023-12-02 08:30:48	441 B	0 B	0.0.0.0
ipv4-check-perf.radar.cloudflare.com	unknown	2009-02-17	2022-05-19 17:17:14	2023-12-01 22:58:54	441 B	965 B	104.18.31.78

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-07 23:35:15	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-12-07 23:35:15	medium	Client IP	172.67.133.113	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	oerdg.yncproof.top/	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL oerdg.yncproof.top/ IP 172.67.133.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 07:45 Times Seen4634672 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	performance.radar.cloudflare.com/beacon.js	ScriptElement	7.9 kB	2024-08-20	2024-08-20
Pretty URL performance.radar.cloudflare.com/beacon.js IP 104.18.30.78 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:24 Last Seen2024-08-20 16:24 Times Seen1 Hash afca70bec45a43d8fe42a70d0096f055 9a3c87c2436fbf70a37e2cb09985f224bad02103 3cafe8767877cfbe81be068e129868f2d0338bf62ad954cbd1e9dcbf31a0dfd5 Loading...

	oerdg.yncproof.top/	ScriptElement	393 B	2023-04-05	2025-03-02
Pretty URL oerdg.yncproof.top/ IP 172.67.133.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 04:39 Last Seen2025-03-02 06:13 Times Seen143291 Hash 34ad0a116707d3b794129a6720af92d7 424de9dbb8bc774e2a2d4ade100d90f5ac0ecbf4 d011a9449a990f2086894be870adc6fbb53595dc593b410a83e45e40bfbc7262 Loading...

	oerdg.yncproof.top/	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL oerdg.yncproof.top/ IP 172.67.133.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 07:45 Times Seen4634672 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (16)

URL IP Response Size

oerdg.yncproof.top/

172.67.133.113

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
oerdg.yncproof.top/
IP
172.67.133.113:80
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET / HTTP/1.1
Host: oerdg.yncproof.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Thu, 07 Dec 2023 23:35:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 08 Dec 2023 00:35:09 GMT
Location: https://oerdg.yncproof.top/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ryiigegipjf4k8Iq4DCQMSpAnIskUqtjWUYQM9Slib868YaHptarTFUSCg13vea9bFdTheI1yAm6%2B8koqA7UuURFZeXcWv534%2Bm2WtedMc3tI5mDNY1be5nOFrr8bntMJ4M8%2B9o%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8320955bcbc85696-OSL
alt-svc: h2=":443"; ma=60

benchmark.1e100cdn.net/r20-100KB.png?r=83226331

35.190.26.57

200 OK

102 kB

URL GET HTTP/2
benchmark.1e100cdn.net/r20-100KB.png?r=83226331
IP
35.190.26.57:443
ASN
#15169 GOOGLE

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerGoogle Trust Services LLC
Subject1e100cdn.net
FingerprintE2:BB:A9:0E:D9:51:39:60:4C:53:81:2D:2E:2E:E7:21:EA:F3:87:90
ValidityFri, 17 Nov 2023 22:54:20 GMT - Thu, 15 Feb 2024 23:48:55 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /r20-100KB.png?r=83226331 HTTP/1.1
Host: benchmark.1e100cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 102400
timing-allow-origin: *
via: 1.1 google
date: Wed, 15 Nov 2023 20:54:41 GMT
cache-control: public,max-age=31536000
age: 1910429
etag: "5939ad35-19000"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

p29.cedexis-test.com/img/r20-100KB.png?r=89495429

143.204.55.123

200 OK

102 kB

URL GET HTTP/1.1
p29.cedexis-test.com/img/r20-100KB.png?r=89495429
IP
143.204.55.123:443
ASN
#16509 AMAZON-02

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerDigiCert Inc
Subjectp29.cedexis-test.com
Fingerprint4E:9E:CF:B4:5D:B0:F1:EB:6A:E3:9C:A9:44:F5:17:97:93:60:54:D1
ValidityMon, 30 Jan 2023 00:00:00 GMT - Mon, 29 Jan 2024 23:59:59 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/r20-100KB.png?r=89495429 HTTP/1.1
Host: p29.cedexis-test.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 102400
Connection: keep-alive
Server: nginx
Last-Modified: Wed, 07 Sep 2022 08:47:01 GMT
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Accept-Ranges: bytes
Date: Fri, 10 Nov 2023 22:51:32 GMT
Cache-Control: max-age=2629743, public
ETag: "63185a85-19000"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: nh4fjegDh35NHCTs1N50GBshhGYKsXmyg8TR-Nmz1YcfqeRq69UjMA==
Age: 2335418

cedexis-test.akamaized.net/img/r20-100KB.png?r=73601361

23.73.4.214

200 OK

102 kB

URL GET HTTP/1.1
cedexis-test.akamaized.net/img/r20-100KB.png?r=73601361
IP
23.73.4.214:443
ASN
#20940 Akamai International B.V.

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/r20-100KB.png?r=73601361 HTTP/1.1
Host: cedexis-test.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 102400
Server: nginx
Last-Modified: Wed, 07 Sep 2022 08:47:01 GMT
ETag: "63185a85-19000"
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=2629743
Expires: Sun, 07 Jan 2024 10:04:13 GMT
Date: Thu, 07 Dec 2023 23:35:10 GMT
Connection: keep-alive
X-Cache: RequestInfo=3378497917,23.73.4.214,1216293a,1701992110,42541,10,dc906dc

fastly.cedexis-test.com/img/20367/r20-100KB.png?r=25776857

151.101.130.6

200 OK

102 kB

URL GET HTTP/1.1
fastly.cedexis-test.com/img/20367/r20-100KB.png?r=25776857
IP
151.101.130.6:443
ASN
#54113 FASTLY

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerGlobalSign nv-sa
Subjectfastly.cedexis-test.com
Fingerprint38:27:4B:52:56:EF:9E:97:73:3D:31:6D:22:03:EA:D5:7A:34:DF:13
ValiditySat, 01 Jul 2023 19:49:01 GMT - Thu, 01 Aug 2024 19:49:00 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/20367/r20-100KB.png?r=25776857 HTTP/1.1
Host: fastly.cedexis-test.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 102400
Content-Type: image/png
Server: nginx
Last-Modified: Wed, 07 Sep 2022 08:46:26 GMT
ETag: "63185a62-19000"
Access-Control-Allow-Origin: *
Cache-Control: max-age=2629743, public
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 07 Dec 2023 23:35:10 GMT
Age: 1946308
X-Served-By: cache-dfw-kdfw8210038-DFW, cache-bma1670-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 11, 139081
X-Timer: S1701992111.903226,VS0,VE0
X-Cedexis-UNI: BMA|{"pop":"BMA","sip":"151.101.130.6","rtt":9308,"min_rtt":7513,"ip_ver":"v4","info_state":"HIT","tls":"TLSv1.3","server_name":"cache-bma1670"}

ptcfc.com/img/284/r20-100KB.png?r=98294828

104.16.53.99

200 OK

102 kB

URL GET HTTP/2
ptcfc.com/img/284/r20-100KB.png?r=98294828
IP
104.16.53.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint21:3C:D8:03:98:57:16:0E:80:01:71:05:2A:17:A0:0B:C4:BB:64:E1
ValidityMon, 15 May 2023 00:00:00 GMT - Tue, 14 May 2024 23:59:59 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/284/r20-100KB.png?r=98294828 HTTP/1.1
Host: ptcfc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 23:35:11 GMT
content-type: image/png
content-length: 102400
timing-allow-origin: *
access-control-expose-headers: *
etag: "5668b8ac-19000"
cache-control: public, max-age=31536000
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 832095668f9756c7-OSL
X-Firefox-Spdy: h2

stackpath-map3.cedexis-test.com/img/r20-100KB.png?r=39624699

151.139.128.10

200 OK

102 kB

URL GET HTTP/1.1
stackpath-map3.cedexis-test.com/img/r20-100KB.png?r=39624699
IP
151.139.128.10:443
ASN
#20446 STACKPATH-CDN

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerDigiCert Inc
Subjectp45890.cedexis-test.com
FingerprintD4:F3:60:C3:0E:AD:E1:0F:DB:5A:3F:19:E6:DF:5C:B7:20:1B:B6:77
ValidityThu, 25 May 2023 00:00:00 GMT - Fri, 24 May 2024 23:59:59 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/r20-100KB.png?r=39624699 HTTP/1.1
Host: stackpath-map3.cedexis-test.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 23:35:11 GMT
ETag: "1662540421"
Cache-Control: public, max-age=86400
Content-Type: image/png
Last-Modified: Wed, 07 Sep 2022 08:47:01 GMT
Accept-Ranges: bytes
X-HW: 1701992111.cds231.sk1.hn,1701992111.cds223.sk1.c
timing-allow-origin: *
Connection: keep-alive
Content-Length: 102400

p17003.cedexis-test.com/img/17003/r20-100KB.png?r=10279988

178.79.213.113

200 OK

102 kB

URL GET HTTP/2
p17003.cedexis-test.com/img/17003/r20-100KB.png?r=10279988
IP
178.79.213.113:443
ASN
#22822 LLNW

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerDigiCert Inc
Subjectp17003.cedexis-test.com
Fingerprint71:89:83:55:3F:53:56:D6:55:59:A4:14:DA:98:CE:E9:6B:35:47:4A
ValidityTue, 13 Jun 2023 00:00:00 GMT - Wed, 12 Jun 2024 23:59:59 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/17003/r20-100KB.png?r=10279988 HTTP/1.1
Host: p17003.cedexis-test.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: EdgePrism/5.1.5.0
mime-version: 1.0
content-type: image/png
x-llid: f2e909aab8ce2f88df1b97592b51f6e1
date: Thu, 07 Dec 2023 23:35:11 GMT
content-length: 102400
x-llnw-info: na
timing-allow-origin: *
access-control-allow-origin: *
cache-control: max-age=2629743, public
x-accel-buffering: no
access-control-allow-methods: GET,HEAD,OPTIONS
x-llnw-dscp: 34
X-Firefox-Spdy: h2

vdms-ssl.cedexis-test.com/img/16999/r20-100KB.png?r=38090706

152.195.34.116

200 OK

102 kB

URL GET HTTP/2
vdms-ssl.cedexis-test.com/img/16999/r20-100KB.png?r=38090706
IP
152.195.34.116:443
ASN
#15133 EDGECAST

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerDigiCert Inc
Subjectp16999.cedexis-test.com
Fingerprint7B:61:AA:9D:2E:74:C3:E5:BC:96:4E:8A:6E:EF:B9:B1:C9:27:44:37
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
PNG image data, 310 x 205, 8-bit/color RGBA, non-interlaced\012- data
Size
102 kB (102400 bytes)
Hash
f134fda98a277b1c8f20ab8fbe2fbd58
a922796190a1f5bbb3c410c6ec591502050df04e
27bce9e85eaf3567a4695ba2b612e32615394d80d0a3a2dcb07b1fbfdfababc7

HTTP Headers

GET /img/16999/r20-100KB.png?r=38090706 HTTP/1.1
Host: vdms-ssl.cedexis-test.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Server
age: 2606657
cache-control: max-age=2629743, public
content-type: image/png
date: Thu, 07 Dec 2023 23:35:11 GMT
etag: "63185a62-19000"
last-modified: Wed, 07 Sep 2022 08:46:26 GMT
server: ECAcc (ska/F750)
timing-allow-origin: *
x-cache: HIT
content-length: 102400
X-Firefox-Spdy: h2

oerdg.yncproof.top/cdn-cgi/styles/main.css

172.67.133.113

200 OK

5.9 kB

URL GET HTTP/3
oerdg.yncproof.top/cdn-cgi/styles/main.css
IP
172.67.133.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectyncproof.top
Fingerprint25:92:8C:A8:06:A2:B4:92:71:AA:50:EC:12:B2:87:81:E1:2D:7F:CC
ValidityWed, 22 Nov 2023 08:15:30 GMT - Tue, 20 Feb 2024 08:15:29 GMT

File type
gzip compressed data, from Unix\012- data
Size
5.9 kB (5948 bytes)
Hash
f2f1608ffb5067359f01299319b5c7a9
67a90635ad4b59931485c68cb3d7a0ce452cb224
2b588985d42167865fa46a95f5fa84fd6fc13c0862b4c82816fef4911a1607d3

HTTP Headers

GET /cdn-cgi/styles/main.css HTTP/1.1
Host: oerdg.yncproof.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oerdg.yncproof.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 23:35:09 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
etag: W/"6569f5f8-1f4d"
server: cloudflare
cf-ray: 8320955e7d90568a-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 08 Dec 2023 01:35:09 GMT
cache-control: max-age=7200, public
content-encoding: gzip

performance.radar.cloudflare.com/api/beacon

104.18.30.78

200 OK

15 B

URL POST HTTP/3
performance.radar.cloudflare.com/api/beacon
IP
104.18.30.78:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerCloudflare, Inc.
Subjectradar.cloudflare.com
FingerprintEA:39:08:32:55:56:78:80:C7:B3:4A:AA:60:90:9C:BB:AE:11:E7:97
ValidityWed, 21 Jun 2023 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
e60e0a9845110894b19d227227207fd5
9c4dff4af95346f1fcf0abbf53c78274f86a4b89
5c89330e2abcf8d6ce4e0aa3ed13147c90e8998810e9b9d827d928982cf6210b

HTTP Headers

OPTIONS /api/beacon HTTP/1.1
Host: performance.radar.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-submit-token
Origin: https://oerdg.yncproof.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 23:35:14 GMT
content-type: application/json;charset=UTF-8
content-length: 15
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: *
timing-allow-origin: *
set-cookie: __cf_bm=Bpnc8NYlD8XO0OT7Vzv7_zAMlc.Gn44eTp1QOzQsHuk-1701992114-0-AQIDwfmx4uEG673G828ZtYGegFFGMNn5LRn+Uz8VYNCjahjTsiGUgPx0Pk3AYFuSMJgTVCQ9ucVobtfYpM6FhdM=; path=/; expires=Fri, 08-Dec-23 00:05:14 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 83209579cc84b50f-OSL
alt-svc: h3=":443"; ma=86400

performance.radar.cloudflare.com/api/beacon

104.18.30.78

200 OK

15 B

URL POST HTTP/3
performance.radar.cloudflare.com/api/beacon
IP
104.18.30.78:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerCloudflare, Inc.
Subjectradar.cloudflare.com
FingerprintEA:39:08:32:55:56:78:80:C7:B3:4A:AA:60:90:9C:BB:AE:11:E7:97
ValidityWed, 21 Jun 2023 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
0f0479874bf6f4a7281099b15df27c27
55a490e280d48996e564d00492437eb17faadd28
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

HTTP Headers

POST /api/beacon HTTP/1.1
Host: performance.radar.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
X-Submit-Token: 1701992109-3dc3779cb7a35200f81a51d5862369e0c50152286d8db6f58f4435263a7a6c33
Access-Control-Allow-Origin: *
Content-Length: 4709
Origin: https://oerdg.yncproof.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 23:35:14 GMT
content-type: application/json;charset=UTF-8
content-length: 15
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: *
timing-allow-origin: *
set-cookie: __cf_bm=bwLwMLw0fFFRn_48btR_Kc8CoI7NMQlufKNsv6s3zrU-1701992114-0-AUgsS90kTLRlUqVRq/BNyHl8+FCjIIiJeyn7a2RbD1hMYE4wRMOKv3uQTYnkB2j95B8mdmRCYmuQIWEynZTbDPs=; path=/; expires=Fri, 08-Dec-23 00:05:14 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 83209579fc9db50f-OSL
alt-svc: h3=":443"; ma=86400

performance.radar.cloudflare.com/beacon.js

104.18.30.78

200 OK

7.9 kB

URL GET HTTP/2
performance.radar.cloudflare.com/beacon.js
IP
104.18.30.78:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerCloudflare, Inc.
Subjectradar.cloudflare.com
FingerprintEA:39:08:32:55:56:78:80:C7:B3:4A:AA:60:90:9C:BB:AE:11:E7:97
ValidityWed, 21 Jun 2023 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (8290), with no line terminators
Size
7.9 kB (7902 bytes)
Hash
1b6e383051801edfdb199da108eb45a9
2826f55535378620e9b62ac4fc32c50913260bae
2f553988a97ae4ac030658d779174adc62f629b053cca139acb8a1ea8ea066e8

HTTP Headers

GET /beacon.js HTTP/1.1
Host: performance.radar.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 23:35:09 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, max-age=0
access-control-allow-headers: *
access-control-allow-methods: *
referrer-policy: no-referrer
timing-allow-origin: *
set-cookie: __cf_bm=h0rP6XSm6zk.55hBQCxR9h2p_TW5l5UM97M2lJE4RqQ-1701992109-0-AWn5I4sfca1MjCtSwAinB6XvRDMMJehP6IIEd4L3cWlMczwzkligWUsAZaY+JW4dIueS/4SCNDoG3bVEUp2i0lU=; path=/; expires=Fri, 08-Dec-23 00:05:09 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8320955eaf72b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ipv6-check-perf.radar.cloudflare.com/api/info?r=77379619

0.0.0.0

0 B

URL GET
ipv6-check-perf.radar.cloudflare.com/api/info?r=77379619
IP
0.0.0.0:0
ASN
#0

Requested by
https://oerdg.yncproof.top/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/info?r=77379619 HTTP/1.1
Host: ipv6-check-perf.radar.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oerdg.yncproof.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

oerdg.yncproof.top/favicon.ico

172.67.133.113

403 Forbidden

6.3 kB

URL GET HTTP/3
oerdg.yncproof.top/favicon.ico
IP
172.67.133.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectyncproof.top
Fingerprint25:92:8C:A8:06:A2:B4:92:71:AA:50:EC:12:B2:87:81:E1:2D:7F:CC
ValidityWed, 22 Nov 2023 08:15:30 GMT - Tue, 20 Feb 2024 08:15:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6585), with no line terminators
Size
6.3 kB (6282 bytes)
Hash
69022c5033740bef900c07b7b053bb42
9453fff5802af0fa769fe6c42b5419d7096e1e14
a94ebb92eba0d32ca6abc8b44ac0d030ab9d0d889c44339ebad0e1a6c7dd7979

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: oerdg.yncproof.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://oerdg.yncproof.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Thu, 07 Dec 2023 23:35:10 GMT
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlcIlKlXws1lgdniddGJ43jDKIcc5enGvd8ZxQT70qpGjJegyNpWgAid3YA9P3Ps0zhWCAKEMsypBtweuE1%2FBxmXkWcdxkFqdohwZq2q5HgIGq0YtwAd3z1aOeFvawJzu8V48ys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
cf-ray: 83209560befa568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ipv4-check-perf.radar.cloudflare.com/api/info?r=17487364

104.18.31.78

200 OK

176 B

URL GET HTTP/2
ipv4-check-perf.radar.cloudflare.com/api/info?r=17487364
IP
104.18.31.78:443
ASN
#13335 CLOUDFLARENET

Requested by
https://oerdg.yncproof.top/
Certificate
IssuerCloudflare, Inc.
Subjectradar.cloudflare.com
Fingerprint3D:B0:56:B4:4C:EA:83:F0:6D:E6:BA:3A:68:1E:CC:6A:13:18:15:42
ValidityWed, 21 Jun 2023 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
176 B (176 bytes)
Hash
1c0bb514fdd26d9159870f76fae208cb
306742741aca380f5ab4f69910e71ed220ab09ef
24eacc105941f5be1b2a50b747d3df02d5913979bccba4bc063aa0edb4b5d385

HTTP Headers

GET /api/info?r=17487364 HTTP/1.1
Host: ipv4-check-perf.radar.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://oerdg.yncproof.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 23:35:12 GMT
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: *
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
set-cookie: __cf_bm=fzsK3Vi6FspWTNVzzUYr_VFJ7vD2rLfu6UhvGQdp2wo-1701992112-0-AUSMwrjzwnjVV4eDjeOYPVpKMzV3QWm57elNZCQT7A5p+E214ED3sPdmCRjdRUV9YAzWWuwgXKrvbI8RfDQXC5I=; path=/; expires=Fri, 08-Dec-23 00:05:12 GMT; domain=.radar.cloudflare.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8320956c2cacb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN