Report - uploaded-files.zip

Report Overview

Submitted URL
uploaded-files.zip
IP
104.21.55.143
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 23:17:44
Access
public
Website Title
Home | nest.rip
Final URL
nest.rip/?ref=viewer
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
66

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.nest.rip	unknown	2022-01-26	2022-07-20	2024-04-15	7.8 kB	10 MB	188.114.96.1
uploaded-files.zip	unknown	unknown	No data	No data	473 B	597 B	188.114.97.1
o1377474.ingest.sentry.io	unknown	2012-04-07	2023-07-11	2024-01-27	1.2 kB	1.1 kB	34.120.195.249
nest.rip	unknown	unknown	2022-02-12	2024-03-23	7.1 kB	1.8 MB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed
2024-04-25	medium	nest.rip	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	nest.rip/_next/static/chunks/webpack-d5182cb0ee7ca713.js	5.9 kB	2024-04-26	2024-05-03
Pretty URL nest.rip/_next/static/chunks/webpack-d5182cb0ee7ca713.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 01:13:19 Last Seen2024-05-03 00:22:37 Times Seen4 Hash 74ff0c81a6e026b5b6f64ab2f6b222d5 ce07a0d5ddadec8b2df45ef9339c4901d758cc8e 09fe282fe5618037756e54f953264182b46ee0a8cbc8e797d37674a46fe5f11c Loading...

	nest.rip/_next/static/chunks/framework-314c182fa7e2bf37.js	140 kB	2024-01-10	2024-05-03
Pretty URL nest.rip/_next/static/chunks/framework-314c182fa7e2bf37.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-10 10:50:52 Last Seen2024-05-03 00:22:38 Times Seen33 Hash 5bd298c20954c2772f8ad65ca27c4eae 72b0e21afa49c51796d11b630303514efa02c865 d3d2829d5775394638e8ba87d83bb5e42b77a5248aaf6b2ffbf0457e079f0be4 Loading...

	nest.rip/_next/static/chunks/pages/_app-5b4adf06232fc9cd.js	788 kB	2024-04-26	2024-05-03
Pretty URL nest.rip/_next/static/chunks/pages/_app-5b4adf06232fc9cd.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 01:13:19 Last Seen2024-05-03 00:22:38 Times Seen5 Hash 7e44f89b3d52b5b794ea28b76e572f9c 3f6ebd3e6adac67ec51a788ae9c946d65903eb5a 9e12f20071e30bea9a6d7faf35b2469773829ba6ff4459bdd8441bbec110473c Loading...

	nest.rip/_next/static/chunks/252f366e-e6ab085e72168946.js	2.0 kB	2023-07-23	2024-05-03
Pretty URL nest.rip/_next/static/chunks/252f366e-e6ab085e72168946.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-23 13:10:51 Last Seen2024-05-03 00:22:38 Times Seen5 Hash 6e0a40b701e73d4495fc18ce2af0c25a 6a9cccf1a6e0bd4137145a56f807a62acabacd8d 7d872d6bcd155302364744fad114a238211d708689020c7aa78fded4049cd02d Loading...

	nest.rip/_next/static/chunks/pages/index-f00673a69fd8e1aa.js	6.2 kB	2024-04-26	2024-05-03
Pretty URL nest.rip/_next/static/chunks/pages/index-f00673a69fd8e1aa.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 01:13:19 Last Seen2024-05-03 00:22:38 Times Seen5 Hash e20a1b33176efe454fd9413a91ca3012 cf0d728e51bc9a9798bf28b900989dad2c83434b d3c5fb1e8567f0f92c12a133161251b1c5e18b2ce1b98e5f550e38f4c3193d0a Loading...

	nest.rip/_next/static/rK_eH3QvswHtsP61LIIPb/_buildManifest.js	3.9 kB	2024-04-26	2024-05-03
Pretty URL nest.rip/_next/static/rK_eH3QvswHtsP61LIIPb/_buildManifest.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 01:13:19 Last Seen2024-05-03 00:22:37 Times Seen3 Hash 78ee8cdcea7773dc03d18c65f58ec0f1 118e1388c91fbf83784421c1a6e690a762fbf7f6 ef1ec2cdaeaa61a316766a37167c4c0b6757cf0f5a730ce35cfb6a6e242ca349 Loading...

	nest.rip/_next/static/chunks/main-84820d2644612ea9.js	109 kB	2024-04-26	2024-05-03
Pretty URL nest.rip/_next/static/chunks/main-84820d2644612ea9.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 01:13:19 Last Seen2024-05-03 00:22:38 Times Seen5 Hash b257acb41d52390cfcde9125882da05e 802146d57f116c1e663054f294efe2fa657ccd47 a9519209117c7dc0cd7cdf90714a1c2fcc194c7c1185b9e9ceb42ea2c26c9f13 Loading...

	nest.rip/_next/static/chunks/3151-45d3dc4ef1d6d1cc.js	30 kB	2024-04-26	2024-05-03
Pretty URL nest.rip/_next/static/chunks/3151-45d3dc4ef1d6d1cc.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 01:13:19 Last Seen2024-05-03 00:22:37 Times Seen4 Hash 44be2fdcddc91771de6fe436cb526ac2 b0ffaa7a30dc22f880b1676d2008d5ed9ed9b2d5 e79dbdcb7ece0664249509a55c891ae9b146774a5218aa57985eb46778dc88fd Loading...

	nest.rip/_next/static/rK_eH3QvswHtsP61LIIPb/_ssgManifest.js	77 B	2023-03-07	2024-05-05
Pretty URL nest.rip/_next/static/rK_eH3QvswHtsP61LIIPb/_ssgManifest.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-05-05 19:55:40 Times Seen85813 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

HTTP Transactions (36)

URL IP Response Size

uploaded-files.zip/

188.114.97.1

302 Found

0 B

URL User Request GET HTTP/2
uploaded-files.zip/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectuploaded-files.zip
FingerprintED:08:A0:38:B0:B0:A7:84:9A:40:06:E3:0F:2D:A8:6F:2B:4B:62:A1
ValiditySun, 31 Mar 2024 11:49:37 GMT - Sat, 29 Jun 2024 11:49:36 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: uploaded-files.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 25 Apr 2024 23:17:16 GMT
content-length: 0
location: https://nest.rip/?ref=viewer
x-cache-status: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kXLqxNW6F3%2BBtr9YqsZLwTHnyYX33zyGyn9%2Bbb4mqQG2AFH8JRyH0sZNwchoQCfdgq%2Bq%2F12HgYveGCiuPPv%2F370Xyx6dQuSVlkPice9LsZn00%2FGJbSxLxy9lzyGHAwgFjm8AxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bac3e8b56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

o1377474.ingest.sentry.io/api/6716465/envelope/?sentry_key=d1b0aef14a634ea48678ded634fc3103&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.86.0

34.120.195.249

200 OK

2 B

URL POST HTTP/2
o1377474.ingest.sentry.io/api/6716465/envelope/?sentry_key=d1b0aef14a634ea48678ded634fc3103&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.86.0
IP
34.120.195.249:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerDigiCert Inc
Subjectingest.sentry.io
Fingerprint60:82:0B:58:64:CD:37:FD:3F:C0:84:4F:0B:69:CF:58:05:15:97:9A
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/6716465/envelope/?sentry_key=d1b0aef14a634ea48678ded634fc3103&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.86.0 HTTP/1.1
Host: o1377474.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nest.rip/
Content-Type: text/plain;charset=UTF-8
Content-Length: 429
Origin: https://nest.rip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nest.rip/apple-touch-icon.png

188.114.96.1

200 OK

1.6 kB

URL GET HTTP/3
nest.rip/apple-touch-icon.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Size
1.6 kB (1607 bytes)
Hash
c647b64982049b98716b0b868db6ee36
7c17e563226934db73b7072af903dde4f44a6a1c
4f8ed7ffc57e043e38685071d27fffcc567504bf47f7bedc7d77973388a6d013

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /apple-touch-icon.png HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: image/png
content-length: 1607
cache-control: public, max-age=0
last-modified: Sun, 04 Feb 2024 16:10:53 GMT
etag: W/"647-18d74e30de9"
cf-cache-status: HIT
age: 266
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yhOqALVk%2BiuTp7XUgNQLX8vvfTijVaQyyq7w8CqaLFxXhCybqnf11Clir0Q6aPmqvQYChWWzcPdbElEB3bGNz%2FH9oyh9sqJlMKT3DjZA0%2FyT62GQ2S5%2F5oEFOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20bb2cc325684-OSL
alt-svc: h3=":443"; ma=86400

nest.rip/favicon-16x16.png

188.114.96.1

200 OK

271 B

URL GET HTTP/3
nest.rip/favicon-16x16.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
PNG image data, 16 x 16, 4-bit colormap, non-interlaced
Size
271 B (271 bytes)
Hash
81c32654b68b2a30004d4e0fca7272f7
64d7fd882612bc81387ae45b41d60a0c3116390d
14ef296d4813bf0015d77552aed18d146a8b84b8c208fed2a9394c986d3b381c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon-16x16.png HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: image/png
content-length: 271
cache-control: public, max-age=0
last-modified: Sun, 04 Feb 2024 16:10:53 GMT
etag: W/"10f-18d74e30ded"
cf-cache-status: HIT
age: 266
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aZpNM2BWbPYXgN20Qp%2F7PIb4L7t6YKRILx6sDCmja6JVklHym7syJzvwaAyxkUcFD%2BsGTQdn79pNV4S6FRJ%2Fn4R%2FBqDot202xY9VRQVJdUyFLSNdOm64CRZmFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20bb2dc355684-OSL
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/24a2805c-f433-4531-9c17-53d078807656.png

188.114.96.1

200 OK

2.9 kB

URL GET HTTP/3
cdn.nest.rip/avatars/24a2805c-f433-4531-9c17-53d078807656.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
PNG image data, 400 x 400, 8-bit colormap, non-interlaced
Size
2.9 kB (2872 bytes)
Hash
772aa709423494dba2e436c8df1fe643
c89753dd9d4eaca510eedac17cd0e485b8cca17f
6d34bedb72ec3f2dc15085747d365fbb3f34319d5b549a8776438b92853344b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/24a2805c-f433-4531-9c17-53d078807656.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: image/png
content-length: 2872
content-disposition: filename="default_profile_400x400.png"
content-security-policy: block-all-mixed-content
etag: "772aa709423494dba2e436c8df1fe643"
last-modified: Mon, 03 Oct 2022 12:50:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B0B71238A40C46
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: f9ed1e55-789c-437f-bcd2-412fc16d78e8
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
age: 266
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nEFX7BYwGfvJx6T9NndAErsp1xxP%2BFlVM9vSJLzxxlAAQKdd90aevujDQQ0Q7hdWEomG6GCxO5iauKqv%2B6enQFQOWCVKE%2Fvd4RAMSZASi83ZJfhOvnH8j%2B2fHJFUKLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb2fc415684-OSL
alt-svc: h3=":443"; ma=86400

nest.rip/_next/static/chunks/3151-45d3dc4ef1d6d1cc.js

188.114.96.1

200 OK

65 kB

URL GET HTTP/3
nest.rip/_next/static/chunks/3151-45d3dc4ef1d6d1cc.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
JavaScript source, ASCII text, with very long lines (30426), with no line terminators
Size
65 kB (65044 bytes)
Hash
44be2fdcddc91771de6fe436cb526ac2
b0ffaa7a30dc22f880b1676d2008d5ed9ed9b2d5
e79dbdcb7ece0664249509a55c891ae9b146774a5218aa57985eb46778dc88fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3151-45d3dc4ef1d6d1cc.js HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"76da-18d74ee6c06"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2gxu6%2B2cYVmIOQI50vO3giheRIyzBrY6YHau0l6NIYo25ul7JKplezD5%2FqNurEyonABUkYUVO8%2B%2BUT6mD1CQ67gutJnbgQN4%2B4rioOzxOdhwKaLlKLLXFvIFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20baf4a865684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/24a2805c-f433-4531-9c17-53d078807656.png

188.114.96.1

200 OK

2.9 kB

URL GET HTTP/3
cdn.nest.rip/avatars/24a2805c-f433-4531-9c17-53d078807656.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
PNG image data, 400 x 400, 8-bit colormap, non-interlaced
Size
2.9 kB (2872 bytes)
Hash
772aa709423494dba2e436c8df1fe643
c89753dd9d4eaca510eedac17cd0e485b8cca17f
6d34bedb72ec3f2dc15085747d365fbb3f34319d5b549a8776438b92853344b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/24a2805c-f433-4531-9c17-53d078807656.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: image/png
content-length: 2872
content-disposition: filename="default_profile_400x400.png"
content-security-policy: block-all-mixed-content
etag: "772aa709423494dba2e436c8df1fe643"
last-modified: Mon, 03 Oct 2022 12:50:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B0B71238A40C46
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: f9ed1e55-789c-437f-bcd2-412fc16d78e8
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
age: 266
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6wYXL5oZ%2Fj6Z4gZw7lH7chk%2BPV4AnFuTAIFS%2FGcEiPEKjmBQUEQ3sMnEKOKD59c3qAO2jzYSVMQ5Tlv4okYEqcWn6audHIvpQldYdgVS6P71ciNszIIO9koj5I%2FVcn8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb37839b503-OSL
alt-svc: h3=":443"; ma=86400

nest.rip/_next/static/rK_eH3QvswHtsP61LIIPb/_ssgManifest.js

188.114.96.1

200 OK

707 kB

URL GET HTTP/3
nest.rip/_next/static/rK_eH3QvswHtsP61LIIPb/_ssgManifest.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
ASCII text, with no line terminators
Size
707 kB (706596 bytes)
Hash
b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/rK_eH3QvswHtsP61LIIPb/_ssgManifest.js HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"4d-18d74ee6bfe"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iKxAIlop%2FcI5e0Drg8nrFI0vPyxRMZYO7%2Bu2PKSIG0ionJgoTXbQZGKxT7wHDhBOcnp6fjxJNklrpUKtm8HewEt8iuGxwqHv7vspkdq%2F3nZauZyfJuZQ%2Fk1Oqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20baf5a8c5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/68a1bdb3-5036-4b8d-9197-cbbf1841919c.png

188.114.96.1

200 OK

33 kB

URL GET HTTP/3
cdn.nest.rip/avatars/68a1bdb3-5036-4b8d-9197-cbbf1841919c.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
33 kB (32990 bytes)
Hash
9953d8eff47badfdcc6d7418ba517fe3
55d57f1a40eb799f2f3671ce9f00530ca2b4749b
bc21b3a5d6467ccd84f0915e3770c5f73a059a134eb404b3be1df239984c0b8b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/68a1bdb3-5036-4b8d-9197-cbbf1841919c.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: image/png
content-length: 32990
content-disposition: filename="avatar.png"
content-security-policy: block-all-mixed-content
etag: "9953d8eff47badfdcc6d7418ba517fe3"
last-modified: Wed, 28 Jun 2023 18:58:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B0B7122DD44AA6
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 13eb0e20-9f02-4d46-99c9-12497603765a
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fiGaqhk8hf9gZtbzJgfMYnpjuThH7z7EY%2BSNWkHjLSsG8XCMdIhawrvrYwbAIZglz3f6NAScRidPdLmXq%2BLimaTGTZ6s6s8lama2KsimyGbUJEbAt4709%2FVOLRhC%2FL4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb3783ab503-OSL
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/4a8cad77-cd2d-4094-bcdb-a0c4a828f73b.jpg

188.114.96.1

200 OK

54 kB

URL GET HTTP/3
cdn.nest.rip/avatars/4a8cad77-cd2d-4094-bcdb-a0c4a828f73b.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 216x216, segment length 16, progressive, precision 8, 563x555, components 3
Size
54 kB (54110 bytes)
Hash
ed8eacb2771c39f81645e1ca53d5c16f
8c2bc37c076bda8353ed3f086a1b90fc5ac17c56
f1f32c86c36ff90ae23f76c9d5c00b04a58a827d854306360bf8ac2ac8d56e6f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/4a8cad77-cd2d-4094-bcdb-a0c4a828f73b.jpg HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: image/jpeg
content-length: 54110
content-disposition: filename="raccoon.jpg"
content-security-policy: block-all-mixed-content
etag: "ed8eacb2771c39f81645e1ca53d5c16f"
last-modified: Thu, 15 Feb 2024 07:00:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B3F724A5796EC3
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: fc286833-5d4a-4953-b1fe-526cadb2e8f5
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
age: 266
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYC9i%2BQRBfR1aS4uv%2BG21z4ASbYietNO3cr2zf4iV7KXbkL2bgNQYcvCtK0JLX%2F1XSfRvA2WArRqNY3DSQDk%2BqVjgasIYW2UtD0%2B6eg6EvtzVTBLA5Ag7iCWphvzfvg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb3783bb503-OSL
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/e67729a4-9eb5-471e-a7b7-c41d1ba4d32b.png

188.114.96.1

23 kB

URL GET
cdn.nest.rip/avatars/e67729a4-9eb5-471e-a7b7-c41d1ba4d32b.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
23 kB (22643 bytes)
Hash
b9ddd123d21d1ab07852c28310a9b89a
c9c3dc87f9015863f1f4345550733317e55c759a
4a5de79bba7b5b2519801a0e7f877dc7bafaf78f5d4e80f4c3e53e2e226b9e48

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/e67729a4-9eb5-471e-a7b7-c41d1ba4d32b.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:18 GMT
content-type: image/png
content-length: 22643
content-disposition: filename="avatar.png"
content-security-policy: block-all-mixed-content
etag: "b9ddd123d21d1ab07852c28310a9b89a"
last-modified: Sun, 25 Sep 2022 09:14:35 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B870EBB09A2036
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 69a6b27f-ed03-4c9c-839d-f4d396937fb7
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SI3zxjfmzcou%2FojjRGU%2B9E%2BV%2BCCsqFXL4D%2FXOVErT6dQ2YkOpBfkjRu6MFxJYuh5JpsoQe2wd6744tI0CKkcdf3ZM9%2FxI8q%2Fl5UinkBw2WuCDt9AUn2afQ8p3n3ERKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb3783db503-OSL
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/470cfa90-d0fc-41ae-b269-8b009726042f.gif

188.114.96.1

2.5 MB

URL GET
cdn.nest.rip/avatars/470cfa90-d0fc-41ae-b269-8b009726042f.gif
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer

File type
GIF image data, version 89a, 256 x 256
Size
2.5 MB (2519112 bytes)
Hash
67a3d89dba22872d469ccf636c611a93
18874a5287b7ccb0a87a089fb9b5b49a8031accd
b1de0a6f335a916f9c0606d713c86639a5ba38827e812279ea2b4dec57e1ff92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/470cfa90-d0fc-41ae-b269-8b009726042f.gif HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:18 GMT
content-type: image/gif
content-length: 2519112
content-disposition: filename="a_89e000bf26c0603fe7b2e9b25c9dcad0.gif"
content-security-policy: block-all-mixed-content
etag: "67a3d89dba22872d469ccf636c611a93"
last-modified: Sat, 02 Mar 2024 10:40:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B8EC714510C56E
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 1b9a5c31-51a6-4512-ad33-4833d8899292
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ySDl%2FwRd15a3rBvI78u0oL9mvus4GYZVeP6ndZ9oIiMa8bKjrBc0UGriTHqhyQkx8ERNfXGVwik%2FdiSv42nK2g9bD1Z0hf9NgDKPqgUWdpYOvvJvjEbSUULkdfi1Mk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb3783fb503-OSL
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/685ceac9-3967-4ef3-9559-13346f0b5d7f.png

188.114.96.1

200 OK

33 kB

URL GET HTTP/3
cdn.nest.rip/avatars/685ceac9-3967-4ef3-9559-13346f0b5d7f.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
33 kB (33342 bytes)
Hash
1fa1690e2d412fad4b2582b1c2d5a1fb
468bb413cea354ff777d18e7ddb22dbce046ac03
a88ae5dcca921505136795dc4efc43cdc79807cebb35d0ab9211b51ad78b94f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/685ceac9-3967-4ef3-9559-13346f0b5d7f.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:18 GMT
content-type: image/png
content-length: 33342
content-disposition: filename="avatar.png"
content-security-policy: block-all-mixed-content
etag: "1fa1690e2d412fad4b2582b1c2d5a1fb"
last-modified: Wed, 27 Dec 2023 12:52:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B0B7EB6DD97F22
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 16da23c7-5c71-4988-b3b8-a8f0152ca032
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ApZ2yEt94GIZtKSdTDchxxzv7rGaY2CzeEWhvrqdTCHBpOcdPIRcdALbU9%2BAqntJw77clYhXtigrTnT%2FyvyfP2HdnS%2FXJrlNLqqtWnkFau%2FPqAIgBo%2FNzqRNucPRbQE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb37840b503-OSL
alt-svc: h3=":443"; ma=86400

nest.rip/_next/static/chunks/framework-314c182fa7e2bf37.js

188.114.96.1

200 OK

60 kB

URL GET HTTP/3
nest.rip/_next/static/chunks/framework-314c182fa7e2bf37.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
60 kB (60033 bytes)
Hash
5bd298c20954c2772f8ad65ca27c4eae
72b0e21afa49c51796d11b630303514efa02c865
d3d2829d5775394638e8ba87d83bb5e42b77a5248aaf6b2ffbf0457e079f0be4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/framework-314c182fa7e2bf37.js HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=141007
etag: W/"226cf-18d74ee6c02"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h1skRr%2BeWmweI5xUf1IFftcZgR7CxchfTxJ14Yg4okltbSWu79f195%2Bph3pn3QWV1bLl7TtTFtO2%2BIxBwfj%2FGKUon4G0pCftejhNejTPwaFkbAgjFu2B2w9szw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20baf4a7d5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/28a72b25-020f-4c33-a127-a4e09d33f9af.jpg

188.114.96.1

200 OK

7.3 kB

URL GET HTTP/3
cdn.nest.rip/avatars/28a72b25-020f-4c33-a127-a4e09d33f9af.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 400x400, components 3
Size
7.3 kB (7288 bytes)
Hash
cb045f16fecabfc1abd8279ea77175df
1fd348df6d9d0c603d7cc87471e404571548677c
11743ae95cc863c28deffa6a28d616d87986479928e5aa3114d4efdc03eba2c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/28a72b25-020f-4c33-a127-a4e09d33f9af.jpg HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:18 GMT
content-type: image/jpeg
content-length: 7288
content-disposition: filename="DrCoomerHvH.jpg"
content-security-policy: block-all-mixed-content
etag: "cb045f16fecabfc1abd8279ea77175df"
last-modified: Mon, 27 Feb 2023 16:43:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B0B6A579DD9BFF
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: a22acbb9-b5bc-48e9-9c7c-c7308643d331
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V21BAVMl%2FgDSD1%2FCY1Rnf2u0RcjL4eZfehsQBQWNVOuoIIcPiOC7LVCw9aIZNsOx5NM%2BP732%2B1IJjyXWnyn%2Bn7Sk5R6dbnjiXPQ5X8OIM0R0o9jdMLO%2FNEEQabm7S4U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb38842b503-OSL
alt-svc: h3=":443"; ma=86400

nest.rip/api/stats

188.114.96.1

200 OK

4.2 kB

URL GET HTTP/3
nest.rip/api/stats
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
JSON text data
Size
4.2 kB (4166 bytes)
Hash
7d987f891b93be84d8f300f5acd2d665
6df12d3d5d0923e50588fb2c31d8c848f0d16121
5e10c4f2f33bdee2e9b790a0dc4cb311b4aeaa722817b9e3d8cb5c036e200a75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/stats HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/json
x-xss-protection: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
x-dns-prefetch-control: off
x-download-options: noopen
x-permitted-cross-domain-policies: none
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
x-ratelimit-limit: 5
x-ratelimit-remaining: 4
x-ratelimit-reset: 1714087042
x-ratelimit-resource: stats
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUK74HZHkxSRBeTXsdYmQjjI8AwIKmzqZVxZm71yvm1eIcx8Omr%2Fu%2BwGerVL77uSrB5J9duoeqwKfRSlknmJo85MF0RBYPx%2BodrusJe%2Frak0hprnR7OHLKst6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a20bb22bf25684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/7a591297-9813-4bfa-aa56-06355a6385fd.png

188.114.96.1

200 OK

456 kB

URL GET HTTP/3
cdn.nest.rip/avatars/7a591297-9813-4bfa-aa56-06355a6385fd.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced
Size
456 kB (455801 bytes)
Hash
00ef587f1506ec70b1729f43e466ece5
a10440c57f772a45ba385d293286711de21cd266
524b63f216a9fc8eddd70a90dcb82b85dd1349c02e91f00aab0fad96f6282481

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/7a591297-9813-4bfa-aa56-06355a6385fd.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:18 GMT
content-type: image/png
content-length: 455801
content-disposition: filename="dfc72880d23e23c824bca0761ba9b530.png"
content-security-policy: block-all-mixed-content
etag: "00ef587f1506ec70b1729f43e466ece5"
last-modified: Sat, 18 Nov 2023 16:00:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17BF53DE8EBCB762
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 682654ae-ed88-4343-bc3f-be6d7c4bbf28
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckG7yzjqpbcT7W%2Fms1B0ydufe2X5O7ehETRyS0naPSf6DgVD0xN5fVnETJJecokq1eRboasUuUmonW7gExl7sMingiF%2FdBIQi%2Be0EGNy7bggp14%2BmzWBCTEOfq7YgJM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb38846b503-OSL
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/4d0924c6-8293-476a-af40-87fb85c463a3.gif

188.114.96.1

200 OK

738 kB

URL GET HTTP/3
cdn.nest.rip/avatars/4d0924c6-8293-476a-af40-87fb85c463a3.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
GIF image data, version 89a, 600 x 432
Size
738 kB (737663 bytes)
Hash
a88be005a4626616477febdaa7164c88
a81eca79128340452a41c1ef95847fc0874318be
cfc2577a703f7e57c6e2b683e545cccfbb650fffddac8b0fc247fb708341bf2c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/4d0924c6-8293-476a-af40-87fb85c463a3.gif HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:18 GMT
content-type: image/gif
content-length: 737663
content-disposition: filename="d34a5b5a-493f-4b81-8c55-068b7fb46374.gif"
content-security-policy: block-all-mixed-content
etag: "a88be005a4626616477febdaa7164c88"
last-modified: Fri, 10 Nov 2023 09:45:40 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B0B78F6DB88C28
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: b108ed9a-6631-45db-8a09-c2f8be1d0472
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2B5TqBGHFl0Voh%2FSN6D6wMH4HAskoC3UxdYjlSjWAQxD9rQXF9TgKIHsYvQ2JNlS%2BIo8eRXclcSc51jE4sh%2BnCLK7XNDMZpAR5sjcjLucnFm3L2XFruPd1WvCT6AIgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb38848b503-OSL
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/51b63ded-f8f2-4cdc-950b-a82ce01ae805.png

188.114.96.1

200 OK

4.9 MB

URL GET HTTP/3
cdn.nest.rip/avatars/51b63ded-f8f2-4cdc-950b-a82ce01ae805.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
GIF image data, version 89a, 128 x 128
Size
4.9 MB (4931350 bytes)
Hash
fcd67fdb7cb70a721d109b307e2683bc
ca7f544960984fcc5f2576c7c94872025987fa2e
7e603cd07d09cbb4f692fd6e12bf9d883d7de8ed5de3389c7c845b1aaa74eb56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/51b63ded-f8f2-4cdc-950b-a82ce01ae805.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:18 GMT
content-type: image/gif
content-length: 4931350
content-disposition: filename="avatar.png"
content-security-policy: block-all-mixed-content
etag: "fcd67fdb7cb70a721d109b307e2683bc"
last-modified: Thu, 22 Sep 2022 16:18:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B0B709A158730D
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 1a174d76-f750-45cf-b903-7fb2cf7899e7
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
age: 267
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GPvWXTMVfdv6LB1hPB2ZKi%2BJTxlyl6rVHndtICmqGNTQdJoyGX9In3xCi9uwgQVyFSAN%2BKWLmQ%2BdCBr9Njih8tlakmSheZt%2F4AIfEY%2Bz3OFlc68HuQJbYZK9GDZuW%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb38849b503-OSL
alt-svc: h3=":443"; ma=86400

o1377474.ingest.sentry.io/api/6716465/envelope/?sentry_key=d1b0aef14a634ea48678ded634fc3103&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.86.0

34.120.195.249

200 OK

41 B

URL POST HTTP/2
o1377474.ingest.sentry.io/api/6716465/envelope/?sentry_key=d1b0aef14a634ea48678ded634fc3103&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.86.0
IP
34.120.195.249:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerDigiCert Inc
Subjectingest.sentry.io
Fingerprint60:82:0B:58:64:CD:37:FD:3F:C0:84:4F:0B:69:CF:58:05:15:97:9A
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
ea6405a843784f31866aa6720d428268
caea34156520021b5d590da93da757a24962ceb6
6234f8efca48cf753de593a8ddd1f6e3950679fba9af838f86059bd9a3277c11

HTTP Headers

POST /api/6716465/envelope/?sentry_key=d1b0aef14a634ea48678ded634fc3103&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.86.0 HTTP/1.1
Host: o1377474.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nest.rip/
Content-Type: text/plain;charset=UTF-8
Content-Length: 25452
Origin: https://nest.rip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:17:19 GMT
content-type: application/json
content-length: 41
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nest.rip/_next/static/chunks/pages/index-f00673a69fd8e1aa.js

188.114.96.1

200 OK

7.2 kB

URL GET HTTP/3
nest.rip/_next/static/chunks/pages/index-f00673a69fd8e1aa.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
JavaScript source, ASCII text, with very long lines (6218), with no line terminators
Size
7.2 kB (7171 bytes)
Hash
e20a1b33176efe454fd9413a91ca3012
cf0d728e51bc9a9798bf28b900989dad2c83434b
d3c5fb1e8567f0f92c12a133161251b1c5e18b2ce1b98e5f550e38f4c3193d0a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/index-f00673a69fd8e1aa.js HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"184a-18d74ee6c02"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfY8%2Bp1MJzj3uuVejaGz0oB48wPOkbD69BIagJle0GoShnIl%2FXhuN9eHJrCif6yd%2BbOX5sZX0Cx%2BOMz%2BbwzGuZLAlppcvNohYsH1p7LfMN1nqPJFnazw1mxxew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20baf4a875684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

nest.rip/_next/static/chunks/webpack-d5182cb0ee7ca713.js

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
nest.rip/_next/static/chunks/webpack-d5182cb0ee7ca713.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
JavaScript source, ASCII text, with very long lines (5921), with no line terminators
Size
12 kB (11732 bytes)
Hash
74ff0c81a6e026b5b6f64ab2f6b222d5
ce07a0d5ddadec8b2df45ef9339c4901d758cc8e
09fe282fe5618037756e54f953264182b46ee0a8cbc8e797d37674a46fe5f11c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/webpack-d5182cb0ee7ca713.js HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"1721-18d74ee6c02"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFV%2BmJ1oxGKBI%2BVSn7DNenBAc8j9FhJLx%2BjTGevteaZf35DVEc1HC3bvuQvt8VUtKEEZj6OZxKXO7dhH%2B87jwt4q7wL6kb6n0Ui8N3wMnKeAhYr7T8vcL%2BQ2eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20baf4a7b5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/934f90c5-00d9-410b-9344-fabcf669e6a1.png

188.114.96.1

200 OK

4.1 kB

URL GET HTTP/3
cdn.nest.rip/avatars/934f90c5-00d9-410b-9344-fabcf669e6a1.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4109 bytes)
Hash
ea244442bc1ecc2ede12f840b5008709
599dacf13c288d39509e2cdb206c5d11b79c2ea1
9c0ec041bfadda6603ac2819410087df351bdf57846ac8f816d2026b46600fde

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/934f90c5-00d9-410b-9344-fabcf669e6a1.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:18 GMT
content-type: image/png
content-length: 4109
content-disposition: filename="avatar.png"
content-security-policy: block-all-mixed-content
etag: "ea244442bc1ecc2ede12f840b5008709"
last-modified: Sun, 07 Jan 2024 21:26:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B12837E4CB4261
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: a880543a-d51f-4dda-99f3-ec99988a39be
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BIxk3JPDJEyxN2L8q%2B0GgxR1JMYZWfXWIvP4WLg%2BcVMsaVCNf6lIcEB0vgvGa%2BUaB3J7exHGEQqoHHa1riJ%2Boe34EzH8%2BiJsvz2rdtEJwfwNe%2B6LKoTVMyI4cJ8O%2BZQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb38843b503-OSL
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/911163b7-df7a-489b-a84f-5fc8aafd8d7a.png

0.0.0.0

0 B

URL GET
cdn.nest.rip/avatars/911163b7-df7a-489b-a84f-5fc8aafd8d7a.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/911163b7-df7a-489b-a84f-5fc8aafd8d7a.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

nest.rip/_next/static/rK_eH3QvswHtsP61LIIPb/_buildManifest.js

188.114.96.1

200 OK

3.9 kB

URL GET HTTP/3
nest.rip/_next/static/rK_eH3QvswHtsP61LIIPb/_buildManifest.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
ASCII text, with very long lines (4128), with no line terminators
Size
3.9 kB (3900 bytes)
Hash
e74921dd585e81c9104d8c95310ca89c
baded8a5e0a23350add530031ba1e9bda7bb5186
92dbfb397412e80c0273f32718e77d522172edd4ba3426306b7b3b88698702ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/rK_eH3QvswHtsP61LIIPb/_buildManifest.js HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"f3c-18d74ee6bfe"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2fLwhDZesc6c3Eiy0s%2BQ7JHXGqv6SEN09P7lhaEDWUtbipTCzCVnpmMm5IIJdw9ePVwR2eZSc6dA6rL%2FNakIJO35By7sIvDyKF4vIOAkvh9vo3vygD6C2%2F30xA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20baf4a885684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/cef0eac2-1545-4e68-a585-58fd679006cb.jpg

188.114.96.1

200 OK

706 kB

URL GET HTTP/3
cdn.nest.rip/avatars/cef0eac2-1545-4e68-a585-58fd679006cb.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 2320x3088, components 3
Size
706 kB (706544 bytes)
Hash
83c22eb04196e492993fb1fb5a1c4d27
6762d334bb8629144db388639f1943f5023d707b
61a76e4f46cbb72da5a96a59e3a134aa3cc6ba5b5700c38cf8f748877f531f53

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/cef0eac2-1545-4e68-a585-58fd679006cb.jpg HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: image/jpeg
content-length: 706544
content-disposition: filename="IMG_8960.jpg"
content-security-policy: block-all-mixed-content
etag: "83c22eb04196e492993fb1fb5a1c4d27"
last-modified: Thu, 08 Feb 2024 11:47:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B86365501A7D40
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 0985a5f0-88af-40ad-87f9-5dffd4452507
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fB1Q3sqv4UM0xqODnNOkhEzNvLvelJ4aUde9JXyJH9penlCocEzdBRTnIIzsey5pnBQCeQJnRXoSX6HPekt2c7nHU4ZZ%2Bh7VGXwENcXR017HYSXocnr6dIf%2BgPH3huU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb36838b503-OSL
alt-svc: h3=":443"; ma=86400

nest.rip/_next/static/css/e6628ce32f421bf6.css

188.114.96.1

200 OK

260 B

URL GET HTTP/3
nest.rip/_next/static/css/e6628ce32f421bf6.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
ASCII text, with no line terminators
Size
260 B (260 bytes)
Hash
9b6e0610b3b93f0e7444f04f7c41d728
2da82da6578a5791dcdb6e5751d7e42d0c09ef14
f533b84444532a0896c93bf175c645c082b554bec99064961a19904c0fcdf128

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/e6628ce32f421bf6.css HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"104-18d74ee6c02"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=idzRJbdlDV1XdSE%2FLUwzP8NXviIJHKsRVHTdAhTyz9JDuhxZgragzUF%2BdvaomMpMrtfcAolXjf0OLHoL727Skr9kNRuDCNW%2BlJljv4HFHmaiUKRxh7CEVt0Esg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20baf4a795684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

nest.rip/_next/static/chunks/252f366e-e6ab085e72168946.js

188.114.96.1

200 OK

2.0 kB

URL GET HTTP/3
nest.rip/_next/static/chunks/252f366e-e6ab085e72168946.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2126), with no line terminators
Size
2.0 kB (2048 bytes)
Hash
a0c3ef3626705bb817b1545648c7b7e6
109785125caeab8a1a500ddd4179811deaf23d14
4221678265008ea59c8de7eef7ca3b253de62b9975d40036054b51df4fc74994

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/252f366e-e6ab085e72168946.js HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"800-18d74ee6c02"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bl%2BzO%2FraZ65HXCCRWRnZldIwrFfA6AECzQN1NiOv0ZTJCnCiwD1tbBR2eiy3oXKjQLlUlT83NGiAxKgIIloG1sK4DRwhpi8IBs1ZCH62nD%2Fbh%2F%2Fc3nhXbxF5Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20baf4a845684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/934f90c5-00d9-410b-9344-fabcf669e6a1.png

0.0.0.0

0 B

URL GET
cdn.nest.rip/avatars/934f90c5-00d9-410b-9344-fabcf669e6a1.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/934f90c5-00d9-410b-9344-fabcf669e6a1.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

nest.rip/_next/static/css/25ea4d054657ce8b.css

188.114.96.1

200 OK

8.0 kB

URL GET HTTP/3
nest.rip/_next/static/css/25ea4d054657ce8b.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
ASCII text, with very long lines (8050), with no line terminators
Size
8.0 kB (7991 bytes)
Hash
5f82024888a034c4a0f162742d87cb05
6f015d2c70cec343ec7e976af14142d0b2e9de29
2d0fb3d48df92cc10145a5a1377150a548b1515087d661b99f7a1c9f7ab9ee12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/25ea4d054657ce8b.css HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=7994
etag: W/"1f3a-18d74ee6c02"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=waFsbOmlFGOXjzXRCvHOzArIWrzOPE9vC0Zm4C%2B7sqDvtB7AjQqaUgrGJ3cG%2FYzxFSQw8IZIvS5Q1TrqtebxjsNBKcgkCQldu%2FN2V2nKpMt3aq0F2Z8qXszAYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20baf3a775684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

nest.rip/_next/static/chunks/pages/_app-5b4adf06232fc9cd.js

188.114.96.1

200 OK

788 kB

URL GET HTTP/3
nest.rip/_next/static/chunks/pages/_app-5b4adf06232fc9cd.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type

Size
788 kB (788187 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/_app-5b4adf06232fc9cd.js HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=788750
etag: W/"c090e-18d74ee6c02"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tHBLPLt09POuhMqTuQECmBfMxZDDNIS0XozJVKuKa955zL4UGzSLsf4xDe57ic5IkA92qqB4YRaxcfNgfX%2BQ9YFjb6ZVBD4Li%2BwvcODnSJs3X0d6zOs4AfIBtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20baf4a825684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

nest.rip/api/testimonials/random

188.114.96.1

200 OK

2.1 kB

URL GET HTTP/3
nest.rip/api/testimonials/random
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
Unicode text, UTF-8 text, with very long lines (2281), with no line terminators
Size
2.1 kB (2066 bytes)
Hash
cba5d08dedddc89c259118209571fd51
ff5b28b31cd738027f717d7b6daf6ab9a8a72ff1
c1deda97bb5ef6fc2666c01eee66def3be9a7d0f149ff481052e58e61a35ae5d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/testimonials/random HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/json
vary: Accept-Encoding, Origin
x-xss-protection: 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
referrer-policy: no-referrer
x-dns-prefetch-control: off
x-download-options: noopen
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
access-control-allow-credentials: true
x-ratelimit-limit: 30
x-ratelimit-remaining: 29
x-ratelimit-reset: 1714087097
x-ratelimit-resource: randomtestimonials
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYRtUQB8jigrXVb%2B4%2FmNYmwucCmzFUweknPcI4%2BtKK5uo17TzB%2B4Omp0wGaq%2Fo%2B1hLrjLIzBGOP16QuqAHYDf3E6H8AKmxzharMygbkigMWNLsdwLLU67y4Rng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a20bb22bf15684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

nest.rip/?ref=viewer

188.114.96.1

200 OK

19 kB

URL User Request GET HTTP/2
nest.rip/?ref=viewer
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
HTML document, ASCII text, with very long lines (19366), with no line terminators
Size
19 kB (19366 bytes)
Hash
3d378e5113fc3119810b761d5d51b471
fb6975838c8540be92d82c3df3f6b40d624abed9
f64f50b67a1e82a30723096ec6e52e549a956acfdee2d0fbe755874c04d94dee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?ref=viewer HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 23:17:16 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: HIT
age: 25587
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvvcIHBy1py6jdNtW5SKeF1aa%2BBtlUvIDcBUPrFv%2BEuE4ZIGR31MT30FKS7IOLNCNt1gKEnG4QoUE458x9XLwMbTWfBto53GqmijMmMn9SSNRd5sdOFGsw5abg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20bacff6256af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

nest.rip/_next/static/chunks/main-84820d2644612ea9.js

188.114.96.1

200 OK

109 kB

URL GET HTTP/3
nest.rip/_next/static/chunks/main-84820d2644612ea9.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
109 kB (109433 bytes)
Hash
b257acb41d52390cfcde9125882da05e
802146d57f116c1e663054f294efe2fa657ccd47
a9519209117c7dc0cd7cdf90714a1c2fcc194c7c1185b9e9ceb42ea2c26c9f13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/main-84820d2644612ea9.js HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=109434
etag: W/"1ab7a-18d74ee6bfe"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=197E2jJfaEImg5x0Be%2B%2B2gvTX7XfyorigubfvcCw740QlMFpkH1QOxtjFPObhIv1ZIQzJnMgXOyMQnhGlqzPo6tRcCnqHoHv8ga4XrcY4Er9TSYjABz9koalhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a20baf4a7f5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/cef0eac2-1545-4e68-a585-58fd679006cb.jpg

188.114.96.1

200 OK

447 kB

URL GET HTTP/3
cdn.nest.rip/avatars/cef0eac2-1545-4e68-a585-58fd679006cb.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 2320x3088, components 3
Size
447 kB (447436 bytes)
Hash
86f7c0bda27ec878843838e71af0a6de
bf54966b4f2af54ee239d6bfa8e21702ab84715c
96715bbdf958609f4c8731415df941d7ceff8e3bddbda700b9659234c1700146

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/cef0eac2-1545-4e68-a585-58fd679006cb.jpg HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:17 GMT
content-type: image/jpeg
content-length: 706544
content-disposition: filename="IMG_8960.jpg"
content-security-policy: block-all-mixed-content
etag: "83c22eb04196e492993fb1fb5a1c4d27"
last-modified: Thu, 08 Feb 2024 11:47:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B86365501A7D40
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 0985a5f0-88af-40ad-87f9-5dffd4452507
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XqhJ%2FwpPP0g%2BT7StTBTaklzEIvuZecTxvyD6MfJ%2F%2BR0GaqfdRkifwX8E9LkuMJb7vlN7NVUUPEkkjo9k1IzUKPguZAeVxErgzDwXebi5ZZyXkUE4Zv1o21ThCd83o7I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb2fc405684-OSL
alt-svc: h3=":443"; ma=86400

cdn.nest.rip/avatars/911163b7-df7a-489b-a84f-5fc8aafd8d7a.png

188.114.96.1

200 OK

14 kB

URL GET HTTP/3
cdn.nest.rip/avatars/911163b7-df7a-489b-a84f-5fc8aafd8d7a.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nest.rip/?ref=viewer
Certificate
IssuerGoogle Trust Services LLC
Subjectnest.rip
Fingerprint79:3D:BD:34:B7:04:93:EE:01:77:10:F1:42:55:97:26:DF:14:19:B5
ValidityFri, 01 Mar 2024 06:06:49 GMT - Thu, 30 May 2024 06:06:48 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGB, non-interlaced
Size
14 kB (14489 bytes)
Hash
3abed542e44481e9651abc5fa5528910
c90a4e2b6512773983fd5ea01ea56cbb2581195d
b3aaab41bdb2ee596f815d9a5f7033e682b5bd0f3498e786cecba2ca97310c99

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /avatars/911163b7-df7a-489b-a84f-5fc8aafd8d7a.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:17:18 GMT
content-type: image/png
content-length: 14489
content-disposition: filename="davatar (1).png"
content-security-policy: block-all-mixed-content
etag: "3abed542e44481e9651abc5fa5528910"
last-modified: Sat, 14 Oct 2023 13:19:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17C6C6BAE34F7B06
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 7dc36403-d5c6-48cd-9af3-ad566b14916f
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xFTbZDzYk1MJl8JbJgH%2F1nOpDtSBsF19x9NEw22rGvp6r8kj%2Byp0iWiztksiCrtgYkg2RIGHRcmE%2F2Kcg5Hfkd8Aaotec2iSzd4LtqLDA76Mxy2VwShiNK8zEnIwJN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a20bb37841b503-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML