Report - cheginter.xyz/1Vr/7.html

Report Overview

Submitted URL
cheginter.xyz/1Vr/7.html
IP
45.141.156.111
ASN
#206776 Ophidian Network Limited
Submitted
2024-04-19 08:31:21
Access
public
Website Title
McAfee Total Protection
Final URL
cheginter.xyz/1Vr/7.html
Tags
fake_software scam
urlquery detections
Scam - Fake AntiVirus / Security software

Detections

urlquery
31
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-19	489 B	36 kB	142.250.74.74
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-04-18	1.8 kB	121 kB	172.67.142.245
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-18	1.1 kB	7.3 kB	142.250.74.131
translate.googleapis.com	1005	2005-01-25	2012-05-31	2024-04-18	1.7 kB	76 kB	142.250.74.170
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04	2024-04-18	527 B	2.2 kB	142.250.74.42
translate.google.com	1156	1997-09-15	2012-05-30	2024-04-18	447 B	90 kB	216.58.211.14
cheginter.xyz	unknown	unknown	No data	No data	7.8 kB	84 kB	45.141.156.111
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-18	428 B	32 kB	142.250.74.42
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	2.6 kB	200 kB	216.58.207.227
threatdetect.org	unknown	2022-01-28	2022-01-28	2024-03-24	474 B	605 B	172.67.177.232

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	use.fontawesome.com/f182237388.js	9.5 kB	2023-03-08	2024-05-01
Pretty URL use.fontawesome.com/f182237388.js IP 172.67.142.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:08:25 Last Seen2024-05-01 17:04:19 Times Seen174 Hash 642925e489914ab3dd425cb843636667 b1e9f31c4ef9543e82467d88db7b63933cd67556 5fc81f26f3ae5cce9fffb7bf98e91a71210defe0a685ba8eff16ce863524a131 Loading...

	cheginter.xyz/1Vr/files/script/lang.js	1.2 kB	2023-03-07	2024-05-01
Pretty URL cheginter.xyz/1Vr/files/script/lang.js IP 45.141.156.111 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-05-01 17:04:18 Times Seen734 Hash fcd546809170dd574eb37b989529f69a 2e227e144e3b4bd68064354d8a7fbc61125f624c 350baff99bbd3db6cdb8d741bc7f75fa333489ad5dcc641e2cfa0e11130e1920 Loading...

	cheginter.xyz/_/translate_http/_/js/k=translate_http.tr.no.UA-j_uYmzls.O/am=wA/d=1/rs=AN8SPfrkpg-EPqdqrxXrsphCqC0dwlBKLA/m=el_conf	90 kB	2024-04-19	2024-04-19
Pretty URL cheginter.xyz/_/translate_http/_/js/k=translate_http.tr.no.UA-j_uYmzls.O/am=wA/d=1/rs=AN8SPfrkpg-EPqdqrxXrsphCqC0dwlBKLA/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 10:31:27 Last Seen2024-04-19 10:31:28 Times Seen2 Hash be1640fbf4a7115f5e9a903b430d3fe4 c970db2b9a955280e338eaa360bce93869a76070 c14e67efd28521211ab050f230294614a2f2b6a2971aa4f07ee4f1222962e04b Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.UA-j_uYmzls.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfrSsVi-Sc6-6LuIDw-e85d_nZgEvg/m=el_main	213 kB	2024-04-16	2024-04-22
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.UA-j_uYmzls.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfrSsVi-Sc6-6LuIDw-e85d_nZgEvg/m=el_main IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 07:53:23 Last Seen2024-04-22 21:37:55 Times Seen105 Hash 4bb91f7d3340c67fbc422fe923cb4ce4 aa81f4daf848d66f92f853be4bb57333694b2712 2244a4c055184acc3ee54d04f44cde9f71829b12a6adc7ad0956e76eb48c072a Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-02
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-02 06:17:03 Times Seen140739 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cheginter.xyz/1Vr/files/script/smart.js	2.2 kB	2023-03-07	2024-05-01
Pretty URL cheginter.xyz/1Vr/files/script/smart.js IP 45.141.156.111 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-05-01 17:04:19 Times Seen681 Hash c9e9a54501fc6f6e8918b2c0f2a53981 3d530e6c830ccba6284e79c7245bb45d6f4f2197 491fdee141835401d29318ca584ac3e91a38c92d8694f26d90883bfc324ca454 Loading...

	cheginter.xyz/1Vr/files/script/myjs.js	28 kB	2024-01-13	2024-05-01
Pretty URL cheginter.xyz/1Vr/files/script/myjs.js IP 45.141.156.111 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-13 18:24:24 Last Seen2024-05-01 17:04:19 Times Seen73 Hash fa04de86f93eea8c293ebd5deaa2f24c a8263346bf28a871663c3fad0ccf3b2fd3535d59 07001440eba0edc2e9b746d1fbd1eb288d9b6e4243b38a3f181690f18089222b Loading...

	cheginter.xyz/1Vr/7.html	38 B	2023-10-31	2024-05-01
Pretty URL cheginter.xyz/1Vr/7.html IP 45.141.156.111 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-31 06:51:57 Last Seen2024-05-01 17:04:18 Times Seen104 Hash 518779926bc5658ade8df84ea2f8b0e9 197b9ce340aae95551312b3ca7d41902e8c1ca53 854037d3c6e773ef2e0a8dc82efd78c0d9bca0bdbb62a92fb324c12e831cb16b Loading...

HTTP Transactions (36)

URL IP Response Size

cheginter.xyz/1Vr/files/images/favicon.png

45.141.156.111

200 OK

2.8 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/favicon.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
PNG image data, 50 x 58, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2848 bytes)
Hash
cae02ab1f905c5e7f46295e78895c132
0ad7b4107ce7b997bf709dc1ff252d1b537ec674
159d846c9bdea2230f04d4f2f04c10fefff91d023539e761f4e91da0c0ca9829

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/favicon.png HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/png
content-length: 2848
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
etag: "65eeaca5-b20"
accept-ranges: bytes
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/images/icon_1.png

45.141.156.111

200 OK

1.1 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/icon_1.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1137 bytes)
Hash
d4d69630de198f952456bd95946cff99
63666fc0c400af0789069bcf8fb5ec3092e3c7b5
3bc79b2b43c6496e7be7ea2cc22838c9e14bd7d4ab27d049d8a01a6423607e87

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/icon_1.png HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/png
content-length: 1137
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
etag: "65eeaca5-471"
accept-ranges: bytes
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/images/icon_2.png

45.141.156.111

200 OK

2.4 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/icon_2.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2431 bytes)
Hash
fd22397dfe5d6d7349164ce82847fd53
dcc678c0c3c6d91d88b021081f280377fa65ee01
3c6902c5acb08e21fef1afb46bcf770245b6b942f0613d8063a5032065c4d317

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/icon_2.png HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/png
content-length: 2431
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
etag: "65eeaca5-97f"
accept-ranges: bytes
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/images/together.png

45.141.156.111

200 OK

7.9 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/together.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
PNG image data, 122 x 34, 8-bit/color RGBA, non-interlaced
Size
7.9 kB (7907 bytes)
Hash
54586abdf290194d7ae038a0455ea8ab
72d36e7a2d9c8b0522313c00eaf49f8385d260ab
021f210aa8754996bd01111c47a2c9e8bca5c491b74485193243801e17d6ba36

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/together.png HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/png
content-length: 7907
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
etag: "65eeaca5-1ee3"
accept-ranges: bytes
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/images/atten.png

45.141.156.111

200 OK

2.5 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/atten.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
PNG image data, 100 x 89, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2453 bytes)
Hash
73ee5f5a65419cdae683e3ce557667c5
c63479fd67f9bcf0ff867e518ed12dbb223929fb
beaf85377ddd403e8beb6772e27ef87608e0da79d09e3080798c339d9b822135

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/atten.png HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/png
content-length: 2453
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
etag: "65eeaca5-995"
accept-ranges: bytes
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/images/icon_3.png

45.141.156.111

200 OK

1.0 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/icon_3.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
1.0 kB (1010 bytes)
Hash
118f0c5583f13e7f2e42ac3c34d54a4a
aca14f746b4889df053494c8fa043f8a4b22a511
746872277e95c813f0720fb138d445af664d09b0e9968bb2dfc453a4f30f75da

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/icon_3.png HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/png
content-length: 1010
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
etag: "65eeaca5-3f2"
accept-ranges: bytes
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/images/icon_4.png

45.141.156.111

200 OK

1.3 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/icon_4.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1288 bytes)
Hash
d4ce6e3f44d5ddcc50f3f1e88107b886
1b1969cff7e88bce4b1196551d6a44bef0ef6dcf
2d21436c30be8369abd4dcbf6b26d1c5d9db2f039c398d5c8aeba3db93d7d7a5

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/icon_4.png HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/png
content-length: 1288
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
etag: "65eeaca5-508"
accept-ranges: bytes
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/images/action_1.gif

45.141.156.111

200 OK

69 B

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/action_1.gif
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
GIF image data, version 89a, 16 x 16
Size
69 B (69 bytes)
Hash
3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/action_1.gif HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/gif
content-length: 69
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
etag: "65eeaca5-45"
accept-ranges: bytes
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/images/action_2.gif

45.141.156.111

200 OK

377 B

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/action_2.gif
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
GIF image data, version 89a, 16 x 16
Size
377 B (377 bytes)
Hash
c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/action_2.gif HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/gif
content-length: 377
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
etag: "65eeaca5-179"
accept-ranges: bytes
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/images/action_3.gif

45.141.156.111

200 OK

234 B

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/action_3.gif
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
GIF image data, version 89a, 16 x 16
Size
234 B (234 bytes)
Hash
9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/action_3.gif HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/gif
content-length: 234
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
etag: "65eeaca5-ea"
accept-ranges: bytes
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.42

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 10:51:04 GMT
expires: Thu, 17 Apr 2025 10:51:04 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 164391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cheginter.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 107755
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cheginter.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 107755
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cheginter.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 107755
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cheginter.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 107755
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2

172.67.142.245

200 OK

77 kB

URL GET HTTP/2
use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /releases/v4.7.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cheginter.xyz
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: application/font-woff2
content-length: 77160
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 35764
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JjI64EbLlQN7cAhgQz9fuu0TfbYjUM8PolQJuzhj%2BWUUOtB00YcHoJ%2Fo%2B9eARJh%2FD90lNi15yaLD6cR5HVml1nNDRyA3xcqQH5Y7EmYIDirPUqMhUtQqqCmy%2BDupBanjC6zfohnt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b890e8e165699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/images/favicon.png

45.141.156.111

200 OK

2.8 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/favicon.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
PNG image data, 50 x 58, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2848 bytes)
Hash
cae02ab1f905c5e7f46295e78895c132
0ad7b4107ce7b997bf709dc1ff252d1b537ec674
159d846c9bdea2230f04d4f2f04c10fefff91d023539e761f4e91da0c0ca9829

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/favicon.png HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Cookie: GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/png
content-length: 2848
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
etag: "65eeaca5-b20"
accept-ranges: bytes
X-Firefox-Spdy: h2

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css

142.250.74.131

200 OK

4.0 kB

URL GET HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:56:48 GMT
expires: Wed, 16 Apr 2025 09:56:48 GMT
cache-control: public, max-age=31536000
age: 254047
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.UA-j_uYmzls.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfrSsVi-Sc6-6LuIDw-e85d_nZgEvg/m=el_main

142.250.74.170

200 OK

74 kB

URL GET HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.UA-j_uYmzls.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfrSsVi-Sc6-6LuIDw-e85d_nZgEvg/m=el_main
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (2333)
Size
74 kB (73503 bytes)
Hash
4bb91f7d3340c67fbc422fe923cb4ce4
aa81f4daf848d66f92f853be4bb57333694b2712
2244a4c055184acc3ee54d04f44cde9f71829b12a6adc7ad0956e76eb48c072a

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.UA-j_uYmzls.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfrSsVi-Sc6-6LuIDw-e85d_nZgEvg/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 73503
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 19:23:38 GMT
expires: Fri, 18 Apr 2025 19:23:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 17 Apr 2024 21:12:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 47238
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

216.58.207.227

200 OK

3.3 kB

URL GET HTTP/3
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
SVG Scalable Vector Graphics image
Size
3.3 kB (3340 bytes)
Hash
2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:52:46 GMT
expires: Wed, 16 Apr 2025 09:52:46 GMT
cache-control: public, max-age=31536000
age: 254290
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.131

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 13:46:06 GMT
expires: Fri, 18 Apr 2025 13:46:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 67490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.42

1.4 kB

URL
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 19 Apr 2024 08:30:56 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=513=NqdIhd26dSpsCRun2bCoNn-S34V31WzdcHi22YNc2BLz6ICYbqkQ0KpfdXYq8243Amk5qhG8hlHid_bwAJSxI3Qd6vqeDu5vKAXWRc1YpdCZR9armBmLKPFvs3ivURo_Z2MmLUTVhyHdTAHHcYSb-fyQtwm56DtPA-0GAoPPJEY; expires=Sat, 19-Oct-2024 08:30:56 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Fri, 19 Apr 2024 08:30:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.170

200 OK

0 B

URL OPTIONS HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://cheginter.xyz/
Origin: https://cheginter.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://cheginter.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 19 Apr 2024 08:31:06 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.170

200 OK

131 B

URL OPTIONS HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cheginter.xyz/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1179
Origin: https://cheginter.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://cheginter.xyz
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 19 Apr 2024 08:31:06 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

use.fontawesome.com/f182237388.css

172.67.142.245

200 OK

1.0 kB

URL GET HTTP/2
use.fontawesome.com/f182237388.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1054), with no line terminators
Size
1.0 kB (1033 bytes)
Hash
38ab6981f2d275f63d6a5e13e551e2ae
fed5822d1194a5965a5012005fa4dafd5be9ae2e
b029b512b28b1f42efe25a07a756b0d6bd97a071e0845129c8fae7fe288c18a8

HTTP Headers

GET /f182237388.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: text/css
etag: W/"c34c69a9993e345a33d3899b6f063f04"
last-modified: Fri, 22 Sep 2023 01:40:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 6798
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BpIuAwGle6Ryh5EioUYq%2Bg04i4YisXce7t4kP9D6DakFsKjfQzkp76kZOgEeDGAKFtBeBt2TWbhFHhEp5AS6H7%2BGUAlhKWUcVhQV9BfSnVKxBtnv8AyUmm%2BghJ7aFiG0e6WbZM3f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b890cac305699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css

172.67.142.245

200 OK

30 kB

URL GET HTTP/2
use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30343)
Size
30 kB (30344 bytes)
Hash
36082410df2ef7f83932219089dc1443
7961402d7d01e19387fe609a38454b0bc8c6cca4
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

HTTP Headers

GET /releases/v4.7.0/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/f182237388.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"36082410df2ef7f83932219089dc1443"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2072393
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xp83zb0GIssp3iU%2FEFzLUQGSozL%2BvT0Ub6sWL%2BtPJeI6GvRacgAyjRnfraSh5eQ4EaQ4C3JKnaZ4nO4Nzv%2Fgz1zFyBABq9J%2F2ZKGevWoL0Nwnphs%2Fq8YNnMSEg7fD2hPCel8lDYy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b890d4cb95699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/script/myjs.js

45.141.156.111

200 OK

28 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/script/myjs.js
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type

Size
28 kB (28271 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/script/myjs.js HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: application/javascript
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
vary: Accept-Encoding
etag: W/"65eeaca5-6e6f"
content-encoding: gzip
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

216.58.211.14

200 OK

90 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type
JavaScript source, ASCII text, with very long lines (2064)
Size
90 kB (89739 bytes)
Hash
be1640fbf4a7115f5e9a903b430d3fe4
c970db2b9a955280e338eaa360bce93869a76070
c14e67efd28521211ab050f230294614a2f2b6a2971aa4f07ee4f1222962e04b

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 08:30:55 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/script/smart.js

45.141.156.111

200 OK

2.2 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/script/smart.js
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
JavaScript source, ASCII text, with very long lines (2304), with no line terminators
Size
2.2 kB (2198 bytes)
Hash
79218c8e4d6b9589da61b4daddd1d721
c8bdf2b44db9327ac24f0d02e2aa0bfc69097ab5
db4e31aaf6f2022d9cd8c052537ee237b0b69cd49ab27d6d29913bf401b1ea5a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/script/smart.js HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: application/javascript
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
vary: Accept-Encoding
etag: W/"65eeaca5-896"
content-encoding: gzip
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/script/lang.js

45.141.156.111

200 OK

1.2 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/script/lang.js
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
JavaScript source, ASCII text, with very long lines (1223), with no line terminators
Size
1.2 kB (1157 bytes)
Hash
00d68d5fcbe959205761ae2eb92bda5a
e70670eba70fd9428d8ee7d8acacea623bd72d4f
994454fb2f960994c4f0721e63734138eb06498b18f1236e39d4c66de579b054

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/script/lang.js HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: application/javascript
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
vary: Accept-Encoding
etag: W/"65eeaca5-485"
content-encoding: gzip
X-Firefox-Spdy: h2

use.fontawesome.com/f182237388.js

172.67.142.245

200 OK

9.5 kB

URL GET HTTP/2
use.fontawesome.com/f182237388.js
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (9731), with no line terminators
Size
9.5 kB (9496 bytes)
Hash
2cacb88151a513dc4eaf4bde78faff7b
a4c63129b001af45bd8c1e60a462a87edd9be8e9
2cfdf34668c0492fe9303c1210943aa7f4a5353e4674812bb96c79542802ebf7

HTTP Headers

GET /f182237388.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: text/javascript
etag: W/"642925e489914ab3dd425cb843636667"
last-modified: Fri, 22 Sep 2023 01:40:28 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 6496
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S1mP6uco9VEafZX%2BzT4%2FeqQpmGlYJaOYvgi4VME6ACRQkvI3zNdLQ2cQtGje5TmbFrrJMA2gwKJJGIyaJ5MxAumt7BkBy9BArPou9UJoTEgsMnmnKxvLZ%2FG7yLXJHc4Y1Qbo2vag"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b890b3a9a5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/styles/default.css

45.141.156.111

200 OK

9.7 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/styles/default.css
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
ASCII text, with very long lines (10927), with no line terminators
Size
9.7 kB (9709 bytes)
Hash
640b6171ca7e770c12fbcd0b57d95a06
1763411ddd0f9431f926f6c89b8ae826a3c99925
a7109b8a7d6f82c14c6cddef82889d7ad2c9cacbaf42ffba55eece9d8a70b160

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/styles/default.css HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: text/css
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
vary: Accept-Encoding
etag: W/"65eeaca5-25ed"
content-encoding: gzip
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/files/images/logo.svg

45.141.156.111

200 OK

1.3 kB

URL GET HTTP/2
cheginter.xyz/1Vr/files/images/logo.svg
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1296 bytes)
Hash
26294084ef87524fa4a6f79e5e599730
47a669784052d4af34248560e41ec3aa54e12a14
fcf080b7e6aa7b01afdc884311ea1958df1e8ae865b52e8861222cbd363a3e99

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/files/images/logo.svg HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/1Vr/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: image/svg+xml
last-modified: Mon, 11 Mar 2024 07:03:01 GMT
vary: Accept-Encoding
etag: W/"65eeaca5-510"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap

142.250.74.74

200 OK

35 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1572)
Size
35 kB (35102 bytes)
Hash
182576db773a08b463febf1b07aa0e2f
b868a708dae6373057a7732089e6093b67243774
626507f0b1a1d350bed3be0e5776dbcaad507a31356d23ba5ad189c1230a3c59

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 08:30:55 GMT
date: Fri, 19 Apr 2024 08:30:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

threatdetect.org/fonts/?font=aHR0cHM6Ly9jaGVnaW50ZXIueHl6LzFWci83Lmh0bWw=

172.67.177.232

200 OK

0 B

URL GET HTTP/2
threatdetect.org/fonts/?font=aHR0cHM6Ly9jaGVnaW50ZXIueHl6LzFWci83Lmh0bWw=
IP
172.67.177.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cheginter.xyz/1Vr/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectthreatdetect.org
FingerprintF6:23:B8:9E:08:03:83:36:F4:82:1C:31:29:E6:F5:FC:ED:66:02:14
ValidityThu, 18 Apr 2024 10:28:31 GMT - Wed, 17 Jul 2024 10:28:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/?font=aHR0cHM6Ly9jaGVnaW50ZXIueHl6LzFWci83Lmh0bWw= HTTP/1.1
Host: threatdetect.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cheginter.xyz
DNT: 1
Connection: keep-alive
Referer: https://cheginter.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 08:30:55 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LELfA7MvIZwODG%2FP%2BMm4QM5tKyCtXIgAFjUNK1E%2FnjJV80eCtnuMDvPIAavTWVWHBBpSzRI8TwjWFURQn2%2FS1W5ePrprB08CS%2BwSvzC9LM2XOYNOMulKiecW0Y2%2BA%2Fe2Rqx6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876b890d3c0156ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cheginter.xyz/1Vr/7.html

45.141.156.111

200 OK

15 kB

URL User Request GET HTTP/2
cheginter.xyz/1Vr/7.html
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Certificate
IssuerLet's Encrypt
Subjectcheginter.xyz
Fingerprint6A:44:13:68:7B:38:FD:18:C0:8B:F2:C6:B9:DA:D1:A5:9B:FF:E6:04
ValidityMon, 15 Apr 2024 08:02:02 GMT - Sun, 14 Jul 2024 08:02:01 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
15 kB (14583 bytes)
Hash
624add1cad4c0f4c381c1752de8a9de6
3550de117c31536be411808b27c0a2ea26ca5c5a
9fd1b4490b862fb395119640fd2865a7b0aafe61850c12a0a776383ab1bc4733

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /1Vr/7.html HTTP/1.1
Host: cheginter.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 08:30:54 GMT
content-type: text/html
last-modified: Mon, 11 Mar 2024 07:02:59 GMT
vary: Accept-Encoding
etag: W/"65eeaca3-38f7"
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML