Report - getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK

Report Overview

Visited public
2024-09-10 08:54:20
Tags
URL
getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
Finishing URL
getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
IP / ASN
104.21.93.27
#13335 CLOUDFLARENET
Title
SOLARA

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-09 18:12:09	1.3 kB	3.5 kB	23.36.76.226
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-09 18:12:09	654 B	1.8 kB	23.36.76.226
getsolara.dev	unknown	unknown	No data	No data	4.2 kB	318 kB	104.21.93.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-09-10	medium	getsolara.dev	Sinkholed
2024-09-10	medium	getsolara.dev	Sinkholed
2024-09-10	medium	getsolara.dev	Sinkholed
2024-09-10	medium	getsolara.dev	Sinkholed
2024-09-10	medium	getsolara.dev	Sinkholed
2024-09-10	medium	getsolara.dev	Sinkholed
2024-09-10	medium	getsolara.dev	Sinkholed
2024-09-10	medium	getsolara.dev	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	From	Size	First Seen	Last Seen
	unknown	Function	20 kB	2024-06-25	2025-04-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-06-25 04:10 Last Seen2025-04-20 16:32 Times Seen151 Hash 89b6b9fb9f27f32c074cfeadec68f93f 58fb8e68596b18235f4c14ba26f132ee30c16960 5d92815756cdbe573e8ea9476e52eca4fd29f320f2c110687f8d002f3b3cd324 Loading...

	unknown	ScriptElement	8.0 kB	2024-08-22	2024-10-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-22 19:27 Last Seen2024-10-16 02:25 Times Seen11 Hash 53134eecb21f62f29231ce6f388383b1 e4e249f422348e2c6cbef29a03201408aacb84ae f9fff97e99720cd7db3a4714bbccaa7419edd85e978cd689c9e0b15ef92aa9b1 Loading...

	unknown	Function	3.3 kB	2024-08-22	2024-11-22
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-22 19:27 Last Seen2024-11-22 13:42 Times Seen12 Hash 153b3040d0da1c5b2fc3e63ab17e9917 5f083213f1ee9372d933bf0cef85ea9581f02a2c 4062f4cd943010641ba86c8c491824e30a5eda6d589f3c27bef93da13dee6e11 Loading...

	unknown	Function	177 B	2024-06-25	2025-04-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-06-25 04:10 Last Seen2025-04-20 16:32 Times Seen151 Hash bb3840c6cb2942a4e86efe1bf32312c5 4f7a18fed45a0d808ca436d585f65dc5cd5b1b34 4f308227c13be6dcd915638f0facff6b792dbc6456c27bcf327052405139f147 Loading...

	unknown	Function	2.3 kB	2024-07-06	2025-04-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-07-06 10:34 Last Seen2025-04-20 16:32 Times Seen127 Hash 368deb2ef8354f8cc6101c325df8d57c fe4679ebe627c9878ecf7f600d47b5368da4e301 383e6daab1c31f4d6aa42ebb7b770e35c32058b2720b8cbb23d5a098f21259a0 Loading...

	unknown	Function	32 kB	2024-08-22	2024-09-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-22 19:27 Last Seen2024-09-19 22:20 Times Seen8 Hash 96c14147656dd9ad61ee6dd112a95712 41d0b1265b46d97a9dd8f5448773836d890ef58f df4f850c3ea55c3901809c200da8e1c78a221b1f8038f2ce9bc84d00e1093015 Loading...

	unknown	Function	127 B	2024-06-25	2025-04-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-06-25 04:10 Last Seen2025-04-20 16:32 Times Seen151 Hash fe1de8a0241de6a83489ed57793a4d13 0fac88d8f55a29872e934964316b92628c58e45e 66f2661e13eb2367122055cf19f670b16bf9ee0f93899317ce096f0dd8edfaa6 Loading...

	unknown	Function	136 B	2024-06-25	2025-04-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-06-25 04:10 Last Seen2025-04-20 16:32 Times Seen141 Hash 4fa73a12b0460db0b9479fea0dfc9d29 0c9f3b7ed12a16e140d069034c5cdf7ba45f6007 a44580f9f8f18eda07c247f607881689e14ca9b7ca2c0675427dce37f1f02ec0 Loading...

	unknown	Function	2.5 kB	2024-08-22	2024-11-22
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-22 19:27 Last Seen2024-11-22 13:42 Times Seen12 Hash 91a268e2a77d9bf8f7e66ca2dc9272af f8eae276abfe6bf4a52883c8bc68b24879d07317 b7fa70639fa1eb941459c3b8cf459eecec65a784fee60da44e3295a04ae73535 Loading...

	unknown	Function	117 B	2024-06-25	2025-04-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-06-25 04:10 Last Seen2025-04-20 16:32 Times Seen151 Hash ff29f69eafdb109537d063259bc75e2e 37cb687b5e0931c776d4b4953e2132196d688d6e 1df93ced0dcd071d4431531f04d9b82dbf93289e71fb5bd9247158b8cf9edc8a Loading...

	unknown	Function	19 kB	2024-06-25	2025-04-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-06-25 04:10 Last Seen2025-04-20 16:32 Times Seen151 Hash 121f3fb2248dbef44f94a055e3d3dd34 0100125332817208061e863cf26a122019b7dceb 58b32d4a87b7e08900b6f7cbfd29a4d2f445ea5e59781b6ea3d2bf72af305dd7 Loading...

	unknown	ScriptElement	3.5 kB	2024-08-22	2024-09-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-22 19:27 Last Seen2024-09-19 22:20 Times Seen8 Hash e720c6844c5f42d469c1092ea835420a cfc1cfc4c1fc9381fb25bd5ce6a2614315a1cea3 caf0d3148a0c1c5619361342dad35772e7fd38b88e32069f879f95c5db056e71 Loading...

	unknown	ScriptElement	3.1 kB	2024-08-22	2024-10-16
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-22 19:27 Last Seen2024-10-16 02:25 Times Seen11 Hash 12a46b53bb091472ca4e1436f0282995 585a62ccf2020528faf06e96d90b818419abbaf2 3e5af7a50b4c7ed05f2e74756a7cc49273c8559224019b9b21cd7a834add45f9 Loading...

	unknown	Function	916 B	2024-08-22	2024-11-22
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-22 19:27 Last Seen2024-11-22 13:42 Times Seen12 Hash bdff171dd34a7c7248249c27af0ccdee 70692cf5922b7ad6d4b420ec8b593c01cf9df370 d8c1230f82350af9e42d7691b898ea959c495ae4dd829cad6b46ff8ef3d0b36b Loading...

	getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK	ScriptElement	60 kB	2024-08-22	2024-09-19
Pretty URL getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK IP 104.21.93.27 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-22 19:27 Last Seen2024-09-19 22:20 Times Seen8 Hash 54c80fa3a0c436b54a4b557692138697 1dbbbc79bd21f6bc577cb5a0135a4c5a100741d6 d1f8e3665540b666abf2ce1f1b6f5f99248ea796cb65fcaa2a1a4d8f5cc7f293 Loading...

	unknown	Function	18 kB	2024-06-25	2025-04-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-06-25 04:10 Last Seen2025-04-20 16:32 Times Seen151 Hash 38d60c0dccb1f74817dd196c787ac34c dde93f945b48d9074c035eb60db4a61924c925c7 94fbc07ca09aadd2f00ac58ddb2db574e28f2b3e39dd17ead56a8b8880982653 Loading...

	unknown	Function	142 B	2024-06-25	2025-04-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-06-25 04:10 Last Seen2025-04-20 16:32 Times Seen151 Hash 856af898c4fa6bdf9eaff72a906ba852 cfce1272f874c45d35b566d78898f2de198b37dd a50d4c8690531dda82905e32b83dd841b3761d2ddacf921663f49203d75b5f57 Loading...

	unknown	Function	3.2 kB	2024-08-01	2025-04-15
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-01 14:52 Last Seen2025-04-15 22:57 Times Seen26 Hash 9f4c5ebb8bd7610d1dc497d2dff508ad 09dcea51bcde8b3a27e91d013c1a640989a348b3 579169f9dab05df36ad85cef9afc0f9f661bf5577aeb0025da0b4eed6ee6e05a Loading...

	unknown	Function	58 kB	2024-08-22	2024-09-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-22 19:27 Last Seen2024-09-19 22:20 Times Seen8 Hash 7efaa390f146ea081b27431323b70f92 3f0743fa45d8786790441d2197d9ca92c3aaa49d add586ea67ee6890305886e6fbc6342ec78bff7d087b74633810fbfa4f076d93 Loading...

	unknown	Function	126 B	2024-06-25	2025-04-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-06-25 04:10 Last Seen2025-04-20 16:32 Times Seen141 Hash 654336bcbf571a64bdaff344b91f8b69 655b754d71aa7bf2ae2b7da8e889d40bbb49fa2e 4b178a424d946f9c449a49893fd47f0b603beeb8843d26e024e8d506f80356d6 Loading...

	unknown	Function	292 B	2024-09-19	2024-09-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-09-19 21:30 Last Seen2024-09-19 21:30 Times Seen1 Hash cbb934177b473a773b0a56fe943b4fb0 3379985eaad9605e06433469f237e4272973eade af5d055029e204a88e91c4c78a8dcbb25f3aa76ea24c1e47e48cab3c904509ca Loading...

	unknown	Function	916 B	2024-08-22	2024-11-22
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-22 19:27 Last Seen2024-11-22 13:42 Times Seen12 Hash 538eb5be81900e57ebcae1bab7a47b5c ae8d034070a621ba0452d26508351f80f7fbe1c9 4c52132e09ce280ded6cd0ec87819467d285076203d1b9eed2dd4f524a6b448b Loading...

		Size	First Seen	Last Seen
	#1 Write - f2eb54c7f006bc1ffcd8f08f7af4efe9	16 kB	2024-08-22 19:27	2025-01-06 03:04
Pretty Observations First Seen2024-08-22 19:27 Last Seen2025-01-06 03:04 Times Seen12 Hash f2eb54c7f006bc1ffcd8f08f7af4efe9 0ac38093af1e2ab5644289e89b911b4155d2077a 11bc8dd9821fb3369d1a2d4501eedc583f72ab6a5066ff8fd9ebde00c579c6e2 Loading...

HTTP Transactions (14)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
85b35ef8e54cfd751670f6a6d56541bd
162e94ccf2a785ea99c41f45c3a76815a2f8ae5f
3f59c24a6538550f52a4c9b39d9f57b023c9d44d50a846e742b763f74dfc179d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3F59C24A6538550F52A4C9B39D9F57B023C9D44D50A846E742B763F74DFC179D"
Last-Modified: Sun, 08 Sep 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7710
Expires: Tue, 10 Sep 2024 11:02:24 GMT
Date: Tue, 10 Sep 2024 08:53:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6bd7ab339c70a2fbeee4c8c0acd11d01
d73d3395447b2a06e32c1e3efb673107259de9d2
fdfd7bc2cf6ecc38fb1098f0fdb33cc28a034bb850556c8be63823f4c4718be2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "FDFD7BC2CF6ECC38FB1098F0FDB33CC28A034BB850556C8BE63823F4C4718BE2"
Last-Modified: Tue, 10 Sep 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6101
Expires: Tue, 10 Sep 2024 10:35:35 GMT
Date: Tue, 10 Sep 2024 08:53:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
1c3c41e281d3e8bb44af37305931c141
edce6dc7a98423c1590cb07c2e97c61d0e6f396a
31a5b430ff645a4e9dbc799159c6f2154bab3cfcabed690d1074b3b1726db99f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "31A5B430FF645A4E9DBC799159C6F2154BAB3CFCABED690D1074B3B1726DB99F"
Last-Modified: Tue, 10 Sep 2024 02:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13951
Expires: Tue, 10 Sep 2024 12:46:25 GMT
Date: Tue, 10 Sep 2024 08:53:54 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
49e3d04c2eb4d704e7e7c90e2dc519c0
33f04bc1c596585870c7b00e24bf9bef4d01dc8e
1a381b926d3ed1420dc33ec68eb8ff332a94ff175191a0564c07552b80c7a3d7

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1A381B926D3ED1420DC33EC68EB8FF332A94FF175191A0564C07552B80C7A3D7"
Last-Modified: Tue, 10 Sep 2024 02:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2238
Expires: Tue, 10 Sep 2024 09:31:12 GMT
Date: Tue, 10 Sep 2024 08:53:54 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9166ec047d1a1a5f81e7d3837eabbc9a
7ed1e5b331a854776d5c422d2ded1329b74c7044
63274b199d0425d6b2283c6a23df2ab604b62be6614d18b74decff86727eb1ca

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "63274B199D0425D6B2283C6A23DF2AB604B62BE6614D18B74DECFF86727EB1CA"
Last-Modified: Tue, 10 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7045
Expires: Tue, 10 Sep 2024 10:51:21 GMT
Date: Tue, 10 Sep 2024 08:53:56 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
9166ec047d1a1a5f81e7d3837eabbc9a
7ed1e5b331a854776d5c422d2ded1329b74c7044
63274b199d0425d6b2283c6a23df2ab604b62be6614d18b74decff86727eb1ca

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "63274B199D0425D6B2283C6A23DF2AB604B62BE6614D18B74DECFF86727EB1CA"
Last-Modified: Tue, 10 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7045
Expires: Tue, 10 Sep 2024 10:51:21 GMT
Date: Tue, 10 Sep 2024 08:53:56 GMT
Connection: keep-alive

getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/icon.ico

104.21.93.27

200 OK

44 kB

URL GET HTTP/3
getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/icon.ico
IP
104.21.93.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
Certificate
IssuerGoogle Trust Services
Subjectgetsolara.dev
Fingerprint26:50:57:32:6A:D7:C1:89:08:DF:DE:19:98:61:7B:F3:85:D2:54:56
ValidityThu, 08 Aug 2024 01:59:02 GMT - Wed, 06 Nov 2024 01:59:01 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (59743), with no line terminators
Size
44 kB (43461 bytes)
Hash
f79d7b2e81acbcdb5253090393d198e3
633145cf2a36e70a9e663588ff968b57d8a73cc0
90056965adfe9c63aa2252d2987c02cb80bb5eb4e73606574d90dbb4e7fa5584

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/endpoint.jsonChttps:/pastebin.com/raw/icon.ico HTTP/1.1
Host: getsolara.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 10 Sep 2024 08:53:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Qybw6%2F%2Bws6k52%2BWjxoiX0UqA%2BUcsD2eTSqlf7m88k3QKGp6eV9EgLP5ndow4fSHAQ0OQU3tXROoyHpUO11fZBw0HG5MpLPHhJC56HxxOeWT4g%2BB%2BzxyV%2BGEotlq4Kv5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 10 Sep 2024 08:53:55 GMT
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8c0e30bcaac262ff-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/images/image.png

104.21.93.27

200 OK

40 kB

URL GET HTTP/3
getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/images/image.png
IP
104.21.93.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
Certificate
IssuerGoogle Trust Services
Subjectgetsolara.dev
Fingerprint26:50:57:32:6A:D7:C1:89:08:DF:DE:19:98:61:7B:F3:85:D2:54:56
ValidityThu, 08 Aug 2024 01:59:02 GMT - Wed, 06 Nov 2024 01:59:01 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (59743), with no line terminators
Size
40 kB (39931 bytes)
Hash
f79d7b2e81acbcdb5253090393d198e3
633145cf2a36e70a9e663588ff968b57d8a73cc0
90056965adfe9c63aa2252d2987c02cb80bb5eb4e73606574d90dbb4e7fa5584

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/endpoint.jsonChttps:/pastebin.com/raw/images/image.png HTTP/1.1
Host: getsolara.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 10 Sep 2024 08:53:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6mpkemIALlfk1N4fGUCHKa1wIZRqgz%2BxtKJzOotOv%2BLYj5AVA8UqkYm%2BT0DGkhaHUHyNScuv9qDaZlloTnbS04TKpghOHOHP81T2%2F3La6Qje4IhJiMousuSGZ%2FxZHfj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 10 Sep 2024 08:53:55 GMT
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8c0e30bbb9a462ff-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/images/download.png

104.21.93.27

200 OK

21 kB

URL GET HTTP/3
getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/images/download.png
IP
104.21.93.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
Certificate
IssuerGoogle Trust Services
Subjectgetsolara.dev
Fingerprint26:50:57:32:6A:D7:C1:89:08:DF:DE:19:98:61:7B:F3:85:D2:54:56
ValidityThu, 08 Aug 2024 01:59:02 GMT - Wed, 06 Nov 2024 01:59:01 GMT

File type

Size
21 kB (21013 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/endpoint.jsonChttps:/pastebin.com/raw/images/download.png HTTP/1.1
Host: getsolara.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Sep 2024 08:53:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rf%2Bb%2B6iDOigM056gKA5e54tAeOkXXxruo%2FGJPU41kIOXlQ%2BCxfNfSSVXVnRoHf6lCacCHj9ZLy3AVggFdSxcbbO88%2B897yHIkQdepclX0XKeOsZIgpspdKrOIxDZIMjU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 10 Sep 2024 08:53:55 GMT
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8c0e30bbb9ab62ff-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/images/discord.png

104.21.93.27

200 OK

28 kB

URL GET HTTP/3
getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/images/discord.png
IP
104.21.93.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
Certificate
IssuerGoogle Trust Services
Subjectgetsolara.dev
Fingerprint26:50:57:32:6A:D7:C1:89:08:DF:DE:19:98:61:7B:F3:85:D2:54:56
ValidityThu, 08 Aug 2024 01:59:02 GMT - Wed, 06 Nov 2024 01:59:01 GMT

File type

Size
28 kB (27889 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/endpoint.jsonChttps:/pastebin.com/raw/images/discord.png HTTP/1.1
Host: getsolara.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Sep 2024 08:53:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDAPE6dwcb7U%2BXiBF%2BYl7ct%2F2p8YIn6MXSVudZOyPmhqWmAXCTz6QK4YczRIdC4yo1v3cCHke9lHtfkHhuUf19p3MxAcSOuzkAI0jsaaQFxKHCE9ecNiSSd75g%2FBOJOB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 10 Sep 2024 08:53:55 GMT
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8c0e30bbb9ad62ff-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/images/telegram.png

104.21.93.27

200 OK

20 kB

URL GET HTTP/3
getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/images/telegram.png
IP
104.21.93.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
Certificate
IssuerGoogle Trust Services
Subjectgetsolara.dev
Fingerprint26:50:57:32:6A:D7:C1:89:08:DF:DE:19:98:61:7B:F3:85:D2:54:56
ValidityThu, 08 Aug 2024 01:59:02 GMT - Wed, 06 Nov 2024 01:59:01 GMT

File type

Size
20 kB (19980 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/endpoint.jsonChttps:/pastebin.com/raw/images/telegram.png HTTP/1.1
Host: getsolara.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Sep 2024 08:53:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eFZQWK0R32SIfBADOOYg9dWXoWY02yk9o8Kr4INZKM1OnwBDqxPudl7EXMTRmfPk6bJ1Q2q6bSE%2FI6wRVN0kBWZ3uyMp%2FsGPx650YCLthcr3A3hjtl2Z9j03W0trgfFy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 10 Sep 2024 08:53:55 GMT
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8c0e30bbb9ae62ff-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/SanFranciscoPro.ttf

104.21.93.27

200 OK

60 kB

URL GET HTTP/3
getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/SanFranciscoPro.ttf
IP
104.21.93.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
Certificate
IssuerGoogle Trust Services
Subjectgetsolara.dev
Fingerprint26:50:57:32:6A:D7:C1:89:08:DF:DE:19:98:61:7B:F3:85:D2:54:56
ValidityThu, 08 Aug 2024 01:59:02 GMT - Wed, 06 Nov 2024 01:59:01 GMT

File type

Size
60 kB (59795 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/endpoint.jsonChttps:/pastebin.com/raw/SanFranciscoPro.ttf HTTP/1.1
Host: getsolara.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Sep 2024 08:53:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EBcWv6B%2BmcyfOoDJk6nXsmpfrRmtexR%2Ffbv1gEpBLCVjpA3Ae1G5Y2RT%2BqXHBaxPhF7iKVoNRlIfwLVAIPxoawUFvDq2g%2FKIGWzVlyTtPngggp9OZCzKzMF9JnYk3tdJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 10 Sep 2024 08:53:55 GMT
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8c0e30bbd9d162ff-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK

104.21.93.27

200 OK

60 kB

URL User Request GET HTTP/2
getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
IP
104.21.93.27:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgetsolara.dev
Fingerprint26:50:57:32:6A:D7:C1:89:08:DF:DE:19:98:61:7B:F3:85:D2:54:56
ValidityThu, 08 Aug 2024 01:59:02 GMT - Wed, 06 Nov 2024 01:59:01 GMT

File type

Size
60 kB (59795 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK HTTP/1.1
Host: getsolara.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 10 Sep 2024 08:53:54 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOFSVx4aw9LPTEr23zXutXfnPtciBZ%2FO9%2FiLQ4rzouwzJCubqweq5UA2rWi0K8%2BIfhi5aAoxJVCgbyBl3bwrrvR8JdXzSf%2FI70VGXpSoI8e2pOz3LrVc1ss3%2FYQJldRk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8c0e30b8fbbe0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/images/logo.png

104.21.93.27

200 OK

40 kB

URL GET HTTP/3
getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/images/logo.png
IP
104.21.93.27:443
ASN
#13335 CLOUDFLARENET

Requested by
https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
Certificate
IssuerGoogle Trust Services
Subjectgetsolara.dev
Fingerprint26:50:57:32:6A:D7:C1:89:08:DF:DE:19:98:61:7B:F3:85:D2:54:56
ValidityThu, 08 Aug 2024 01:59:02 GMT - Wed, 06 Nov 2024 01:59:01 GMT

File type

Size
40 kB (40068 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/endpoint.jsonChttps:/pastebin.com/raw/images/logo.png HTTP/1.1
Host: getsolara.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://getsolara.dev/api/endpoint.jsonChttps:/pastebin.com/raw/pjseRvyK
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 10 Sep 2024 08:53:55 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YzGeqnTfDWNtaDz7Wn5DbANqOhnNUiZvoG6rkL4zD4wL3pgzo3n3ijvKRdkeMMzfczI2jzXUay7sqFYi9kHor42Qs8LYmJ3ntqUJRWOwNJEf7I12iSdp4TwQfYEsY%2BPi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
last-modified: Tue, 10 Sep 2024 08:53:55 GMT
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 8c0e30bba9a262ff-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash