Report - treesearchfeed.com/

Report Overview

Submitted URL
treesearchfeed.com/
IP
172.67.133.202
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 11:34:41
Access
public
Website Title
Top news of the week
Final URL
treesearchfeed.com/?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=ea4c858a-d373-41ac-b5d8-1681a8a3fad9
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
96

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
treesearchfeed.com	unknown	unknown	No data	No data	30 kB	1.2 MB	104.21.25.84
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	464 B	1.9 kB	142.250.74.170
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	2.1 kB	67 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed
2024-05-10	medium	treesearchfeed.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	treesearchfeed.com/	211 B	2024-04-18	2024-05-20
Pretty URL treesearchfeed.com/ IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 12:01:00 Last Seen2024-05-20 11:22:59 Times Seen20 Hash 41199997a46fc76ae3e761f61e460639 16f28bffa81696b5a3126af7d41be21ff9b51f3e bb65967ee7967a7a40fb2610c6f0f10dc5ec84edce493a265bd0c075c2a60383 Loading...

	treesearchfeed.com/_nuxt/CB5zW3WL.js	254 B	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/CB5zW3WL.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 13:34:47 Last Seen2024-05-10 13:34:47 Times Seen1 Hash 894ca901b09903ff6294b24e221b130b 047b7657398a4fc4c640f9c573f8838d5cf7ca52 c8336ef63b9a582aca170b45e97671288a208be3ec9925ded0572e018a28fa74 Loading...

	treesearchfeed.com/_nuxt/DjNHVq1e.js	351 B	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/DjNHVq1e.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 07:42:19 Last Seen2024-05-10 13:34:47 Times Seen2 Hash 77f410846e8ef323a17c346b68329474 5f999f8aa3a15285b635bb4781b69b74a8f16a2f 0713ca9b5a3426b83bbb9b211f44d8acfeebeb0130337390344828c12c20034f Loading...

	treesearchfeed.com/_nuxt/4cgf5GmW.js	5.0 kB	2024-05-07	2024-05-15
Pretty URL treesearchfeed.com/_nuxt/4cgf5GmW.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 17:41:19 Last Seen2024-05-15 17:27:03 Times Seen8 Hash 0d06ad27dc485c59fb9913b68bdbf8e7 4bab7bcdf5eef3f8a19f9ff21aae9bb5baaa2975 f3a22354412562130098a549819c3feb62154ad3cbc2f58fb19150fc044aefbd Loading...

	treesearchfeed.com/_nuxt/6sjIUscq.js	4.6 kB	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/6sjIUscq.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 13:34:48 Last Seen2024-05-10 13:34:48 Times Seen1 Hash 1792a3a87994ead5f490bb509776a9ba 46331778d83005790b78ef107b29b87d6a0f9788 6086b10d96c25445bf791bc4e325ad73a499832b4a05dca1aecac8d5b19b961e Loading...

	treesearchfeed.com/_nuxt/BHynzUYg.js	6.1 kB	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/BHynzUYg.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 13:34:48 Last Seen2024-05-10 13:34:48 Times Seen1 Hash fe4653cfe31a6c786c9cb6a480765748 de71f93ae79f10736b5cf9f9294e0502aa758014 2f3e518cb5e6196d80c56ee43b5478550571d23272736959702160c1811059ad Loading...

	treesearchfeed.com/_nuxt/CihRy5Wy.js	99 B	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/CihRy5Wy.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 13:34:48 Last Seen2024-05-10 13:34:48 Times Seen1 Hash 99771aacbb7ba325f7a1f663891d0aa7 828cac69435d012179acef48f5008b0f734da6e9 7df0c311662d029501ee567f85d915fdb3f9e05029a2abf674a155aec7b237d1 Loading...

	treesearchfeed.com/_nuxt/B1f91WGT.js	7.4 kB	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/B1f91WGT.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 07:42:19 Last Seen2024-05-10 13:34:48 Times Seen2 Hash 1f989df6e6a49c8897259c83020d0384 b7bc5e747817e2679a96ab87a926e278639248c1 207a54fe1bba34c3e28a22014433a4c0ae586e2054defd6f38f1064c9ed6b6ef Loading...

	treesearchfeed.com/_nuxt/eHFqZBlx.js	91 B	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/eHFqZBlx.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 07:42:19 Last Seen2024-05-10 13:34:48 Times Seen3 Hash f9f96993e30b1288a2481f25ecc24ae2 b110d32486051d12d55a55c73256b17e60906c27 fc291b6fc009fb5640b04eacb5c4f8bccaf67be668755b2922d82e6c1c6eb523 Loading...

	treesearchfeed.com/_nuxt/rKbWMgxR.js	653 B	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/rKbWMgxR.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 07:42:19 Last Seen2024-05-10 13:34:48 Times Seen2 Hash ef68d6176e4860c14bd25da81f826a0c 23a81d1dfaf5283fc9079963786297f0b12b4d4c 8e6fc291ebd7a5487d7c9a4d01bda38d4548e756566fa665d9f483a91d647b88 Loading...

	treesearchfeed.com/_nuxt/CW7FlOGr.js	425 B	2024-05-07	2024-05-16
Pretty URL treesearchfeed.com/_nuxt/CW7FlOGr.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-07 17:41:19 Last Seen2024-05-16 13:31:07 Times Seen5 Hash e4f4842600a353c2067682944d74c71a 68b321a1f7651f96284f8b4dd32ff709695bfb32 cc888179c753a9f6f608bc11e1dc062c4111f7086e66d95f0b9b35f6948e4e5f Loading...

	treesearchfeed.com/_nuxt/88JmnM-t.js	101 B	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/88JmnM-t.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 13:34:48 Last Seen2024-05-10 13:34:48 Times Seen1 Hash afc39e498ec8607cbe60e2dcc0bf1888 2027ae56331de423097f2d63fafbc3713755f819 bf4ce369689af9732f36e7b3706a3444847d353dbbfd870740c99ca4ba848fe1 Loading...

	treesearchfeed.com/_nuxt/D1NUN1is.js	102 B	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/D1NUN1is.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 13:34:48 Last Seen2024-05-10 13:34:48 Times Seen1 Hash 140039fc2fed734c87e4885fc8a73509 5e8d1def792d738f555294a09a4986b51ebdaa26 24bdd6d4b2384147b26072df29f614c0a1fe73a42f5b9b0e943972a4f8f7032b Loading...

	treesearchfeed.com/_nuxt/DuUW51AV.js	209 kB	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/DuUW51AV.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 13:34:48 Last Seen2024-05-10 13:34:48 Times Seen2 Hash 63270d66915ec30a142e4d1e98b2c99a 99d1ea3c1dad0843b870e74981fa60a1432ff215 db01729441a348aa309c9c39bad8bf4ae189b044cc3ccd53381b03c4d2f107e8 Loading...

	treesearchfeed.com/_nuxt/COdOu9HO.js	8.5 kB	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/COdOu9HO.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 13:34:48 Last Seen2024-05-10 13:34:48 Times Seen1 Hash 77a09ed32c75c136a22b373008317493 977c9c746d64fd02a13e2337f1a330854d2c848e 3a7d900e0a3c80a023fe4c32fc8470f24d8af622c554df4a30dd1572686bb569 Loading...

	treesearchfeed.com/_nuxt/BfKoDqhE.js	6.3 kB	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/BfKoDqhE.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 13:34:48 Last Seen2024-05-10 13:34:48 Times Seen1 Hash 611dd47b9d791533d51087bb3c44b667 3512cbd4166d8d0a12465236d6d73e9e6dfcc441 b1ac622e710148a3e26f173f2f5abde41927de10a0d60d499e4b651e070798bd Loading...

	treesearchfeed.com/_nuxt/CvTJRj1e.js	103 B	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/CvTJRj1e.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 13:34:48 Last Seen2024-05-10 13:34:48 Times Seen1 Hash 3adce2caf090a9364027241d1663b1fb adc0b58281857215f6d939c2ef2aec1381c3ce72 552e07ac593349c7997278dba248c7cfe7b214a5cb35b15a89c71503fbe89e69 Loading...

	treesearchfeed.com/_nuxt/DCz16NIu.js	2.9 kB	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/DCz16NIu.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 13:34:48 Last Seen2024-05-10 13:34:48 Times Seen1 Hash d2c972fb6c9ce3c06d02f225e2836181 4943e1dc818495a319781551c64f7bcbd5bc7242 dd9ac7141f074b324f9294b800f7fb0594157210e0bf6c73d926688f5782b1d9 Loading...

	treesearchfeed.com/_nuxt/BuIBZbKJ.js	263 B	2024-05-10	2024-05-10
Pretty URL treesearchfeed.com/_nuxt/BuIBZbKJ.js IP 104.21.25.84 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 13:34:48 Last Seen2024-05-10 13:34:48 Times Seen1 Hash 3de45a7ae06d5ff0f111327033229c03 e2d90d021bf0019f91b651f92131e140ab6f70aa 61c558005c939b7956063f1ae30687b6829297e088708ecd3a772916628623a3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1c94455068e27e9b58ef9eb661441c10	16 B	2024-04-18	2024-05-20
Pretty Observations First Seen2024-04-18 12:01:01 Last Seen2024-05-20 04:01:35 Times Seen5 Hash 1c94455068e27e9b58ef9eb661441c10 89a6ab95c4ea0bc22cc16e2874ccd1234824e3ef 1397687259c8c2d24d7a705bacf20d2271eacbb70b26f4ba3d572b2607adf2eb Loading...

HTTP Transactions (53)

URL IP Response Size

treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg

104.21.25.84

200 OK

50 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
50 kB (50282 bytes)
Hash
e75c3493c1cebcb7e13900b81b85a8a0
fd8f37f7d19cade85448a8f48ca69d5f3375d592
3bd3f444925bb2eca9714d3dbb6347df03910af3c0ec2dfd489eb0a8b9e76c9d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 50282
last-modified: Wed, 09 Nov 2022 10:32:04 GMT
etag: "636b81a4-c46a"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhOifLycaEOJFQV71Nfe5AZ7H3Ymd%2BEkuYFlnAAwv1qL8RE%2BF%2BsEaKkgChZjp9MxIXrBSTVFfkb5dnrMq4ExDi3IJRmEsYijoXEub0Blm8FrrlBY9NkvE%2BYS7WTKKiS0MgwtlsM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74fdb20afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp

104.21.25.84

200 OK

6.1 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.1 kB (6064 bytes)
Hash
d8e163aff7b938bc19d67ce4f8a7e948
b433e43df282df096ef1706895296f4d52542001
56f696d0a1aa8f113ecf3b8727f0282b2c035651f56fff90c3d33e848ea9a5c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/webp
content-length: 6064
last-modified: Thu, 16 Nov 2023 16:09:06 GMT
etag: "65563ea2-17b0"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ChaKMmjDHqPKrhbuvBK2GHgopMxX0VCZCAZ7iW6RFk7hqncTMQdFNNr0t5rpggAJOBlG%2F64eI3VxU3cSBgroWdw8cfbyyh8Ia4OtNqoTEPj4y09FiBOG9Mur2mwX1A8IbaEvAQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74eda60afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg

104.21.25.84

200 OK

41 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
41 kB (41383 bytes)
Hash
fdc453185fc49a46076a58975d775d34
de1cb1926958c2fb71f90e9ade279813832ee818
943a4746f0a7cc92dd62e4e5e0b6c137bf55744af18f438d3f706249021bc97a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 41383
last-modified: Wed, 09 Nov 2022 10:29:03 GMT
etag: "636b80ef-a1a7"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lBvvMroLhG%2FHc0k6mBIP0%2BORwuPQWeyT4eW5DbkZFrHVNB114mUSuG8rV%2BYwArNJmprheUD%2F3%2BsqduJKFLjo2RWo7%2BzmMB5VTTg47nE5pCG443wf7KEeRTv60AW7MVcnqQFtA5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74fdb30afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp

104.21.25.84

200 OK

30 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
30 kB (30410 bytes)
Hash
d4c7fdb2c0791086e522ae6e07d36e9e
54c5f49c465b10125b0f67d850a1c65ada62e0b2
bff6cb3aee9059bbe83a337fab3cbca5256a112d2cb43ca27028cf5065849975

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/webp
content-length: 30410
last-modified: Wed, 13 Mar 2024 10:54:40 GMT
etag: "65f185f0-76ca"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2BysW9GsI%2BLd3Yo8LNivUSxxCfnxBBnkxiPP0gwZHrMU0ndahQ%2B8XditSoz5FPwK0MYZjkdodOdo8u0rR6IQ40m7dBGSuBqm47OchSFNgF8mFnlgbtPkqYBMVCL9phVio6oWkwE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74eda30afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp

104.21.25.84

200 OK

12 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (11664 bytes)
Hash
1c6d201910df8df0eb3fcea8739007bb
52a6c44df68eff2c8c126799e3bece8ff6fa1913
41d821dee96ed747866d48785783bb3c6bbffd4b66415cf873231e38d98fcaa7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/webp
content-length: 11664
last-modified: Fri, 28 Jul 2023 10:44:06 GMT
etag: "64c39bf6-2d90"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5o63%2B7D0mel%2B1%2BifMxkht%2BhbGjdTFdr9%2FIU5d5zP04UZwVOdIsOsNbnkASXeEmcvE3ntc5via4c8X%2BzNEbxA35Hr7nDDF059A2sSRhvnbC8u9yMOWDnGXq7ggfTWpXf4leu%2BJAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74ed9f0afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/5531a5/c20ad4/658c00325c02d/0cd658c00325c040.webp

104.21.25.84

200 OK

12 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/5531a5/c20ad4/658c00325c02d/0cd658c00325c040.webp
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (11534 bytes)
Hash
cf8f4490d02d593d3858e04b5bf236a9
3fdef16980b9dbea34a59a56b3eb7ff2c0bf8d4f
7ccbb96cdb1b5679feca007c89093bfe26b9fa245cecb59baba93ca9a0ba3186

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/5531a5/c20ad4/658c00325c02d/0cd658c00325c040.webp HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/webp
content-length: 11534
last-modified: Wed, 27 Dec 2023 10:45:06 GMT
etag: "658c0032-2d0e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ax61zVtA%2FmCqH%2B400hzb1hUa2MGQ6DdYGfeFOh6%2BO1pRDVfAWhDQVUy2Q8Y24TXqsEoBQuSE8ETPIJkIHETFinPAFQUHG2jYXnfO6lQRhd%2FcbOWOgs2BCaaMuIo0jMZ7j9PmEuo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74eda50afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b77965cde4/35c636b77965cdf3.jpeg

104.21.25.84

200 OK

25 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b77965cde4/35c636b77965cdf3.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
25 kB (24975 bytes)
Hash
46efdcc121f9417d93a6def374a5a5d4
5d842f046630b14d1fdc9b1db89ccff380526cf5
90d53d41ac97337bf89a77457f6f7a7ef3ec41c50fd87dfb2607696f0fac1fbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b77965cde4/35c636b77965cdf3.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 24975
last-modified: Wed, 09 Nov 2022 09:49:10 GMT
etag: "636b7796-618f"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3GCWiXZ8mJ7TmnOJtQ0Wu8sHB5SLD7%2FulPs0NCWnlk5zR3maNCIPT03C%2FXWfU%2BNtfzQqQOKEtxTdjAdJgZe9qkBEiamWaDh%2FiPP4YclL%2BxaZN1l1SQKg1dJ5NuKAXLxSZWnY2j4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74fdb70afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp

104.21.25.84

200 OK

32 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
32 kB (32264 bytes)
Hash
d17d60a2e79ccae6e72bc68232617491
359fe3b61c3545948c56548c4bd775c1214388b6
4c30c33481e95187ec9f5413576058092ed9aa64549e6e2367c7c41e66f9d93f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/webp
content-length: 32264
last-modified: Fri, 15 Mar 2024 15:20:16 GMT
etag: "65f46730-7e08"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIPdxp0njQNsqr5C%2F%2Bi2fPgGccjZRcCKb48nMx65V4nIp12AIJJOH0WPx9MrYRzJpuYSab3tOVJUyB7CNQN3NH10Z0N%2Bh46k93f6XhP%2BKIAZMB5eNukB%2BYUa5%2FfvHPK4p6ud9Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74eda40afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg

104.21.25.84

200 OK

36 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
36 kB (35849 bytes)
Hash
a61e07058497be1291ed1540251054c1
46d533bd7665695ba14ae35299f7f1d18577a850
0c28d7ed71b2591ceeb4a98400545100fc53995fa56f4b284057604314634c6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 35849
last-modified: Wed, 09 Nov 2022 09:29:05 GMT
etag: "636b72e1-8c09"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gk%2BT4IJpwiV9EdcECpTjXPEW9xKSYhKNNZip28Zn2NdVV6LNXSpHNftVHnPijME8kR1LGUenR09wTlrf6OrenurGlPqNHGL6T5UyRv0GeTt7R5sI2GsdTUNng%2BbfYc3%2B3PGPlwQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74fdb90afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp

104.21.25.84

200 OK

25 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
25 kB (24686 bytes)
Hash
c4f03d67997708a24c6e5418b266db68
2ae0bc0b59199667c8d190bc50572f2b78d691bc
1526ba8494ffe3e261ad5950f07cdb189dab5da5660fd35c40c10d413ce06a5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/webp
content-length: 24686
last-modified: Wed, 13 Mar 2024 12:19:41 GMT
etag: "65f199dd-606e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BE%2FotPnTPoyKfUCLuMaf3DNWkx7Ysk4Hh0o5w1mxXo%2BbqKDCj60ORY6W7ACPOeBH9mRDrhUQtj5rJFparCDplJ7qK%2Bp1rPW6GSceys5KscQVnddnagqw5iKN4dTlaCas385ov4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74eda20afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg

104.21.25.84

200 OK

34 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
34 kB (34181 bytes)
Hash
edc0a1fc9de5536352d35075fe9ed449
56329bcb5c6b1ae7a6ee622b4a6b33d08dbcd89a
ce0b1f2feeaa809e4af0686bfb6b0b20e06c9f3718f762d2b38b8bb9ab64e670

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 34181
last-modified: Wed, 09 Nov 2022 09:43:05 GMT
etag: "636b7629-8585"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGAcWxTh0nFkJJr5e2JPuOyvPIFF64LUebs2q8WQSAwtijqc0r51KIQR2S01EbkvrVw3nYVxB2VqN7uSWhJqRBVAq1JcX75uEpt7%2FRcRP4iWF4%2FojRVXGY99OQZSXlbs28HCk7c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74fdb80afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg

104.21.25.84

200 OK

52 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
52 kB (52299 bytes)
Hash
eea3f35d627929a8e55ae6d284e7d63f
bd861c976319e7d4d9bbeec131062636396bf135
32dee5a9d35987b7dfa3ce7c9aab3d2edfcb7218de82e272d2ca4929430b90bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 52299
last-modified: Wed, 16 Nov 2022 16:17:05 GMT
etag: "63750d01-cc4b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7UChRHmJas223z5txkxgHeQ%2F8Aixw9xuAUvLawRA2TGukz7Bus2jEPR6hFcnta%2FMyH3bi0BpJxd5PRHGDyORA1WId1RoJGBBO8fo8W3a2GXKBrj%2BR9dJ9Q0NTnzbE2ND6RXe%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74edab0afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/6372492e7fb9b/d0b6372492e7fbab.jpeg

104.21.25.84

200 OK

75 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/6372492e7fb9b/d0b6372492e7fbab.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
75 kB (75374 bytes)
Hash
be5bf53a1705b73ef1861f9e16e3756f
972bae8cae607eb9f67dc1c70f5faf328b7e7de3
2a10f99f144643a6b9687d131275960261f0eb92c0c5b93377e683ec5bcde672

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/6372492e7fb9b/d0b6372492e7fbab.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 75374
last-modified: Mon, 14 Nov 2022 13:57:02 GMT
etag: "6372492e-1266e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8wEoigaJW3u8KKvBUEtO%2BFqgjl4KjZFNzQKOlh4%2BWR49fcJ168SP3Yu1FvMYtu0A8BFGkkLDzy4%2FJOglgCCeFjKvnQKL3f0WK52pVsf0NkiDlejtFVifPZ5eSXXzSPEmyMqsLQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74edac0afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg

104.21.25.84

200 OK

54 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
54 kB (54269 bytes)
Hash
cb023a9718909b62aab3877d49ff438a
d8cda96d27249b680ab9d33c6b0ee01647f0db54
e1e6878ad26b276a567d87b3ca38d103c09a0a624f494dafba0cc061fca17fdb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 54269
last-modified: Wed, 09 Nov 2022 10:39:04 GMT
etag: "636b8348-d3fd"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0fF9S8VxfD3v9HZOQp1zZ3CjipP%2B%2BmniI0cc%2B5eYL66rxfe7fKMWB01zNIOQm2Ym0WvW49LP%2FyoJPGdCi%2FSslpC6mgk6UtkdY%2BPCeiWmGdOJpPYVD%2FbhVnY2Xa6GTbvMKsACj%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74edae0afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg

104.21.25.84

200 OK

64 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
64 kB (64053 bytes)
Hash
dd6c17179d9a5dc32fa4dce0417575c9
6a46633f7fe6d4b4979352ce40a097fcbe1a5f05
32c0f2113456b78dbdd2de5cb4047d0a3e8a99e663482c671cbe6f9b78a39436

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 64053
last-modified: Wed, 09 Nov 2022 10:36:09 GMT
etag: "636b8299-fa35"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntkQSsEW5o7t3eRUq%2B7gTa2iAtGQ65mTyKxtqb6i2JjqP27ezVpPpE0THS4YCSneOvLpb54Dlj%2FylKGrw8SSHPJN3JXT1WPNdObWA1H0XdNM5wBiPzJRLmCOxixAa8z%2FbmFixrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74edb00afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg

104.21.25.84

200 OK

96 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
96 kB (95730 bytes)
Hash
9cf3a47a546fbd6e05a7f7261a869bd9
118659c1183d55e0d5d99055ad6c11e775ffa368
518c9ee67c5d7240953aab4767528df8d52e86b0a414ccf6824774cccf176ea3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 95730
last-modified: Wed, 09 Nov 2022 10:50:04 GMT
etag: "636b85dc-175f2"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6bRp%2FAkZIK2THk50Iv4ORTGaJxJ9u90sKzPru8XQe1DuuZzi4B2sQkKihzcE2PCY7W%2BKpIcKUfSBgHAJbpIuniy2zt4v8XXHbyXqu%2Bfe%2BbSeh%2FXC7w3a1dQGkt4EIutXCZQGWig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74edad0afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg

104.21.25.84

200 OK

86 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
86 kB (85521 bytes)
Hash
a570d4ef05b160b52b62dca43f2063b7
f3791c6a6462e78c5b3f8650ff9b4f0af5a3d2a2
d36307787c78da545446c2718062fc46c63539d89566ef0bce140a2ba5d4de19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 85521
last-modified: Wed, 09 Nov 2022 08:57:04 GMT
etag: "636b6b60-14e11"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EN7N3%2FP7b9n%2FDfGWTbIpEWK7oqWF%2BnnVMeHsWyBLvZUB2bBB6uiO51kAa0uDhcZcp5eZPSg5xMChw6jl%2BzXOEjqmuk54Y8mOn7F9%2FNdcgqKaFypdbC6wDDWoXM2z3Gk37ytE7lc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74fdc10afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg

104.21.25.84

200 OK

112 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
112 kB (111894 bytes)
Hash
30330bc3c2d0130854437011eb94302d
b089730191e5efa8db30b0b2bf5ddf47783f5853
85acbaf8f03c122e1a6421968dd56ca53ef5868523679ceb6ed66d2c50735cda

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 111894
last-modified: Tue, 08 Nov 2022 15:44:04 GMT
etag: "636a7944-1b516"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EYjztyCorH9y3QWbPrc6Ge%2FHjd4afQB%2F7Ww%2FsQPyh0cOVAyf3cUoPPDGXdD9%2BUNz7EAtWAe8nuLSCes%2Bo5HnsQLzSy2xjmE7XugIuFy6PVLG02Mxiz9Ncleh1by8cN5dRzaH3Wk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74fdc50afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b6d40cebde/d0b636b6d40cebef.jpeg

104.21.25.84

200 OK

95 kB

URL GET HTTP/3
treesearchfeed.com/.cdn/lna/3a8241/6512bd/636b6d40cebde/d0b636b6d40cebef.jpeg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
95 kB (95139 bytes)
Hash
2052c5d2445c2501edddd85f2afa4f1b
3fa6dbd2c7c207fba472a15b7a7491e43df86088
3cdcaf95da5bb6e930b574e99edf0e45a84ce710424a74f14a481cd3805e89c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b6d40cebde/d0b636b6d40cebef.jpeg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/jpeg
content-length: 95139
last-modified: Wed, 09 Nov 2022 09:05:04 GMT
etag: "636b6d40-173a3"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bfj11dm%2Fdo7zuNPcFHJb8nUJb8h%2FS5CtpQMRAKXFHXI%2FLwMl30gIUvIXzqde9sVa9YMVuHlAiJroOQFFdjYTUTQfeWrADs3mKkMl6m0ZgMiZ04Akp%2FUPbIoa%2BkGGuxKxXt6njrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88199e74fdc00afe-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

142.250.74.170

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1229 bytes)
Hash
5c5b94c1904b2d486725bb702a87a8bb
98c1a7669775c8d1398728cd45b77fc52e477bfc
452185a14ae7668da5f4b38d83e573b7b574cd09061d5cbe9f7687a7e79a814e

HTTP Headers

GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://treesearchfeed.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 11:34:14 GMT
date: Fri, 10 May 2024 11:34:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://treesearchfeed.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:03:54 GMT
expires: Fri, 09 May 2025 02:03:54 GMT
cache-control: public, max-age=31536000
age: 120620
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

treesearchfeed.com/_showcase/images/svg/icons/search.svg

104.21.25.84

200 OK

840 B

URL GET HTTP/3
treesearchfeed.com/_showcase/images/svg/icons/search.svg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
SVG Scalable Vector Graphics image
Size
840 B (840 bytes)
Hash
7049686d9ce18b77f977755e5ec41834
33d4be4753862920fb8c16fb8704e7a7d4e567d7
e34d0c8ca9705363627a5f8378fb1bff2a801380f2fecdb0c19f66655f82841f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/svg/icons/search.svg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"366-M9S+R1OGKSD7jBb7hwTnp9TlZ9c"
last-modified: Tue, 07 May 2024 13:36:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4475
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HY%2BbGcewPW2d%2FIji%2BgmpYRctODUwhWm9V1sq262n%2BTbjdTx9gZBa6JvhqAy4fVpYAz4DLU460J92h7QFHyjHSMbVhiQ6qX9p7Hv1eIqsfgpvsBDh8xuQLFpLbSc%2Fftuu%2FTpfiwE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e74dd8e0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/DuUW51AV.js

104.21.25.84

200 OK

82 kB

URL GET HTTP/3
treesearchfeed.com/_nuxt/DuUW51AV.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JavaScript source, ASCII text, with very long lines (50952)
Size
82 kB (82443 bytes)
Hash
63270d66915ec30a142e4d1e98b2c99a
99d1ea3c1dad0843b870e74981fa60a1432ff215
db01729441a348aa309c9c39bad8bf4ae189b044cc3ccd53381b03c4d2f107e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DuUW51AV.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=209836
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"333ac-3+UsP6S79xDtFX13u0q77Ub4m+o"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146566
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TIyyRr0ba3oN08eDMvT5VqD1Zpevm2WG1vZC8ke%2FYQ0df0a%2BVumZZP3B2aKoODmzBg%2Fo1DfLo3KIi00jwnHsc92T2DKItkhfEI%2BaAMyTenXuiQ4lvWDr1mlcPiuB660HnVpl2hI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e74dd8d0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15752, version 1.0
Size
16 kB (15752 bytes)
Hash
b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://treesearchfeed.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:03:55 GMT
expires: Fri, 09 May 2025 02:03:55 GMT
cache-control: public, max-age=31536000
age: 120620
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://treesearchfeed.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 525938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://treesearchfeed.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:00 GMT
expires: Fri, 09 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
age: 121155
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

treesearchfeed.com/

104.21.25.84

200 OK

7.3 kB

URL User Request GET HTTP/2
treesearchfeed.com/
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (32433)
Size
7.3 kB (7276 bytes)
Hash
007e4d745e1aa2e59116693ea9cf84a1
166539160e13c48942eb32232209f4c4d78b3e1d
fd26ed1f3a6e2d6577dc80d8f0c14adecc457d07b9051e7042ccc13719f80eb2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-expose-headers: *
set-cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; Path=/; Expires=Sat, 10 May 2025 11:34:14 GMT
trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; Path=/
visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; Path=/
-1653477772=1; Path=/; Expires=Sat, 10 May 2025 11:34:14 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bkn7R4Hldsz7pj8A1c%2BQqIyVU4W5UuVD6ZVcrOA4SheIRB6BHUHHf%2FT%2FydedMVfNt8wLMfgXn3Zw5nKuZaVKCNKsHnyZ6rJvSZK8U84VAfKNBKw0n5C5BbEVDJdam3ljiF3gM34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e71cdb156b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

treesearchfeed.com/_showcase/images/templates/rednews/favicon.png

104.21.25.84

200 OK

408 B

URL GET HTTP/3
treesearchfeed.com/_showcase/images/templates/rednews/favicon.png
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
PNG image data, 59 x 59, 4-bit colormap, non-interlaced
Size
408 B (408 bytes)
Hash
b4fddd4262d09275da6a0819c9595e4c
44adabf5be128e498fde7b3123dff0f44afad4e8
4d9907c300d9cbc19390bc76bb489d42a95bab6c8bf34097b3fc60fb4de1674b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/templates/rednews/favicon.png HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: image/png
content-length: 408
vary: Accept-Encoding
etag: "198-RK2r9b4SjkmP3nsxI9/w9Er61Og"
last-modified: Tue, 07 May 2024 13:36:12 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vz3G7ynAKyiklOq282bHCvaZTThe9NLbfdfRN2vvfTDnKNa9SVMSrP7oug9TV9it393bhzY3YCpaPTL67Nv3rg2PfMdh7%2FGAxx81YLzy6rsGg5Td1WmupP9ENsxPqViS1L%2B0Nvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e78180f0afe-OSL
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/4cgf5GmW.js

104.21.25.84

200 OK

10 kB

URL GET HTTP/3
treesearchfeed.com/_nuxt/4cgf5GmW.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JavaScript source, ASCII text, with very long lines (5046), with no line terminators
Size
10 kB (10078 bytes)
Hash
0d06ad27dc485c59fb9913b68bdbf8e7
4bab7bcdf5eef3f8a19f9ff21aae9bb5baaa2975
f3a22354412562130098a549819c3feb62154ad3cbc2f58fb19150fc044aefbd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/4cgf5GmW.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/6sjIUscq.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=5047
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"13b7-tFMcZseYEyDn7YBJJkkVPFfDX10"
last-modified: Tue, 07 May 2024 14:51:04 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 232640
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKDw7boi25OCwgcTT5emuBeCa7MomBZAYPmTWy6LICsa9ITaAV9R0E7%2FonmhYaH2JTBJN4TZ%2FOc3HIiwdaOvOhqXBIJL6o5tGUMS%2Flp3eKUulPia9%2BKKhxwOl%2BSM4LbvzRNIuiE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7cec510afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/BHynzUYg.js

104.21.25.84

200 OK

6.1 kB

URL GET HTTP/3
treesearchfeed.com/_nuxt/BHynzUYg.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with very long lines (6477), with no line terminators
Size
6.1 kB (6123 bytes)
Hash
a38ba9eb85b0498fe8bd73818c93e26f
1cbc444cc1899412ad477738fdb364ca037b7a9d
a9e8f9cc18f6e66766310ab615a31395f37d751b33100a501dbb3df727e85755

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/BHynzUYg.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/B1f91WGT.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=6124
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"17ec-c5GpZaRvVbNuKdPki7Ra+hWE7No"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49ptP13ApvXyfF2cVwudrA6jnGBOZ%2B227caQVIA%2BYGr82imkDuWME5OgIO5nBwbzmiM70G2lmjGIQiv2SixM8DGvtdtkppDQKj6T28Aa9MA%2BUnRu%2F4xeskQ1WoCWrLLcDmryUcA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7b9af60afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/CB5zW3WL.js

104.21.25.84

200 OK

254 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/CB5zW3WL.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with no line terminators
Size
254 B (254 bytes)
Hash
4647af1db42088d76222b3556f138bcb
0ddf016513d18b56102473276251b3c0c288d4f8
1e0c7938f4ae9672cb5cfee011ff55020ad4d59bac80d57cb4fee9e609b515b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/CB5zW3WL.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/DjNHVq1e.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=255
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"ff-A3hYsWmcEB6l5TK/f3uctjYitSU"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hPoj7Dgl4J6yJbaaahXQYacd%2BsbP9xu5EfzFOL2I53EyatJRcUMGt21g8YpSEtiu%2FE6k6a8oQmeZvOhWdQZ9FxdJp%2Bc91kT4tsMT8Pi8JxveR92VIGvxRbwjpsLw9gUScoFkSC0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7828210afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/6sjIUscq.js

104.21.25.84

200 OK

4.6 kB

URL GET HTTP/3
treesearchfeed.com/_nuxt/6sjIUscq.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with very long lines (4621), with no line terminators
Size
4.6 kB (4561 bytes)
Hash
ad9ab7df12b4177b6a5e59e63a3b71df
bd48758e1c0a4893613eaad7ace74ba934ba1d4f
55ba6804ead244e7cfbd24ab6d82a5722475cb1263ea1a2479ceeea90ed0da13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/6sjIUscq.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/B1f91WGT.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=4562
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"11d2-utR6U3xOxo1dKfPjA2lm5//g+i4"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTFvbISjKMfgpYqjpxw%2FjzTNKyYMEcExwVCFfFkC0B8lY3cyqWhg%2B4%2BXEonGJdZboSr%2BhLdALpW%2BsFsQDBMSTCvkO3sEIjJwhG0%2FOErxxYdZzXB%2BZBu9jwXQIhTz5OTmYjgv%2BZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7b8aee0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/app.BRr80QMN.css

104.21.25.84

200 OK

9.2 kB

URL GET HTTP/3
treesearchfeed.com/_nuxt/app.BRr80QMN.css
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with very long lines (9168), with no line terminators
Size
9.2 kB (9162 bytes)
Hash
9680b85d5c37fb24ad0833d359936183
7f8d2e9d4cbbae3356362c7b93eba296ab6f8b87
1c64d7d3f85be5af051a5494d8690e75f4be672d3b6cb1262927b41791165058

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/app.BRr80QMN.css HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=9185
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"23e1-S9CRAj2GzUpitXAx/mCKGRu4IA8"
last-modified: Tue, 07 May 2024 13:36:12 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 250006
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9484YiD5c4T5mCE6hoRKHcC1KTwn5EGwEnXW8kdPl15e3%2BHSbUV7hOuDJrEqpILk6baRTUczILGzYb1ZDMG4ji3WcROoamv%2FqVMtEvCEEJGuh%2Bk1gTiVCOc94R7H3KI9B4fvjRM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e74cd850afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/DjNHVq1e.js

104.21.25.84

200 OK

351 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/DjNHVq1e.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with very long lines (364), with no line terminators
Size
351 B (351 bytes)
Hash
55df19b4d4526c24b09ffb96486bc6b8
a019660901045f7c8504412a5b1d02a2fac316d3
483eacee61c2ee5d00e26bd8e98e7f91a1051915aa0d23e620309807c0292cf8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DjNHVq1e.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/DuUW51AV.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"15f-X5mfiqOhUoW2NbtHgbabdKjxai8"
last-modified: Wed, 08 May 2024 10:43:43 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jq%2BOF2gtazLNIsIQ4tcHY96mi8IOEXpasxsq5yxn65XAF3Q9amNF%2BmNtDRWYhfqj9F1ctyFkPBubbZs0NxWXzrEfKucLSk5UqYniPpV1l7scP2dTeRCQXux2b3uJIXbO5SvURW8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e773f690afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/B1f91WGT.js

104.21.25.84

200 OK

7.4 kB

URL GET HTTP/3
treesearchfeed.com/_nuxt/B1f91WGT.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with very long lines (7825), with no line terminators
Size
7.4 kB (7438 bytes)
Hash
b622bf9290142a614de628a11ca62925
4e736205b8e767d73ad6e2c4057ca2cdcc8825b5
13ae485d008fc3ce4bd1186541e146f2a0b486e604f2ac8206916cdf51df70f9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/B1f91WGT.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/COdOu9HO.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"1d0e-t7xedHgX4mealquHqSbieGOSSME"
last-modified: Wed, 08 May 2024 10:43:43 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJVCD6WzkmLh82SO7hJfAX26BaPFnj%2B9rapgT%2F1Gs0bS1SRdQ7oJD%2FqFM7HlGAJT30rPrX%2FTcn8Zcl%2F77F4gPa9zovhGtrDB%2FhMrUVaYZlY7eqzjkMrONgh%2FutkTQIv13qAddDg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7a9a320afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/CihRy5Wy.js

104.21.25.84

200 OK

99 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/CihRy5Wy.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with no line terminators
Size
99 B (99 bytes)
Hash
d4df274538c06e523de9c8a70b888340
8b3b1fb7ed2752dbca96eb69eb60ace8baf8059c
40936f48a6203ab70fc34bc3149cc8fb0ded0566bb2bf24ffe1246e569c6fbd2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/CihRy5Wy.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/B1f91WGT.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=100
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"64-7FOLv5daCXU/tMDIzFaVf2c/T6Y"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r4mITJXg2gLZW9k9uZ14yc5p7GOMd7TKA59jmj6Pc6Pyr09Wvh%2BhE7RWd94n9RlBsEo%2FOrFkM%2BN9nKVY9NASfyEpF%2Fij1aTtjaC3DEGZgXJimdfLZwFhKvbi5Gj0IZOe7KQCujc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7b9b070afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_showcase/images/templates/rednews/decorator-pattern-red.svg

104.21.25.84

200 OK

200 B

URL GET HTTP/3
treesearchfeed.com/_showcase/images/templates/rednews/decorator-pattern-red.svg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
SVG Scalable Vector Graphics image
Size
200 B (200 bytes)
Hash
6a3cbff720570e45c53bd80a29fbe352
5e8aa989659bb0f023cd175d14b2f68f647b8b94
abd686f959206c4f66f156d365bad2cb3302c14c71e0aa5c740effa44f18f26f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/templates/rednews/decorator-pattern-red.svg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://treesearchfeed.com/_nuxt/app.DJcOOQI7.css
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"c8-sm8X/N2nuTkPQ4/jQ3/0ghIXfEE"
last-modified: Tue, 07 May 2024 13:36:12 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sNTLYLFGaZwZFS7lVh56%2BTAdXB%2Bs9knwLHlW6NxgjZr2nALBbRDLzRpvLKagM%2FjQoKCq%2F6bnssT8KpkFNKOFLLSghHokao5cgVyp%2BUvWxQizZ1jlPbiLB1uQwsVm5Ok5IkJaTJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e770f4a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/CW7FlOGr.js

104.21.25.84

200 OK

425 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/CW7FlOGr.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with very long lines (427), with no line terminators
Size
425 B (425 bytes)
Hash
03cb917dc0b27897c083fe134804ab41
e67c30e528103f731d6c36e1efe1f1acc36a88b9
d6d2fea5f96638847a1d028931ad7e2ffce7a844c599b1231333cc8f3360cafb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/CW7FlOGr.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/B1f91WGT.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=426
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"1aa-dpWukmudReDAxhN+uEpatBOyTwY"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vCNXaLjof2Ox4oToBrkFZ66VCVDctAzmm0Jm%2FKjbLFAuLvD8mnVNdd%2FBxXeAl5Xjp8wt0usTp2v2cPJHNoTLS%2BZWIxOMItjuiFFNqQao7c3EMzUaID5HVMQwkx0zoYrZppwhnZ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7b8af30afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/Dla_mHHd.js

104.21.25.84

200 OK

257 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/Dla_mHHd.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
257 B (257 bytes)
Hash
cf862d9e900e2aba9245896493c21be8
a284f6e7aea38f7c8d6a08aaab07bced31edf9a6
9fc584030a84625c251bac104099858bf73cefb63d8ff5bdb60d70ec2217c690

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/Dla_mHHd.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=258
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"102-5zK9Yfwl83XnbDD66YyUWU4PwvM"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 156721
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GzfSi6rcfSC4nClG6XjbMYEPPHbrtIxTubyMveBedmSxfTKEku%2FFO9Y35VHvZQ9s%2BNYw7EtiMP8RdPM6NqXpmAprlLTzbPGvBg0ZzQaaT5Rg2MfgKVwbqXMs7RslVHWiGaTlwZU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e79491a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/rKbWMgxR.js

104.21.25.84

200 OK

653 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/rKbWMgxR.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with very long lines (672), with no line terminators
Size
653 B (653 bytes)
Hash
f4bfe94ae13788e99b2f2e8109d835bb
2e468611e75a913f63751ce531ffac0ff95299a4
48c0f29b225fcd2ef478c7a66e7234d61a3976b530385696e581659732f7bd06

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/rKbWMgxR.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/B1f91WGT.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"28d-I6gdHfr1KD/JB5ljeGKX8LErTUw"
last-modified: Wed, 08 May 2024 10:43:43 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PdNgWWmo5cO%2FYiWtnRYyGRf%2Fj6EXlMR0LaE9qnV5t0PUzjucT4aY6M8TLpLzBpLx0RCprXxnNAUoPlB580CD9FOkvo%2BqzY1D%2Br%2BloNiNna7W7b1wPU2K%2BKlTGBP7SEZ7RMoZvdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7b8aed0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/BfKoDqhE.js

104.21.25.84

200 OK

6.3 kB

URL GET HTTP/3
treesearchfeed.com/_nuxt/BfKoDqhE.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with very long lines (6419), with no line terminators
Size
6.3 kB (6301 bytes)
Hash
8b225e33362368c3c00fae71cf4e8785
fbefaf5127f58ee4334912447df9a9fc72f4a750
b37e13b76f80121ab4fbdfc2d8a5ecd7a2d01318991eb8a92cc3ac3e311e19fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/BfKoDqhE.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/B1f91WGT.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=6302
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"189e-VfZ1fFGIVX7AzA/I6xr3FS6iiYA"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hAixamOYLHiPo%2FyEu58X6bfedMZItDxDH8f6azoxTEW0LKCkvBOrbtMksD0vn%2Bw8GeXhOdKnVQPZDQDbPnL1FN9TkT9P78HqLVW9SOPYkDXDqsvLw2OiacJEBvH7v6I5iH%2BiC54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7b9af90afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/COdOu9HO.js

104.21.25.84

200 OK

8.5 kB

URL GET HTTP/3
treesearchfeed.com/_nuxt/COdOu9HO.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with very long lines (8759), with no line terminators
Size
8.5 kB (8453 bytes)
Hash
4ba310b70e9c266d7f1a2c585449b264
43f926890a67a308754c2ad8c8a463fa70d2e942
ddbef4f3daaca0c17a0ed5cd4b6106e4416de62ee86e258fb2400a3956db7fa3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/COdOu9HO.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/DjNHVq1e.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=8475
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"211b-/iop7cMQYRqwZsPbh+H41acj45w"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjqvF99xBwGr0tMAZnVktclgREFY6DCoLbG6NgdzxhHBB%2B5SYlfbJfrfsauRVpm1iC%2F8HdwVxSbXAgc0GQJ0bEF1zieTtcj7oiOvIkS69IRKDvHiNbFstQe3u7GmFIiKHDinuDs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e78281f0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/eHFqZBlx.js

104.21.25.84

200 OK

91 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/eHFqZBlx.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with no line terminators
Size
91 B (91 bytes)
Hash
2c2667b11704f712d23626cd8c3f493e
d814f99e2ad6c06ab673ff0263596ddb284b63fb
fba5dbf9e393f571c37b15a8034d9b35a42ca7e998c6d2b37ae07eadfd5536b2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/eHFqZBlx.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/DjNHVq1e.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"5b-sRDTJIYFHRLVWlXHMlaxfmCQbCc"
last-modified: Wed, 08 May 2024 10:43:43 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eVhn10PRbaYvm5%2BvWJG9Rq14TZaSNCg0cRRecN5XvkaSqGkeS2iElacLBkPeU9ndM10fHRf2CzzQM%2BCk0sJVMR%2BHs%2FFvy6o0mK0k829M41NLhFpxSHKpb%2BdnZoMuxFSrrRmvOyA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7828250afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/CvTJRj1e.js

104.21.25.84

200 OK

103 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/CvTJRj1e.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
fafa03645ee9077bf6a114c226a3d61c
de8ccbba5d6e8c7d012494fb121b232a3402174d
7ad686f6742d809294bb8c04e89531bbf8afaf321a3fcae484744d0e0368b4ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/CvTJRj1e.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/B1f91WGT.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=104
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"68-zPFEt0UdPSNM9U7v56x9p06R818"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FH%2FNp%2BTGa89x1Ke9e1gwv5uJFn147hSLYVmoAfDgqygU7nPOU2qdtEKsITVP9%2B9Utqsm7HQxvKjxMp781rNhdG9dsylYgpJphrRJBpi%2B3NKszmAzBSzx1g02D7y0MCOV6x7A7c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7b9b000afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/88JmnM-t.js

104.21.25.84

200 OK

101 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/88JmnM-t.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with no line terminators
Size
101 B (101 bytes)
Hash
f3215934df23d4906bcd9c6d2e194b08
e6af80849b11dd91e97744af12faf5a1aa628b27
ec6f1f21aa56b3448b37dbea7ee830d8a7e5cef2499bd7780608e5ca94e2f423

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/88JmnM-t.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/B1f91WGT.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=102
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"66-IzSCilmyecbWrC9s9hCEFINdszk"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jrIm4AQhuykT3Z151QAToeUKpgMTaEJoDUuSj2LwOqTc2r3%2BQUlxiN5KH%2FLYY1ttV5YjjVytYHizQgzPMH0u%2F2SHTJJBTiatjjlufhFfXCuQ0JwAPlxhXfh37rh7P3m6b6iAYw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7b9afd0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/DCz16NIu.js

104.21.25.84

200 OK

2.9 kB

URL GET HTTP/3
treesearchfeed.com/_nuxt/DCz16NIu.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with very long lines (2989), with no line terminators
Size
2.9 kB (2929 bytes)
Hash
1abe227432024b195a37dd12231d9da8
85e8219e39cd614ace60f6b71cdd44bdf8b75812
4541f07d32b7bbe48cf3040725b3d4879fa486df679a5abed0e7e371b2859798

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DCz16NIu.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/B1f91WGT.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=2930
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"b72-eIaphB8TrlpUL/j/kltCEHFeDVA"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lalY5ihF6rDs22O%2BEzrWQHDYliNLS32yTyxHTXEne0T2D23KjhgENy9tW%2B7Bf56kJ%2BON%2Fy4wY6LjSkRyovX0Ggl2dax8jO73FRU%2FOqFhTMeuxl6wh2syUcd3p7YoWurFG1cnIyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7b9b020afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/D1NUN1is.js

104.21.25.84

200 OK

102 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/D1NUN1is.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
bb3c2b7680598517ce54776c8d4be2b4
3ca6271d7a9b3bbc6770c7b87a426cd93c6bbf0e
b25a87c53fb998dccf5be3958ee0a701056fc142f28467aa4fa6a6e078d5453d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/D1NUN1is.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/B1f91WGT.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=103
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"67-5tyZA5GIOVHbptntUBShr/PvYYc"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ChMJyb019ogw819KTzhNbaZRfTNNNwF1kdAikuq7SUNmisSVAq5u%2Fbm3gaVaZ%2FOLzfJSP2JM7aWqm8%2BpY0obuQzmLAT73qbgQLTe%2BTBVEEvACeTs8mSO9TBzXy2D8BiLr97kBRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7bab0f0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/builds/meta/80042591-495e-423a-9aa1-0b1982433516.json

104.21.25.84

200 OK

139 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/builds/meta/80042591-495e-423a-9aa1-0b1982433516.json
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
1e7a4647a0889861b6902de9f9bf5421
81dc7d53cbe0741882bf36f31bb84b363c6b0617
59652ac68dc668d59660b18d0bcd1763247f21d48c22c2497607c023f2373cbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/builds/meta/80042591-495e-423a-9aa1-0b1982433516.json HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: application/json
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"8b-aQanbphB8589l7TKXuFzWMN7Ihg"
last-modified: Wed, 08 May 2024 10:43:43 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4R5Y4b24KVqkChDhk98stCFM1x3UmOWpTQSfJLkwzaHbe6zNbkvNyNKMg1o4rpR7NjqjfsjVw%2BoZBrFxTEUECVcCfmPVgX2kNt437oonzIbiFx2oMQyszMu08eqe%2BqF5Ub%2BkNZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e79994a0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/app.DJcOOQI7.css

104.21.25.84

200 OK

93 kB

URL GET HTTP/3
treesearchfeed.com/_nuxt/app.DJcOOQI7.css
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type

Size
93 kB (93107 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/app.DJcOOQI7.css HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=93200
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"16c10-xRJy7y2hcOUkrygYzy2+CPylfIE"
last-modified: Tue, 07 May 2024 13:36:12 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 250006
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tOD4hFpWvVUWK6zFWSoCrJHjlpVIDfx8QqfL5k1g8doaibiJgbFs7zKlHqwsqp2xcMcaU9Y5qJD0etA9BCjNbB01YRNbYL6wj6AaAvKB%2FyumN5caR4o5FklxVgUXRXObn3QqLoQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e74cd8b0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_showcase/images/svg/icons/calendar.svg

104.21.25.84

200 OK

3.0 kB

URL GET HTTP/3
treesearchfeed.com/_showcase/images/svg/icons/calendar.svg
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
SVG Scalable Vector Graphics image
Size
3.0 kB (3039 bytes)
Hash
6612c5644ad96add55a77120b2c98e3b
061d7a3df4e1c48a3dad50391c8decea4209d334
3b9f1c2530581caaaf22b17fe6c29b04092d7bbd7eff1d8c2e97fe90039bc10f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/svg/icons/calendar.svg HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"bdf-Dr5CJovDuUS0Dw6XTkrx0wX8aPo"
last-modified: Tue, 07 May 2024 13:36:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 4446
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eAN1r5AsAUfL2DqTbO8BGmmXFjMPF8vDa3G2yAlmUqYIRv8dmvX1NSEwwkx%2FntenIzBmwbCW9oEKzYNRXCP5EUbybvvuIpqldZ8bx2XaRBw1kqkPJlUKQKFTwcCfqPlS%2Bp1UZWU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e74eda10afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/entry.BC6_636c.css

104.21.25.84

200 OK

139 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/entry.BC6_636c.css
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
aac4597ce2707133efbfe34c24075e90
e8101a643422a1359173c7a761cfd7ce089c2699
53b997aa6999d4060b16d5eede296c07f1d51770412184125b33ed9407e090ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/entry.BC6_636c.css HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:14 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=140
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"8c-M4FJxkKyMRmtARLRgJKFCgKaN54"
last-modified: Tue, 07 May 2024 13:36:12 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 250009
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Ds7xJU1KaLMDYAlGlUM05K%2FYBf4pYOVnVVsHEZqswgGOmQXKI%2F0W0qsrMukTXiVGIk6ZlyQY6PS%2BPwEvJ0Q4XGWAKDlhfK7CJE322ap7dAzHfGM%2B5zgx4T22JEFEfhoGWLpkcQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e74cd830afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=ea4c858a-d373-41ac-b5d8-1681a8a3fad9

104.21.25.84

200 OK

396 B

URL POST HTTP/3
treesearchfeed.com/.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=ea4c858a-d373-41ac-b5d8-1681a8a3fad9
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (405), with no line terminators
Size
396 B (396 bytes)
Hash
8d1af24e86a7fa67464e054be17924f2
a21585ec46c1c4b82570539eb36b70268f03eb68
6259ac649a546655b894180369e0600101d39cae49ba244dcfc825621d9cd864

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=ea4c858a-d373-41ac-b5d8-1681a8a3fad9 HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 680
Origin: https://treesearchfeed.com
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlXdl5dj99l1nE4MNDvU3nhWD0bUsQZWg3oAVbvtBLyJFX76rB624D3qqerOtDDElMpxTcwgHNc%2BwUpdNMoPcg8w51%2BhjTf2HeLf%2F9gBM%2B8HH%2FkMbThc8xZ1YpbUmrN9TsNQZmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7cbc240afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

treesearchfeed.com/_nuxt/BuIBZbKJ.js

104.21.25.84

200 OK

263 B

URL GET HTTP/3
treesearchfeed.com/_nuxt/BuIBZbKJ.js
IP
104.21.25.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://treesearchfeed.com/
Certificate
IssuerGoogle Trust Services LLC
Subjecttreesearchfeed.com
FingerprintB9:2D:11:CF:07:D2:5F:65:61:2E:A7:5D:05:5B:54:C3:44:8D:F7:09
ValidityTue, 07 May 2024 12:47:40 GMT - Mon, 05 Aug 2024 12:47:39 GMT

File type
ASCII text, with no line terminators
Size
263 B (263 bytes)
Hash
dfd290529ee8f0e869524a222c49096a
8e067ba6b7dbefd5c0583630d88b94bdad39f744
ea23c9e68b70a6d5b3be80f1ce65c92b9e7c0bb65b796c658e70646f63950e4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/BuIBZbKJ.js HTTP/1.1
Host: treesearchfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://treesearchfeed.com/_nuxt/B1f91WGT.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ea4c858a-d373-41ac-b5d8-1681a8a3fad9; trek_uuid=1131f2d2-8439-4b6c-8309-c3b5b042e9d7; visit_uuid=ee08543d-5e1c-4435-bc0d-9906136118f0; -1653477772=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 11:34:15 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=264
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-origin: *
access-control-expose-headers: *
etag: W/"108-FjqwgvqzySQADu/BZifsQ4qOAG8"
last-modified: Wed, 08 May 2024 10:43:43 GMT
vary: Accept-Encoding
x-dns-prefetch-control: on
cf-cache-status: HIT
age: 146567
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NcLbSzmZSMOGVEfszMX7ILCOP88zIswirH8daomCTgzr%2B3kMCaJSnuK%2B1W2YjKhC4q5tumjrTE9GRB%2FQEgg6S%2FlF7FO8Ky%2BfqTML1VolQIbwkMnOjqACgreec6RxQbeBp%2FwEPfo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88199e7bab100afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML