Report - cv.brstej.com/

Report Overview

Submitted URL
cv.brstej.com/
IP
104.21.11.206
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 22:39:44
Access
public
Website Title
فيديو برستيج - رمضان 2024
Final URL
ser.brstej.com/ind6
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-25	422 B	71 kB	142.250.74.168
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-25	853 B	98 kB	151.101.130.137
cv.brstej.com	unknown	2018-07-27	2023-02-27	2024-01-16	468 B	796 B	104.21.11.206
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-04-24	517 B	75 kB	104.21.27.152
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-24	438 B	7.7 kB	104.17.24.14
woafoame.net	unknown	2022-10-26	2022-10-26	2024-03-28	397 B	94 kB	139.45.197.239
atshroomisha.com	unknown	2023-01-10	2023-01-10	2024-02-24	458 B	37 kB	139.45.197.251
ser.brstej.com	unknown	2018-07-27	2024-02-11	2024-02-23	15 kB	3.0 MB	104.21.11.206
ts.knappedmurshid.com	unknown	unknown	No data	No data	418 B	1.5 kB	23.109.170.241
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-25	439 B	28 kB	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	knappedmurshid.com	Sinkholed
2024-04-25	medium	woafoame.net	Sinkholed
2024-04-25	medium	atshroomisha.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	ser.brstej.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-05
Pretty URL ser.brstej.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.21.11.206 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-05 16:28:32 Times Seen43696 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	79 B	2023-04-16	2024-04-28
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-16 10:54:19 Last Seen2024-04-28 04:11:38 Times Seen48 Hash c0cc0fb0141f52b9fc5bf5bf281531ac 29942c5675c543f8d2edc686e80cf4bf0e10bb70 74c38e29231738f71a0b9ebec39d21fcb041847dad58079457731f0481a6e7ea Loading...

	unknown	247 B	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 00:39:51 Last Seen2024-04-26 00:39:51 Times Seen1 Hash 9a7ad4996c5796c6b8183ec559c48bb2 303033a285ca5c90488b0d1eeceb9d57f3175190 f4e8f53b2b5ced12f1c1e001944da5d9df8a143d9158c3b57e8e00d92eb770d8 Loading...

	woafoame.net/5/2617099	93 kB	2024-04-26	2024-04-26
Pretty URL woafoame.net/5/2617099 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 00:39:51 Last Seen2024-04-26 00:39:52 Times Seen2 Hash a56330e35d3920ec87d77e9af5466b66 5ee41f27ed699ec0f8b4e6ff1cc88d78c491172f 1b584a27221a1719b3c8fd9d90bcbd9e61b41d3b2b3b772f64c6cb9bf70c3ca8 Loading...

	ser.brstej.com/ind6	1.1 kB	2024-04-26	2024-04-26
Pretty URL ser.brstej.com/ind6 IP 104.21.11.206 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 00:39:51 Last Seen2024-04-26 00:39:51 Times Seen1 Hash 91083760f0811d289910abeb830cb37f b834f8ae7b62f32178fd6f16b1c8b70a451cf530 9adf338e3c163f0f2bbd061a347a7931c5149447f3f7f319198db084edb17c6a Loading...

	unknown	56 B	2023-04-16	2024-04-28
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-16 10:54:19 Last Seen2024-04-28 04:11:37 Times Seen48 Hash cae6f8624c66f13833c0cb65d1a7d4f3 38913a239bfe49bb031bc0bba5130fdde4a9dddd 41557c099d9a65a2febcf471b7cc43a2fc76a213f40eb129e19d06c2f3d64ce0 Loading...

	ts.knappedmurshid.com/rfggw7P0400YGk6Qa/78621	0 B	2023-03-07	2024-05-05
Pretty URL ts.knappedmurshid.com/rfggw7P0400YGk6Qa/78621 IP 23.109.170.241 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 16:40:46 Times Seen37363393 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07	2024-05-05
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-05 15:59:01 Times Seen2275 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

HTTP Transactions (40)

URL IP Response Size

cv.brstej.com/

104.21.11.206

301 Moved Permanently

167 B

URL User Request GET HTTP/2
cv.brstej.com/
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET / HTTP/1.1
Host: cv.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: text/html
content-length: 167
location: https://ser.brstej.com/
cache-control: max-age=3600
expires: Thu, 25 Apr 2024 23:39:18 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yFGoMGqH6PxJHETNcLFd5%2BCQekgwCL6UCWvdoebXXQb4ERRArm2cSbtRt1NE8CZ8ese12hFO67I731D9TIlPY1KMSdhD%2BEhKzj9D2C1iX4BEXaJeJ6%2BEOYtLHhWlGwPA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d40b5fb0569c-OSL
X-Firefox-Spdy: h2

ser.brstej.com/ind6

104.21.11.206

200 OK

118 kB

URL User Request GET HTTP/3
ser.brstej.com/ind6
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (55377)
Size
118 kB (118472 bytes)
Hash
6ab2b0774703d0c8998ebed59774208f
d6b97a11a1ea2465809e3ec3852a8b1c411a6629
718c3fe10659506158298fb829fe78c4fcb843ae602b645b829479ebde3db912

HTTP Headers

GET /ind6 HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241; path=/
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PoMU2of98jkzHq%2BLQg1lA3soFZOJUZ5SVK7rxoDkLkgDmhY1DpiCdoAYRTXMVGly2uZzy%2FjYNoNh3KfO1yt3laDWc5%2BqEokFbNlYYUa7ZjWTpfr0bo5w3pG94nEhvKZgaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d40c1846b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/uploads/articles/63c7fb44.jpg

104.21.11.206

200 OK

113 kB

URL GET HTTP/3
ser.brstej.com/uploads/articles/63c7fb44.jpg
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 25.0 (Windows), datetime=2024:04:14 19:01:49], progressive, precision 8, 1280x720, components 3
Size
113 kB (113286 bytes)
Hash
f4b937269ff5b1d056075b1e3944870b
50e21f96fdb7e518fc9c23e25cad01718d06abdc
b5327d8fde546578c9adcab263d04ef23e1eb1e75d9ec7fdcd54ee4c9c4a0597

HTTP Headers

GET /uploads/articles/63c7fb44.jpg HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: image/jpeg
content-length: 113286
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Sat, 22 Jun 2024 11:29:57 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 211143
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CK0PE7%2FygDPGcmIe8C1CeJFCUDhRwAn6S1YdXnwpV8WxzRznCluMoWLdcsSAkTLtSp5fs1uo2Q3XtY9y0R4gf9OR2D0QyjR4WqLN7guqNh1GnbJotFiLvxGVQEjxdfQH%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d40e8961b524-OSL
alt-svc: h3=":443"; ma=86400

ser.brstej.com/uploads/articles/725ebd51.jpg

104.21.11.206

200 OK

114 kB

URL GET HTTP/3
ser.brstej.com/uploads/articles/725ebd51.jpg
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1280x720, components 3
Size
114 kB (113598 bytes)
Hash
9eba652200668685f9a83d0ead5ade37
7b5644d2ff70b49f77371d52fe2d6cd83b143be3
c9049ca57ae5207cb93d994ed2996e2b059a38bb068699a367e7b58118f557eb

HTTP Headers

GET /uploads/articles/725ebd51.jpg HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: image/jpeg
content-length: 113598
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Sat, 22 Jun 2024 11:29:57 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 210760
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B6fgarw50hwsXf7mq7l2nMILSpGBr6hd8Q8E0LqrAJXERjn5JtVVWU%2BmRo05ZxVTQJ%2Bdp%2BZNCz%2BWxOUeJxj5SokGiaRS649QOvWHloy1L884bYTDheWBjExNTCGJ7pqOcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d40e8962b524-OSL
alt-svc: h3=":443"; ma=86400

ser.brstej.com/uploads/articles/be886a3c.jpg

104.21.11.206

200 OK

42 kB

URL GET HTTP/3
ser.brstej.com/uploads/articles/be886a3c.jpg
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 640x360, components 3
Size
42 kB (42469 bytes)
Hash
45eedbfc3376ec9f4d1e65d8df801e8a
9af430b70ada9bc9b06fa9e0047c7ed67b6ec63b
1e085942828a38810b3c4473c08a56a3e16ce2bf2cbfaea48dd0df91b3a9a8d6

HTTP Headers

GET /uploads/articles/be886a3c.jpg HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: image/jpeg
content-length: 42469
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Sat, 22 Jun 2024 11:30:08 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 200205
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b9MjPRfjtJuThzJ%2FBY4dNp5PxqugcxhKh7ev9%2FhK4nMRVM9eH6NS2XRr4aRu8uucEwhcMxr0QTPt5xmz9pC8PsX%2BK0LDIHlx3xJlgp4HbmEjzOU3nUN%2FZAiJ6%2F7o9YkCLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d40e8964b524-OSL
alt-svc: h3=":443"; ma=86400

ser.brstej.com/uploads/articles/48aff55a.jpg

104.21.11.206

200 OK

86 kB

URL GET HTTP/3
ser.brstej.com/uploads/articles/48aff55a.jpg
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 640x360, components 3
Size
86 kB (85500 bytes)
Hash
9cd6a4ccdc73e6d215adf3a75cefa3a5
a40f26ae748c28b4268f957f014b4646a300574f
dd7556cb97b36daf565e911a8f910a4f71c7f459163aa217aa9902fb90479df8

HTTP Headers

GET /uploads/articles/48aff55a.jpg HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: image/jpeg
content-length: 85500
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Sat, 22 Jun 2024 11:29:59 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 186615
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mkzcoy3czoNAz0D1c%2Bj6AWuSwJISdR7cQ0szAg3KWcFEvGN8GRqwv%2FRXtvd41jLdCbut7JAWH7sZ6GigqW1iOfSpk4MJM%2BpbrA5r6fTBnY8au3ll4nXKCcgb6zOsvdd8yg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d40e9966b524-OSL
alt-svc: h3=":443"; ma=86400

ser.brstej.com/uploads/articles/789bbbca.jpg

104.21.11.206

200 OK

99 kB

URL GET HTTP/3
ser.brstej.com/uploads/articles/789bbbca.jpg
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop 25.0 (20230820.m.2296 c61c3a5) (Windows), datetime=2023:09:16 00:43:02], baseline, precision 8, 640x360, components 3
Size
99 kB (98644 bytes)
Hash
023bea69b0da852ba32ebe1e7a0155b7
e85dad56e5e996aa34c7342a703eb834fc3e1ec2
0e3562d63a30beabcb380bce99a7f97145c9273699dec9ddad29e7aa46d2685c

HTTP Headers

GET /uploads/articles/789bbbca.jpg HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: image/jpeg
content-length: 98644
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Sat, 22 Jun 2024 11:47:06 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 90733
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KA4BwjuVldKLB0lElvAAGOWoW1bZNAGdBpF%2F5Ss7TstkWXSDhByYiy%2FU7cYinx80NYO2wkNEdptptb9gi2%2Fjk1T6G5xt0vRjsedj9d6Mk9VrmD89SIlS9Rc%2BK%2Brgi0SmKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d40e9968b524-OSL
alt-svc: h3=":443"; ma=86400

ser.brstej.com/uploads/articles/2378acc7.jpg

104.21.11.206

200 OK

126 kB

URL GET HTTP/3
ser.brstej.com/uploads/articles/2378acc7.jpg
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop 25.0 (Windows), datetime=2024:04:24 12:43:48], progressive, precision 8, 1280x720, components 3
Size
126 kB (126311 bytes)
Hash
acd456a22f6f810462bbdf60387584b7
9e33d31432dd86023a16ecf472d36ad2791ebad6
ee94ff18c57f815933accc9ad61771d2ee0a64b12ee2b6c883a5ad4602ed4b10

HTTP Headers

GET /uploads/articles/2378acc7.jpg HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: image/jpeg
content-length: 126311
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Sun, 23 Jun 2024 10:44:04 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 129228
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GDmpkYZuDMeMhjnbfQZh2pIPbr1fZKoJT2KS%2FTE3OIoUs57up2O1nAQd3kVDAipxMb%2FxLRvBTHGmaEhvZVReQyRGhv7Hm60QRQO4VnHC9v3vuYEKgZmbetsXifoPxCv69g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d40e996bb524-OSL
alt-svc: h3=":443"; ma=86400

ser.brstej.com/templates/echo/img/icon-play-32.png

104.21.11.206

200 OK

997 B

URL GET HTTP/3
ser.brstej.com/templates/echo/img/icon-play-32.png
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
997 B (997 bytes)
Hash
ea1127907510687e825fd657c1121d4a
8a5b9bdfcffa195c39167263f02f189fff3e538b
4d18d3ef853281593de2203fe3e73f934878efc4a22c7bce67967274c82e8c4b

HTTP Headers

GET /templates/echo/img/icon-play-32.png HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: image/png
content-length: 997
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Sat, 22 Jun 2024 11:29:57 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: UPDATING
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 212856
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQZromaT%2BznZKJ84pR1zyKXwL1eETcAtpJ1ktFT%2B3y01bRZ6Z1CJ3nVDuVOL9Tq%2B3jF9%2F8gZrJolfuoEO8zXwZ%2BAP63VM1b6qj5BJghg%2FdcZAijCnFNhY%2FxNP4jMdJjq6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d4101a7db524-OSL
alt-svc: h3=":443"; ma=86400

use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2

104.21.27.152

200 OK

74 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.8.2/webfonts/fa-solid-900.woff2
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74328, version 329.-17695
Size
74 kB (74328 bytes)
Hash
64b3e814a66c2719b15abf8f7998bd73
fa5c5d34c7c375aa3e101f0b8104b6cdbcacd6a6
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

HTTP Headers

GET /releases/v5.8.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ser.brstej.com
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: font/woff2
content-length: 74328
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "64b3e814a66c2719b15abf8f7998bd73"
last-modified: Fri, 22 Sep 2023 01:45:59 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 968850
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04hNw0fFLoyPO8OdRhA6OfT0yVo2ZfKvE5t6jj5r0mClg%2FZfNKyJiKw8cHBfcQ%2BrwvJDuD46v0SG%2Fhf1OEG3XLluD92FdRsdY%2Bit9wwv1AP3LJdBgr45NLJ2I0D%2F7RdtnFapIfBA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d410589356c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ts.knappedmurshid.com/rfggw7P0400YGk6Qa/78621

23.109.170.241

200 OK

20 B

URL GET HTTP/1.1
ts.knappedmurshid.com/rfggw7P0400YGk6Qa/78621
IP
23.109.170.241:443
ASN
#7979 SERVERS-COM

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectts.knappedmurshid.com
Fingerprint07:7D:5E:23:04:B0:33:E0:4E:C3:0A:2D:A0:13:74:28:81:69:93:77
ValidityTue, 02 Apr 2024 06:35:48 GMT - Mon, 01 Jul 2024 06:35:47 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rfggw7P0400YGk6Qa/78621 HTTP/1.1
Host: ts.knappedmurshid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 22:39:19 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ser.brstej.com
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Fri, 26-Apr-2024 22:39:19 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 26-Apr-2024 22:39:19 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

104.17.24.14

200 OK

6.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (20831)
Size
6.6 kB (6646 bytes)
Hash
56456db9d72a4b380ed3cb63095e6022
6dbce88aee15b42f29083df7a07513cf3b486ba0
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

HTTP Headers

GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 6646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-520c"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 92988
expires: Tue, 15 Apr 2025 22:39:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QoAfK%2BuvNk7W3V6EknPEzhyRO6MaPVZ4n3LbenoBrrEn2LbZYQMLE%2BgLCCIcPCVEkwSMPzWG4EpNoKepABlAl5COpRK3A6EXKmrZHgKMud7Kg6WtsiT2OHUPKYcsexB6kvUTNoRR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a1d410da585689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-61820443-1

142.250.74.168

200 OK

70 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-61820443-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (1763)
Size
70 kB (70163 bytes)
Hash
e35629ca8b8056b82cd40f3484ea648b
017a03f681e07d66abbddca18d2c471cff0acd66
ea012371b4054b92461a7c0194cb7693262f6edb594ee22aa61a8eb9bad4e893

HTTP Headers

GET /gtag/js?id=UA-61820443-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 22:39:19 GMT
expires: Thu, 25 Apr 2024 22:39:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70163
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ser.brstej.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.11.206

302 Found

0 B

URL GET HTTP/3
ser.brstej.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 25 Apr 2024 22:39:19 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vwtGC13yHuDxi9vyCYMzWfEMT5eFS%2Fz%2B%2FJla7OwFyLHjdighbcSziCZNtRbU%2B0Gx2qH%2BP4afrq0W0ZQX0KS58OyyIjKV3ozuaOCAGxO6Fd3meLN9V9ONB89XibXXb3DvOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d4113b5db524-OSL
alt-svc: h3=":443"; ma=86400

code.jquery.com/jquery-3.5.1.min.js

151.101.130.137

200 OK

90 kB

URL GET HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ser.brstej.com
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 22:39:19 GMT
age: 1613878
x-served-by: cache-lga21981-LGA, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 1878, 28020
x-timer: S1714084759.247872,VS0,VE0
vary: Accept-Encoding
content-length: 89476
X-Firefox-Spdy: h2

code.jquery.com/jquery-migrate-1.2.1.min.js

151.101.130.137

200 OK

7.2 kB

URL GET HTTP/2
code.jquery.com/jquery-migrate-1.2.1.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7085)
Size
7.2 kB (7199 bytes)
Hash
eb05d8d73b5b13d8d84308a4751ece96
743052320809514fb788fe1d3df37fc87ce90452
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

HTTP Headers

GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-1c1f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 22:39:19 GMT
age: 127803
x-served-by: cache-lga21931-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 51, 11347
x-timer: S1714084759.284872,VS0,VE0
vary: Accept-Encoding
content-length: 7199
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.bundle.min.js

104.18.11.207

200 OK

27 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.bundle.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
27 kB (26580 bytes)
Hash
21f815ff6d1883c4e81d821d38ff4070
386ea8bd17f21149c4e3a2303665fe6398e4e7d0
f67b782ec5a62c8fcedb89535bcf48cc02ae06a119e3b97fe2b875fad1ff358f

HTTP Headers

GET /bootstrap/4.5.2/js/bootstrap.bundle.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"21f815ff6d1883c4e81d821d38ff4070"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 01/04/2023 07:42:15
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1075
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ba1a90cc64407703ecdb537a105f3583
cdn-cache: HIT
cf-cache-status: HIT
age: 3599242
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a1d4110a107131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ser.brstej.com/templates/echo/img/favicon-16x16.png

104.21.11.206

200 OK

4.2 kB

URL GET HTTP/3
ser.brstej.com/templates/echo/img/favicon-16x16.png
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
PNG image data, 116 x 73, 8-bit/color RGBA, non-interlaced
Size
4.2 kB (4230 bytes)
Hash
a58528d8d31d299f452abb1d69198afd
e4d362e7891712b56d19d87eb697c9d800931a7b
51e49c12a7cacced200a901ff4c86db3257a4d307a98d320cdee69c3e1432951

HTTP Headers

GET /templates/echo/img/favicon-16x16.png HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: image/png
content-length: 4230
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Sat, 22 Jun 2024 11:29:57 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 212852
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PjJsYsv0G%2FPdSa7SuSCBr%2FRiQSDopJq6%2FCSxlxChvlMEyobd6SXGKBjTbJUxlNs9p%2B1VJMCX95b8Q4DTmDZvUVJ8l8GCujxH5Jnpdy5s%2BsAdqWg5qjoUcH%2FtCcQmsqnwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d4127c0bb524-OSL
alt-svc: h3=":443"; ma=86400

ser.brstej.com/play.png

104.21.11.206

404 Not Found

8.1 kB

URL GET HTTP/3
ser.brstej.com/play.png
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
HTML document, ASCII text
Size
8.1 kB (8073 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /play.png HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N3j3cV%2F03Vn%2FR4Hg3R4GfNgmOdcDqGBrHSmcLnl6bN5SwpWrp%2BzX%2B5%2B4Z86TnMR%2BY%2Bg0uxbii54gZ%2BrlFKTO0Nvah82hCu2OAYKnObvK7qlTeEeNHyqEyaX9ZlkGoQEYSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d4101a7eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/index_old.php

104.21.11.206

302 Found

974 kB

URL User Request GET HTTP/2
ser.brstej.com/index_old.php
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type

Size
974 kB (974216 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /index_old.php HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: text/html; charset=UTF-8
location: /ind6
cache-control: max-age=2592000
expires: Sat, 18 May 2024 11:34:54 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZKlXHyjZ20Q%2Fc9M8YUvndx7r0D4G2E6V%2BHwQ57R%2FgXODdYHCYh%2Bf85bUS2yLgg7yyGWhKFTbl%2FZhW3voK8sKQcUjIxF8wa2w77UKOwz9o%2FZU%2BcoCRPJnigcVBvgAMRfQ5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d40bcfe4569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ser.brstej.com/templates/echo/js/jquery.cropit.js

104.21.11.206

200 OK

28 kB

URL GET HTTP/3
ser.brstej.com/templates/echo/js/jquery.cropit.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, ASCII text, with very long lines (27266)
Size
28 kB (27578 bytes)
Hash
cd82e0edbcecf087be901e8e7ed0d035
2cedce9f87501152efa36eb1949d95c0ca4ff200
b8a0d09df5a79e5e9494b3061eeff55883870c66714879886348c5095faa7840

HTTP Headers

GET /templates/echo/js/jquery.cropit.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
cf-bgj: minify
expires: Thu, 23 May 2024 11:29:56 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 212855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nh1Hq4QWDBgS5so6Bv6%2FbWvYdJuIWhUlgKZD5grAUPYa0D%2BQOBrRszud99jFe3gW6gU8NVEtwx5Xim8%2FGx%2BJipL19hTU2RDLin2CWS3FQ0RM%2FMgRb9rAj4j4KlFQFn%2F41Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d4106ac8b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/js/jquery.typewatch.js

104.21.11.206

200 OK

1.4 kB

URL GET HTTP/3
ser.brstej.com/js/jquery.typewatch.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, ASCII text, with very long lines (1476), with no line terminators
Size
1.4 kB (1440 bytes)
Hash
f3989a1b6fad291e198cac5399cb0bd7
4e98f0e4f6c96bef7e8d95be4af3b772895ca1ff
d9ee03f77286531633c2ea6bc7dcc3141322ecb2967e57990a280ad719c2d5c8

HTTP Headers

GET /js/jquery.typewatch.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=1745
expires: Thu, 23 May 2024 11:29:57 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 212855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSZE4IrHPWYTidZP7fMCRDRQFu%2B5Z521uvcSsUf87kSQA659PK0%2F63EYlN7XYE25fax6YpyKRLWNGaWdESH9MqX8yLmMgg5dtYKo5CcfBo6tdEmJbJjwaE9GaV2Xx36s%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d4107ad4b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/templates/echo/js/slick.min.js

104.21.11.206

200 OK

40 kB

URL GET HTTP/3
ser.brstej.com/templates/echo/js/slick.min.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, ASCII text, with very long lines (32012)
Size
40 kB (40461 bytes)
Hash
ed79a524576de38d04a004a482b42724
e7fb1cc9bdad19cf7296f90e23fa7c4b19b91880
34e8e27e1679a10fa7dd6192389f38fb491e89a482aea9690dd4c10538cc10bf

HTTP Headers

GET /templates/echo/js/slick.min.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Thu, 23 May 2024 11:29:59 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 212855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=885R7FsojtC4slTPFWW9oYg4KSYJYZkDXT5ZbW5Pjr5ZPjDz%2B1gWpyPnte%2FYqrx0XgJMfpLKRuqL5RqwlDrKOnkSOgkQDpdOgDb4ftHjXy7Njgis4gRZHjmou96oj3bu1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d410caefb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/22.png

104.21.11.206

200 OK

7.7 kB

URL GET HTTP/3
ser.brstej.com/22.png
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
PNG image data, 154 x 76, 8-bit/color RGBA, non-interlaced
Size
7.7 kB (7706 bytes)
Hash
bba04f832ec75a54f0df60e15bd76e0d
b2c8684343114294ca02ac252726c4596658749d
34c392ae42fe121d86493cfec8be234970e65b27e2d6e954c6e4daa84f48e65f

HTTP Headers

GET /22.png HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: image/png
content-length: 7706
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Sat, 22 Jun 2024 11:29:56 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 212855
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=emMhKF%2B88IiC2mcWEMmZ2ihVOTbXAlPkMwPXKkJdI%2FVaONfJNUpDt5hfO0XAS06dJKqeyO46F8qhrEhuYtAuqslQuHcqF2OOpPdXrIajLSbhTxYHTsO8ZoiShwi2hYJ%2FpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d40e795ab524-OSL
alt-svc: h3=":443"; ma=86400

woafoame.net/5/2617099

139.45.197.239

200 OK

93 kB

URL GET HTTP/2
woafoame.net/5/2617099
IP
139.45.197.239:443
ASN
#9002 RETN Limited

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectwoafoame.net
Fingerprint59:5A:04:5C:BB:18:BD:85:7E:4B:85:38:96:A9:A1:7E:76:F5:A1:42
ValiditySun, 18 Feb 2024 05:07:08 GMT - Sat, 18 May 2024 05:07:07 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
93 kB (92875 bytes)
Hash
a56330e35d3920ec87d77e9af5466b66
5ee41f27ed699ec0f8b4e6ff1cc88d78c491172f
1b584a27221a1719b3c8fd9d90bcbd9e61b41d3b2b3b772f64c6cb9bf70c3ca8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/2617099 HTTP/1.1
Host: woafoame.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: application/javascript
x-trace-id: dde342ce9edc7dc94cdf168b1758b059
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00804954fc894444f68d804eccbbac08; expires=Fri, 25 Apr 2025 22:39:19 GMT; path=/; secure; SameSite=None
oaidts=1714084759; expires=Fri, 25 Apr 2025 22:39:19 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

ser.brstej.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

104.21.11.206

200 OK

7.9 kB

URL GET HTTP/3
ser.brstej.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, ASCII text, with very long lines (7894), with no line terminators
Size
7.9 kB (7894 bytes)
Hash
c4b49a0eab8449c8a7c583bb375765c5
09faaf2deec3df17a65012709f1aeefc449e78d6
1b4fdac0b121610f807de96d35bede24567d38d6e3827329eee60f7f48a49dae

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
content-encoding: br
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLgGsVpm16ZR9uHEzcusldp3nDXN4HTfoML8dwYP4V%2BxPyafloxrAvISk0G9Jw%2FAA5mr%2Fq2jbUtBGlcS5AfWj0vQsVIo1EUGMb6Vzk%2BTmDP5SPGP6iJUsnzeuCra7xA8ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d4128c0eb524-OSL
alt-svc: h3=":443"; ma=86400

ser.brstej.com/

104.21.11.206

302 Found

974 kB

URL User Request GET HTTP/2
ser.brstej.com/
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type

Size
974 kB (974216 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: text/html; charset=UTF-8
location: /index_old.php
cache-control: max-age=2592000
expires: Sat, 18 May 2024 11:34:54 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rE9wb1g5x1dR5ABFWAwbRawUJ1bcCIF8OvYsAJra7NDLaxUTaqUG%2BRMGz%2FplkRjN59PFfsvWtWb0CxuaK8avRaVkmcXrk%2FGFyD8nny%2BBzpqCYIxJfQtsEigm%2BBe%2BkwZsDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d40b8fbf569c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ser.brstej.com/templates/echo/js/jquery.plugins.b.js

104.21.11.206

200 OK

9.1 kB

URL GET HTTP/3
ser.brstej.com/templates/echo/js/jquery.plugins.b.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (9411), with no line terminators
Size
9.1 kB (9131 bytes)
Hash
1b02a70cc7878be5b5b5452897fc60dc
21fab17c4e5f1732e9346c0a9bd9011fd1d75807
2db3190c81c530ff9b389c56d9d2f8038781b324d63e9ffaf08000872ae6446d

HTTP Headers

GET /templates/echo/js/jquery.plugins.b.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=9509
expires: Thu, 23 May 2024 11:29:57 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 212855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jEdqBkQxvSUTu5NTToJKCh9POnbpwIibpc70MeBmkhJ4diPpX3gxoQdz5AbYfQi4oKo%2FLVt9hdq2KnxIFd0HgiMwsMl%2FpOPGHXU%2BuI4P96PXsHwIriXUSJzRAbh4POMrMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d4106acbb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/templates/echo/js/theme.js

104.21.11.206

200 OK

44 kB

URL GET HTTP/3
ser.brstej.com/templates/echo/js/theme.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type

Size
44 kB (43639 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /templates/echo/js/theme.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=44718
expires: Thu, 23 May 2024 11:29:57 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 212855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fo6kKr42X1IFq1Iztmeo0gYkNpfqhe76AyGU%2BGjMbB29XZ16f9ti2gU5AvThU1rjDR%2B7KuIwVsld7XKMJ1GOL20qqHS2TLHT%2B9I9M9qj%2BLMuXxrggHczi7hn6i71aXNuIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d410baecb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.11.206

200 OK

12 kB

URL GET HTTP/3
ser.brstej.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 20:54:07 GMT
etag: W/"6622d9ef-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UXRsTmqk%2F%2Bw35n2mM%2BOmDgY6SL5C3Trg2etEyaoCeCE2ySN0%2BGukzx7qNhuCk1ylq33eEG%2BmIXq5G9DSOx%2BkTi0RRpn3Bj3dQERWijGnK69j5S8l3SAuztvkDluIYKX6yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d40e9970b524-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 27 Apr 2024 22:39:18 GMT
cache-control: max-age=172800, public
content-encoding: gzip

ser.brstej.com/templates/echo/img/azpple-touch-icon.png

104.21.11.206

200 OK

4.2 kB

URL GET HTTP/3
ser.brstej.com/templates/echo/img/azpple-touch-icon.png
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
PNG image data, 116 x 73, 8-bit/color RGBA, non-interlaced
Size
4.2 kB (4230 bytes)
Hash
a58528d8d31d299f452abb1d69198afd
e4d362e7891712b56d19d87eb697c9d800931a7b
51e49c12a7cacced200a901ff4c86db3257a4d307a98d320cdee69c3e1432951

HTTP Headers

GET /templates/echo/img/azpple-touch-icon.png HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: image/png
content-length: 4230
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Sat, 22 Jun 2024 11:29:57 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 212852
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFlpegvcZqw1WLPVw6tdLdG2vE9jLY3iT9WB9%2F%2Fr7Ubk2bW1MD1muhVPbh2kGd0225om5SFNinLYaNdPOrOj8tu4lfJSGGfbkKxpaFK0MZSG8Geumch%2FkgL8KMW9QDHQAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d4127c09b524-OSL
alt-svc: h3=":443"; ma=86400

ser.brstej.com/js/bootstrap-notify.min.js

104.21.11.206

200 OK

8.2 kB

URL GET HTTP/3
ser.brstej.com/js/bootstrap-notify.min.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, ASCII text, with very long lines (8540), with no line terminators
Size
8.2 kB (8216 bytes)
Hash
d0084824fa4041e8ec98bf9d11d6d9e6
511e08759bed4b71d75fc3d6929918e7ab1dc6eb
06365f15c222c6cd5751f5b1c027be557898324121b4708bec2a51c03a77ed2c

HTTP Headers

GET /js/bootstrap-notify.min.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Thu, 23 May 2024 11:29:57 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 212855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDT4iq9P2wKVYd%2FaTvx078jN5Ydpq0DdJE026rw1GTwdaIJIjw73ljGVquunVqzB9GGBWbGg8%2B4LbCBVjHSBVbhqBd%2B%2B0635d2lC8%2BxyamsOrf6VWM1rNL8UZ2LJyjI%2B3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d4107ad3b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/ajax.php?p=stats&do=show&aid=904&at=1

104.21.11.206

200 OK

0 B

URL GET HTTP/3
ser.brstej.com/ajax.php?p=stats&do=show&aid=904&at=1
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ajax.php?p=stats&do=show&aid=904&at=1 HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:18 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=2592000
expires: Sat, 25 May 2024 22:39:18 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78R%2Flx6YHtXX0hlGnW2rT1zEQMQBbk%2FvcUWWgIYTVC6Csw7bdY5Jo7opYpXmhaFHDE5KCr%2BFh9EnIh8Pgd%2FPu7EH2p9M0AgA47n00Poo%2BHOkwOKpGH96oC9jJl%2BTUTvaXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d40e996eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

atshroomisha.com/pfe/current/micro.tag.min.js?z=7368298&sw=/sw-check-permissions.js

139.45.197.251

200 OK

37 kB

URL GET HTTP/2
atshroomisha.com/pfe/current/micro.tag.min.js?z=7368298&sw=/sw-check-permissions.js
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectatshroomisha.com
FingerprintB9:4D:54:C5:60:D9:6A:D5:C3:86:C2:DF:96:EF:51:52:C6:88:E5:A0
ValidityWed, 14 Feb 2024 05:06:40 GMT - Tue, 14 May 2024 05:06:39 GMT

File type
JavaScript source, ASCII text, with very long lines (37142), with no line terminators
Size
37 kB (37142 bytes)
Hash
32d6dbd00a639e2cd10d1704b9159bd5
0dab4c95675393f1d0e13d20f13d80ee12e41d95
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=7368298&sw=/sw-check-permissions.js HTTP/1.1
Host: atshroomisha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:53 GMT
etag: W/"662a3515-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

ser.brstej.com/templates/echo/js/jquery.readmore.js

104.21.11.206

200 OK

3.4 kB

URL GET HTTP/3
ser.brstej.com/templates/echo/js/jquery.readmore.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, ASCII text, with very long lines (3525), with no line terminators
Size
3.4 kB (3399 bytes)
Hash
c6979ecdd1afd6a79e4c9d8b62bfd064
e5e8f421833447bee665616bfc9fda7bc705d78f
8ba9cdb40fceabda5c5ad2269d4546003256e4c0a770687343cee216fe267cb0

HTTP Headers

GET /templates/echo/js/jquery.readmore.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=3422
expires: Thu, 23 May 2024 11:29:56 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 212855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SxyBTMvovGnjAUn4HSe0NTUr2h8Tv%2FjVgkz77XdU9UDCm7C3ARU1cbkiKJWMpNe19WiyZksWorAA5zRVfII%2BFpZ%2BPJ6dF7GGCbSI47yCV%2FT45ADMiSZh8MCWKUwCOLAb8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d4106acab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/js/melody.dev.js

104.21.11.206

200 OK

16 kB

URL GET HTTP/3
ser.brstej.com/js/melody.dev.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, ASCII text, with very long lines (2302)
Size
16 kB (15865 bytes)
Hash
f2bf056198be59f92547935fd4c968f0
cba85174a3d6d68fcff3a2e6238f1d6150b58fce
244926b75ad193faf7a694c602d5819576e2d953dc43849395dedfa841f5ea53

HTTP Headers

GET /js/melody.dev.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=23108
expires: Thu, 23 May 2024 11:29:56 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 212855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vihnOcwbpB2coqX47ekjqZUhF72CsBNC0On4oqdHZvGS5PpYwaPe3ugDhcUVb%2BFgn2KWt0ySHVRwlzG89mp2xN10AbGafxmvRGeM4SzFyupXx5e%2BTkV4HTxbKfd0CQE2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d4107ad2b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/templates/echo/css/fonts/Droid.Arabic.Kufi.ttf

104.21.11.206

200 OK

82 kB

URL GET HTTP/3
ser.brstej.com/templates/echo/css/fonts/Droid.Arabic.Kufi.ttf
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 15 names, Microsoft, language 0x409, Digitized data copyright � 2010, Google Corporation.RegularDroid Arabic Kufi:Version 1.00Version
Size
82 kB (81544 bytes)
Hash
a0c3e1769ab6afabe688540dfa7047cd
d50de62714d47f0175a0468ce3693358b87fb286
31c6665135ae41b092153cd6480be82fad706ca9bd465784be70c00b8643308d

HTTP Headers

GET /templates/echo/css/fonts/Droid.Arabic.Kufi.ttf HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: font/ttf
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
access-control-allow-origin: *
expires: Sat, 22 Jun 2024 11:29:58 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 212253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cVkQ9%2F5VBTVB0%2BanCA71dLL0O3om4X99ODNO3khWqjYt7T1GDyNbHxOveEuHsWXm0JnP%2B%2BCr6XaaiAkEJfTW1ebnBhDkfA8ga0CTQqwpoPcfUxZQHIiH%2Bn18RGsF4FA3gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a1d4101a81b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/templates/echo/js/jasny-bootstrap.min.js

104.21.11.206

200 OK

20 kB

URL GET HTTP/3
ser.brstej.com/templates/echo/js/jasny-bootstrap.min.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, ASCII text, with very long lines (343)
Size
20 kB (20042 bytes)
Hash
f6b6e524d29d54ada53e4172b9d91cf7
427153c7a2d83d2ca800e397779f29b857801ad2
e7ad856551c720cb7c6a24a8bf4a9d6b6b24c24f07109cde96366338e53a4ff8

HTTP Headers

GET /templates/echo/js/jasny-bootstrap.min.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
expires: Thu, 23 May 2024 11:29:56 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 212855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OdDasrHc%2B5ah1nCcPCdTnm6zCyv762YAqhFY7yorekXHcWSuXMNgs9mnKbvNgAu9UNj6cw023QhzPPUQ%2FPQWkuhnCUh%2BTsKppr6VjF8OEtRIQeZxwqN2sPl7JQO4kF1a4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d4107acdb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/templates/echo/js/jquery.plugins.a.js

104.21.11.206

200 OK

9.5 kB

URL GET HTTP/3
ser.brstej.com/templates/echo/js/jquery.plugins.a.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, ASCII text, with very long lines (9736), with no line terminators
Size
9.5 kB (9490 bytes)
Hash
4983c6c466a34742eab06d54aa11c249
4f14efc4cbf9f23228dea8e955bd14247111d5df
6f05eefe0dec7b5f620b6af01a87efeb1d59dd64f912abb4bbd7468b314d0a26

HTTP Headers

GET /templates/echo/js/jquery.plugins.a.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=9792
expires: Thu, 23 May 2024 11:29:56 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 212855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6k9Fs1Q2fnivzRnlj7hBtfnEJaqn92dJiDPO0rt4IXBLL%2BmwaVE%2FYeLe%2FfCwDBK5ib6OsTQIWIHjHIN8OdZz4i7P0CsTGhJo64UEAaDN45%2BE0L9kLKBtpOH%2FPZPnyAfGZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d4107ad9b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ser.brstej.com/templates/echo/js/melody.dev.js

104.21.11.206

200 OK

5.5 kB

URL GET HTTP/3
ser.brstej.com/templates/echo/js/melody.dev.js
IP
104.21.11.206:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ser.brstej.com/ind6
Certificate
IssuerLet's Encrypt
Subjectbrstej.com
Fingerprint18:22:30:20:2F:43:FD:DC:13:D4:E0:5D:58:89:C3:BD:8C:9A:BE:09
ValidityMon, 18 Mar 2024 21:50:07 GMT - Sun, 16 Jun 2024 21:50:06 GMT

File type
JavaScript source, ASCII text, with very long lines (5563), with no line terminators
Size
5.5 kB (5480 bytes)
Hash
b9e7f1086ce052fb015b62ba9b802cc8
028189983cce5f22f346b9f9a944ee97eb19e9bd
b437704f63a38076015a3c20504d59e6fd292e14e7267eec35715621c05c36a9

HTTP Headers

GET /templates/echo/js/melody.dev.js HTTP/1.1
Host: ser.brstej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ser.brstej.com/ind6
Cookie: PHPSESSID=5b318d4ca54d8d5d067ddbcec28db241
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 22:39:19 GMT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=7677
expires: Thu, 23 May 2024 11:29:56 GMT
last-modified: Tue, 20 Jan 2037 04:20:42 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 212855
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c8oIG8MfPT%2BOtSl04YFB4d75mObkgs35MWfjEXoyApE%2F0dbSZT9FpDhVZY8u5XQo72%2FGxVm%2BZ%2BbzLyFRrOmI%2FTXlxwCdl8tg9P22KyzjyVtGJgFiurEdfqd7BdNa5C%2F9YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a1d4107aceb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (40)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/3

IP

ASN