Report - zemos.ru/assessedk.php?y=dug&s=directrix

Report Overview

Visited public
2023-12-08 13:32:19
Tags
URL
zemos.ru/assessedk.php?y=dug&s=directrix
Finishing URL
meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
IP / ASN
31.28.24.244
#12616 Filanco LLC
Title
Knull damer nær deg i natt

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
meetyourhoney.life	unknown	unknown	No data	No data	5.9 kB	476 kB	185.155.184.85
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-08 07:43:19	584 B	2.5 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-08 07:46:22	1.1 kB	48 kB	216.58.207.227
zemos.ru	unknown	2005-03-27	2015-08-17 14:05:44	2023-09-21 00:55:36	792 B	3.2 kB	31.28.24.244

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-08 13:32:13	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-08 13:32:13	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-08 13:32:13	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-08 13:32:14	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-08 13:32:14	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-08 13:32:14	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-08 13:32:14	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-08 13:32:14	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-08 13:32:14	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-08 13:32:14	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-08 13:32:23	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	meetyourhoney.life	Sinkholed
2023-12-08	medium	meetyourhoney.life	Sinkholed
2023-12-08	medium	meetyourhoney.life	Sinkholed
2023-12-08	medium	meetyourhoney.life	Sinkholed
2023-12-08	medium	meetyourhoney.life	Sinkholed
2023-12-08	medium	meetyourhoney.life	Sinkholed
2023-12-08	medium	meetyourhoney.life	Sinkholed
2023-12-08	medium	meetyourhoney.life	Sinkholed
2023-12-08	medium	meetyourhoney.life	Sinkholed
2023-12-08	medium	meetyourhoney.life	Sinkholed
2023-12-08	medium	meetyourhoney.life	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting	ScriptElement	665 B	2024-08-20	2024-08-20
Pretty URL meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting IP 185.155.184.85 ASN #6898 SERVER.swiss Sagl Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen1 Hash c9b0ac1ed6bab1b929311a784534303e 4b5f6745b13dd7375bedcb7ebf3bd21b5dd096e2 3fd6cb3aae5dc3fad90ad39eca9880310ced077be13454374a9efa2a9a8b9088 Loading...

	meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting IP 185.155.184.85 ASN #6898 SERVER.swiss Sagl Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 14:26 Times Seen4655055 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	meetyourhoney.life/cookie/js.cookie.js	ScriptElement	4.3 kB	2023-03-07	2025-05-06
Pretty URL meetyourhoney.life/cookie/js.cookie.js IP 185.155.184.85 ASN #6898 SERVER.swiss Sagl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-06 04:18 Times Seen5899 Hash a7e9883924072f15259de6888d5ef515 7f4f6e5938e68f55aef81e0cd0145f008cd28382 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c Loading...

	meetyourhoney.life/util/utils.js	ScriptElement	7.5 kB	2023-03-07	2024-08-21
Pretty URL meetyourhoney.life/util/utils.js IP 185.155.184.85 ASN #6898 SERVER.swiss Sagl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2024-08-21 09:44 Times Seen8808 Hash 01816d15ca03032751161a746e2fb7c3 dcc72ea5fa1356490ba473288159df9786b4a3c3 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea Loading...

	meetyourhoney.life/media/dating/toon2/js/jquery-2.2.4.min.js	ScriptElement	86 kB	2023-03-07	2025-05-11
Pretty URL meetyourhoney.life/media/dating/toon2/js/jquery-2.2.4.min.js IP 185.155.184.85 ASN #6898 SERVER.swiss Sagl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 13:52 Times Seen174135 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	meetyourhoney.life/media/bb.js	ScriptElement	639 B	2023-03-07	2025-03-17
Pretty URL meetyourhoney.life/media/bb.js IP 185.155.184.85 ASN #6898 SERVER.swiss Sagl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-03-17 09:57 Times Seen12939 Hash 0d553e4bac91c74bfee2dbabba61e99e 5af71e2377c9c012a7826a695f2724901941b19b 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68 Loading...

	meetyourhoney.life/media/exit-new/exit1.js	ScriptElement	3.5 kB	2023-03-07	2025-03-17
Pretty URL meetyourhoney.life/media/exit-new/exit1.js IP 185.155.184.85 ASN #6898 SERVER.swiss Sagl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-03-17 09:57 Times Seen12781 Hash 625e5e2950612f771e246beb33c9ea61 e4fc251c6c000496c285f8dc3fa097040b031681 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46 Loading...

HTTP Transactions (16)

URL IP Response Size

zemos.ru/assessedk.php?y=dug&s=directrix

31.28.24.244

1.3 kB

URL
zemos.ru/assessedk.php?y=dug&s=directrix
IP
31.28.24.244:0
ASN
#12616 Filanco LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (787), with CRLF line terminators
Size
1.3 kB (1311 bytes)
Hash
ae54c46d914753f69e4e29715adf38f6
7d5fa624a474402a8719e2f096cdfa0097c0dccc
bd0e713169e49510ca847043728e49c68b8a9388acaa8f543a4aefaef45a25f5

HTTP Headers

GET /assessedk.php?y=dug&s=directrix HTTP/1.1
Host: zemos.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:04 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.32
Last-Modified: Fri, 08 Dec 2023 12:32:04 GMT
Expires: Fri, 08 Dec 2023 13:02:04 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Pragma: no-cache
Content-Encoding: gzip

zemos.ru/favicon.ico

31.28.24.244

1.2 kB

URL
zemos.ru/favicon.ico
IP
31.28.24.244:0
ASN
#12616 Filanco LLC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
994cf6f03ca5d66b9ac36a93ccfc1d67
0c30380efa2502c3cc8497f2d5dc264a4dbdae13
8bac5cc0747d1f4cd19da16cae6cb91597297fc08e898c385f7208c2744a67a9

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: zemos.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://zemos.ru/assessedk.php?y=dug&s=directrix
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:04 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1150
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 08 Mar 2023 11:16:50 GMT
ETag: "47e-5f661aa2e2109"
Accept-Ranges: bytes

meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting

185.155.184.85

7.2 kB

URL
meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
IP
185.155.184.85:0
ASN
#6898 SERVER.swiss Sagl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (531), with CRLF line terminators
Size
7.2 kB (7215 bytes)
Hash
53a89555e038e1ec1d56d5a7b4b4f1cd
b2d56dda103769004b1f5f73b4d11687465f5d66
d8df263c42709bcb80aaf5cfb682b60418faf3aa52b05978e1d4b9f2d1484339

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting HTTP/1.1
Host: meetyourhoney.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://zemos.ru/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:06 GMT
Content-Type: text/html
Content-Length: 7215
Connection: keep-alive
set-cookie: sid=t1~zreuod3la1y2jqkgn04h5vnt; path=/
cache-control: private, no-transform

meetyourhoney.life/media/dating/toon2/css/animate.min.css

185.155.184.85

53 kB

URL
meetyourhoney.life/media/dating/toon2/css/animate.min.css
IP
185.155.184.85:0
ASN
#6898 SERVER.swiss Sagl

File type
ASCII text, with very long lines (52592)
Size
53 kB (52789 bytes)
Hash
178b651958ceff556cbc5f355e08bbf1
97afa151569f046b2e01f27c1871646e9cd87caf
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/toon2/css/animate.min.css HTTP/1.1
Host: meetyourhoney.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Cookie: sid=t1~zreuod3la1y2jqkgn04h5vnt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:07 GMT
Content-Type: text/css
Content-Length: 52789
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "178b651958ceff556cbc5f355e08bbf1"
Last-Modified: Mon, 20 Feb 2023 09:32:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179EDDD2DC8EE80C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843394#511755078/gid:0/gname:root/mode:33279/mtime:1655387458#958597404/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:58.958597404Z
Expires: Sat, 07 Dec 2024 13:32:07 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

meetyourhoney.life/media/dating/toon2/css/style.css

185.155.184.85

8.6 kB

URL
meetyourhoney.life/media/dating/toon2/css/style.css
IP
185.155.184.85:0
ASN
#6898 SERVER.swiss Sagl

File type
ASCII text, with CRLF line terminators
Size
8.6 kB (8608 bytes)
Hash
549edaff59c582a6a3ca91f95c60ea71
a9edcba7d667efcfd812bcd413ccbdcb2b67cc88
b28722475035fc8fdc751034c2df8f49d66eb25cf28cf031c4e7357414a131da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/toon2/css/style.css HTTP/1.1
Host: meetyourhoney.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Cookie: sid=t1~zreuod3la1y2jqkgn04h5vnt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:07 GMT
Content-Type: text/css
Content-Length: 8608
Connection: keep-alive
ETag: "549edaff59c582a6a3ca91f95c60ea71"
Last-Modified: Tue, 21 Nov 2023 12:30:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179EDDD2E79280CA
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223378#43689163/gid:0/gname:root/mode:33279/mtime:1655387458#962597414/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:58.962597414Z
Expires: Sat, 07 Dec 2024 13:32:07 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

meetyourhoney.life/media/exit-new/exit1.js

185.155.184.85

200 OK

3.5 kB

URL GET HTTP/1.1
meetyourhoney.life/media/exit-new/exit1.js
IP
185.155.184.85:443
ASN
#6898 SERVER.swiss Sagl

Requested by
https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Certificate
IssuerLet's Encrypt
Subjectmeetyourhoney.life
FingerprintE1:14:10:C3:04:7C:D4:4E:46:B6:52:BE:9F:AA:AB:A3:20:DF:EB:A2
ValiditySun, 03 Dec 2023 04:23:09 GMT - Sat, 02 Mar 2024 04:23:08 GMT

File type
ASCII text, with very long lines (641), with CRLF line terminators
Size
3.5 kB (3473 bytes)
Hash
625e5e2950612f771e246beb33c9ea61
e4fc251c6c000496c285f8dc3fa097040b031681
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/exit-new/exit1.js HTTP/1.1
Host: meetyourhoney.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Cookie: sid=t1~zreuod3la1y2jqkgn04h5vnt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:07 GMT
Content-Type: text/javascript
Content-Length: 3473
Connection: keep-alive
ETag: "625e5e2950612f771e246beb33c9ea61"
Last-Modified: Tue, 21 Nov 2023 12:30:04 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179EDE3DE1C9678A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223389#507714946/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
Expires: Sat, 07 Dec 2024 13:32:07 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

meetyourhoney.life/cookie/js.cookie.js

185.155.184.85

4.3 kB

URL
meetyourhoney.life/cookie/js.cookie.js
IP
185.155.184.85:0
ASN
#6898 SERVER.swiss Sagl

File type
ASCII text, with very long lines (1709), with CRLF line terminators
Size
4.3 kB (4264 bytes)
Hash
a7e9883924072f15259de6888d5ef515
7f4f6e5938e68f55aef81e0cd0145f008cd28382
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cookie/js.cookie.js HTTP/1.1
Host: meetyourhoney.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Cookie: sid=t1~zreuod3la1y2jqkgn04h5vnt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:07 GMT
Content-Type: application/javascript
Content-Length: 4264
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a7e9883924072f15259de6888d5ef515"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179EDDE1D0C733B2
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Sat, 07 Dec 2024 13:32:07 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

meetyourhoney.life/util/utils.js

185.155.184.85

7.5 kB

URL
meetyourhoney.life/util/utils.js
IP
185.155.184.85:0
ASN
#6898 SERVER.swiss Sagl

File type
ASCII text, with very long lines (641), with CRLF line terminators
Size
7.5 kB (7512 bytes)
Hash
01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /util/utils.js HTTP/1.1
Host: meetyourhoney.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Cookie: sid=t1~zreuod3la1y2jqkgn04h5vnt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:07 GMT
Content-Type: text/javascript
Content-Length: 7512
Connection: keep-alive
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Tue, 21 Nov 2023 12:30:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179EDE6D81F25205
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223579#380129542/gid:0/gname:root/mode:33188/mtime:1659085489#684136000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:04:49.684136Z
Expires: Sat, 07 Dec 2024 13:32:07 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

meetyourhoney.life/media/bb.js

185.155.184.85

200 OK

639 B

URL GET HTTP/1.1
meetyourhoney.life/media/bb.js
IP
185.155.184.85:443
ASN
#6898 SERVER.swiss Sagl

Requested by
https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Certificate
IssuerLet's Encrypt
Subjectmeetyourhoney.life
FingerprintE1:14:10:C3:04:7C:D4:4E:46:B6:52:BE:9F:AA:AB:A3:20:DF:EB:A2
ValiditySun, 03 Dec 2023 04:23:09 GMT - Sat, 02 Mar 2024 04:23:08 GMT

File type
ASCII text, with very long lines (639), with no line terminators
Size
639 B (639 bytes)
Hash
0d553e4bac91c74bfee2dbabba61e99e
5af71e2377c9c012a7826a695f2724901941b19b
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/bb.js HTTP/1.1
Host: meetyourhoney.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Cookie: sid=t1~zreuod3la1y2jqkgn04h5vnt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:07 GMT
Content-Type: application/javascript
Content-Length: 639
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Last-Modified: Mon, 20 Feb 2023 09:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 179EDE2C60906B36
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676832256#258761277/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z
Expires: Sat, 07 Dec 2024 13:32:07 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

meetyourhoney.life/media/dating/toon2/js/jquery-2.2.4.min.js

185.155.184.85

86 kB

URL
meetyourhoney.life/media/dating/toon2/js/jquery-2.2.4.min.js
IP
185.155.184.85:0
ASN
#6898 SERVER.swiss Sagl

File type
ASCII text, with very long lines (32065)
Size
86 kB (85578 bytes)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/toon2/js/jquery-2.2.4.min.js HTTP/1.1
Host: meetyourhoney.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Cookie: sid=t1~zreuod3la1y2jqkgn04h5vnt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:07 GMT
Content-Type: text/javascript
Content-Length: 85578
Connection: keep-alive
ETag: "2f6b11a7e914718e0290410e85366fe9"
Last-Modified: Tue, 21 Nov 2023 12:30:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179EDDD2EEFFC885
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223378#91689271/gid:0/gname:root/mode:33279/mtime:1655387458#954597395/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:58.954597395Z
Expires: Sat, 07 Dec 2024 13:32:07 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

meetyourhoney.life/media/dating/toon2/images/123.jpg

185.155.184.85

200 OK

179 kB

URL GET HTTP/1.1
meetyourhoney.life/media/dating/toon2/images/123.jpg
IP
185.155.184.85:443
ASN
#6898 SERVER.swiss Sagl

Requested by
https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Certificate
IssuerLet's Encrypt
Subjectmeetyourhoney.life
FingerprintE1:14:10:C3:04:7C:D4:4E:46:B6:52:BE:9F:AA:AB:A3:20:DF:EB:A2
ValiditySun, 03 Dec 2023 04:23:09 GMT - Sat, 02 Mar 2024 04:23:08 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1069, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=620], progressive, precision 8, 620x1032, components 3\012- data
Size
179 kB (179176 bytes)
Hash
a2d245e1c43c61ca34bea001510dd6d9
7a7e0dbf8bb132958fecd093e6741ffe49d060b5
f6113b1f6bdd279404fd53c920f6ba411b66a897db4c67e16d2129af22370a57

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/toon2/images/123.jpg HTTP/1.1
Host: meetyourhoney.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Cookie: sid=t1~zreuod3la1y2jqkgn04h5vnt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:07 GMT
Content-Type: image/jpeg
Content-Length: 179176
Connection: keep-alive
ETag: "a2d245e1c43c61ca34bea001510dd6d9"
Last-Modified: Wed, 20 Sep 2023 15:22:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179EDDD30D0F7BAF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134506#144014750/gid:0/gname:root/mode:33279/mtime:1655387458#958597404/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:58.958597404Z
Expires: Sat, 07 Dec 2024 13:32:07 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext

142.250.74.106

1.9 kB

URL
fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
1.9 kB (1913 bytes)
Hash
58aca5bce132495e4e2d70b2659efb73
808c874810311878afd0e8c9f53997132a74a21d
215d5d4a0582cc6c80aa14b421e7957f7d41fbe77c3a79502334d934a750e8de

HTTP Headers

GET /css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetyourhoney.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 13:32:07 GMT
date: Fri, 08 Dec 2023 13:32:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

meetyourhoney.life/media/dating/toon2/images/bg.jpg

185.155.184.85

120 kB

URL
meetyourhoney.life/media/dating/toon2/images/bg.jpg
IP
185.155.184.85:0
ASN
#6898 SERVER.swiss Sagl

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=660, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1279], progressive, precision 8, 1279x660, components 3\012- data
Size
120 kB (119754 bytes)
Hash
842a5629f17ec8342230aa12ea32291a
0f2390a3eda1a71d676f1cd1866956fef8e77090
1c7361fcec43aecb4c517914dde9ecbf1fe1aaa0969411a7a383391236f335f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /media/dating/toon2/images/bg.jpg HTTP/1.1
Host: meetyourhoney.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetyourhoney.life/media/dating/toon2/css/style.css
Cookie: sid=t1~zreuod3la1y2jqkgn04h5vnt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:32:07 GMT
Content-Type: image/jpeg
Content-Length: 119754
Connection: keep-alive
ETag: "842a5629f17ec8342230aa12ea32291a"
Last-Modified: Tue, 21 Nov 2023 12:30:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Amz-Request-Id: 179EDE4C7CABE931
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1695223378#83689252/gid:0/gname:root/mode:33279/mtime:1655387458#958597404/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:58.958597404Z
Expires: Sat, 07 Dec 2024 13:32:07 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://meetyourhoney.life
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:49:49 GMT
expires: Fri, 06 Dec 2024 15:49:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 78138
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

24 kB

URL
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://meetyourhoney.life
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:33 GMT
expires: Fri, 06 Dec 2024 15:40:33 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 78694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

meetyourhoney.life/favicon.ico

185.155.184.85

0 B

URL
meetyourhoney.life/favicon.ico
IP
185.155.184.85:0
ASN
#6898 SERVER.swiss Sagl

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: meetyourhoney.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetyourhoney.life/?u=y2ykaew&o=2xzp89r&m=1&t=0812&utm_source=relenting
Cookie: sid=t1~zreuod3la1y2jqkgn04h5vnt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 08 Dec 2023 13:32:07 GMT
Connection: keep-alive
Cache-Control: no-transform

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN