Report - cerfoben.xyz/1/7.html

Report Overview

Submitted URL
cerfoben.xyz/1/7.html
IP
45.141.156.111
ASN
#206776 Ophidian Network Limited
Submitted
2024-04-24 08:43:22
Access
public
Website Title
CCleaner
Final URL
cerfoben.xyz/1/7.html
Tags
fake_software scam
urlquery detections
Scam - Fake AntiVirus / Security software

Detections

urlquery
10
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-23	1.1 kB	7.3 kB	142.250.74.35
translate-pa.googleapis.com	1620	2005-01-25	2021-11-04	2024-04-23	526 B	2.2 kB	142.250.74.106
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-24	486 B	11 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-23	2.6 kB	200 kB	216.58.207.227
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-04-22	1.8 kB	174 kB	104.21.27.152
threatdetect.org	unknown	2022-01-28	2022-01-28	2024-03-24	466 B	13 kB	172.67.177.232
translate.google.com	1156	1997-09-15	2012-05-30	2024-04-23	444 B	32 kB	142.250.74.142
translate.googleapis.com	1005	2005-01-25	2012-05-31	2024-04-24	1.7 kB	75 kB	142.250.74.106
cerfoben.xyz	unknown	unknown	No data	No data	7.6 kB	109 kB	45.141.156.111
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-23	427 B	32 kB	142.250.74.170

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed
2024-04-24	medium	cerfoben.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	use.fontawesome.com/f182237388.js	9.5 kB	2023-03-08	2024-05-05
Pretty URL use.fontawesome.com/f182237388.js IP 104.21.27.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:08:25 Last Seen2024-05-05 20:28:09 Times Seen181 Hash 642925e489914ab3dd425cb843636667 b1e9f31c4ef9543e82467d88db7b63933cd67556 5fc81f26f3ae5cce9fffb7bf98e91a71210defe0a685ba8eff16ce863524a131 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-06
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-06 00:11:33 Times Seen141646 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cerfoben.xyz/1/src/script/myjs.js	28 kB	2024-04-24	2024-04-24
Pretty URL cerfoben.xyz/1/src/script/myjs.js IP 45.141.156.111 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:43:29 Last Seen2024-04-24 10:43:29 Times Seen1 Hash ff44db84e0dd5c2e907af55359dd7cdc e77fdb3c15eb7ba6205b2a0c96ed3627e56d7dff 5cafccbd7b59af75e2bd24f210d7434a215383a633d5b5e698c5f4538d47fea0 Loading...

	cerfoben.xyz/1/7.html	38 B	2023-10-31	2024-05-05
Pretty URL cerfoben.xyz/1/7.html IP 45.141.156.111 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-31 06:51:57 Last Seen2024-05-05 20:28:09 Times Seen108 Hash 518779926bc5658ade8df84ea2f8b0e9 197b9ce340aae95551312b3ca7d41902e8c1ca53 854037d3c6e773ef2e0a8dc82efd78c0d9bca0bdbb62a92fb324c12e831cb16b Loading...

	cerfoben.xyz/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=wA/d=1/rs=AN8SPfqgs5B2z4NXPNgxvW-mvf_WtlMJyg/m=el_conf	90 kB	2024-04-24	2024-04-24
Pretty URL cerfoben.xyz/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=wA/d=1/rs=AN8SPfqgs5B2z4NXPNgxvW-mvf_WtlMJyg/m=el_conf IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:43:29 Last Seen2024-04-24 10:43:29 Times Seen1 Hash 63cb191f4af5277b6844ebaf9ed478dd fce2b1b49273f49e5db9072b1df1b39a8343f84f 4ada955dfbd5bfc3571b79737fad8c97f13933b053818f76f5a88c6c350d3368 Loading...

	cerfoben.xyz/1/src/script/smart.js	2.2 kB	2023-03-07	2024-05-05
Pretty URL cerfoben.xyz/1/src/script/smart.js IP 45.141.156.111 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-05-05 20:28:09 Times Seen687 Hash c9e9a54501fc6f6e8918b2c0f2a53981 3d530e6c830ccba6284e79c7245bb45d6f4f2197 491fdee141835401d29318ca584ac3e91a38c92d8694f26d90883bfc324ca454 Loading...

	cerfoben.xyz/1/src/script/lang.js	1.2 kB	2023-03-07	2024-05-05
Pretty URL cerfoben.xyz/1/src/script/lang.js IP 45.141.156.111 ASN #206776 Ophidian Network Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-05-05 20:28:09 Times Seen740 Hash fcd546809170dd574eb37b989529f69a 2e227e144e3b4bd68064354d8a7fbc61125f624c 350baff99bbd3db6cdb8d741bc7f75fa333489ad5dcc641e2cfa0e11130e1920 Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main	212 kB	2024-04-23	2024-04-24
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 20:52:05 Last Seen2024-04-24 21:08:14 Times Seen34 Hash b78a598053844b5ae2d3c1d98851d54a f75001b57e8d501345f9f6a24bb05b4da381022d c1e457211fafb84677e66e20fa411e5d6875dfced5e2e8727615589aa3434d02 Loading...

HTTP Transactions (36)

URL IP Response Size

cerfoben.xyz/1/src/images/logo.png

45.141.156.111

200 OK

10 kB

URL GET HTTP/2
cerfoben.xyz/1/src/images/logo.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
PNG image data, 200 x 52, 8-bit/color RGBA, non-interlaced
Size
10 kB (10480 bytes)
Hash
091c90c4476a57c0ddaf5a0c0a28925a
8c92fa755f306ffb916dbc3e991b0057fa1a2b1d
c017c2f665768f7a39ff4e2a2dcc17f8f80870e85fe9c0fafe397dc99fbc173d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/logo.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 10480
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-28f0"
accept-ranges: bytes
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/images/icon.png

45.141.156.111

200 OK

12 kB

URL GET HTTP/2
cerfoben.xyz/1/src/images/icon.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
PNG image data, 100 x 93, 8-bit/color RGBA, non-interlaced
Size
12 kB (12360 bytes)
Hash
52fece9e01ad7fdbdea864d7092fd592
1a63089799dccbfdb0a8340dd6212c8f2b437973
b22521c678565b857620062908125f70c4e25b31ecfdcaed6ae0335b3655a062

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/icon.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 12360
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-3048"
accept-ranges: bytes
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/images/icon_1.png

45.141.156.111

200 OK

1.1 kB

URL GET HTTP/2
cerfoben.xyz/1/src/images/icon_1.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1137 bytes)
Hash
d4d69630de198f952456bd95946cff99
63666fc0c400af0789069bcf8fb5ec3092e3c7b5
3bc79b2b43c6496e7be7ea2cc22838c9e14bd7d4ab27d049d8a01a6423607e87

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/icon_1.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 1137
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-471"
accept-ranges: bytes
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/images/icon_2.png

45.141.156.111

200 OK

2.4 kB

URL GET HTTP/2
cerfoben.xyz/1/src/images/icon_2.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2431 bytes)
Hash
fd22397dfe5d6d7349164ce82847fd53
dcc678c0c3c6d91d88b021081f280377fa65ee01
3c6902c5acb08e21fef1afb46bcf770245b6b942f0613d8063a5032065c4d317

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/icon_2.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 2431
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-97f"
accept-ranges: bytes
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.170

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 09:56:44 GMT
expires: Wed, 23 Apr 2025 09:56:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 81972
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/images/together.png

45.141.156.111

200 OK

10 kB

URL GET HTTP/2
cerfoben.xyz/1/src/images/together.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
PNG image data, 200 x 52, 8-bit/color RGBA, non-interlaced
Size
10 kB (10446 bytes)
Hash
d118bdbda92da73610b55b0c4a106703
a13b7367ed0e4ef481961e0f008cd566e1c6384a
81f7be75fe38bfde828e7d07d9bec3e71fbba6051aec121d394dd126d5947381

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/together.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 10446
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-28ce"
accept-ranges: bytes
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/images/atten.png

45.141.156.111

200 OK

2.5 kB

URL GET HTTP/2
cerfoben.xyz/1/src/images/atten.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
PNG image data, 100 x 89, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2453 bytes)
Hash
73ee5f5a65419cdae683e3ce557667c5
c63479fd67f9bcf0ff867e518ed12dbb223929fb
beaf85377ddd403e8beb6772e27ef87608e0da79d09e3080798c339d9b822135

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/atten.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 2453
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
etag: "65d7bdd6-995"
accept-ranges: bytes
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/images/icon_3.png

45.141.156.111

200 OK

1.0 kB

URL GET HTTP/2
cerfoben.xyz/1/src/images/icon_3.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
1.0 kB (1010 bytes)
Hash
118f0c5583f13e7f2e42ac3c34d54a4a
aca14f746b4889df053494c8fa043f8a4b22a511
746872277e95c813f0720fb138d445af664d09b0e9968bb2dfc453a4f30f75da

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/icon_3.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 1010
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-3f2"
accept-ranges: bytes
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/images/icon_4.png

45.141.156.111

200 OK

1.3 kB

URL GET HTTP/2
cerfoben.xyz/1/src/images/icon_4.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1288 bytes)
Hash
d4ce6e3f44d5ddcc50f3f1e88107b886
1b1969cff7e88bce4b1196551d6a44bef0ef6dcf
2d21436c30be8369abd4dcbf6b26d1c5d9db2f039c398d5c8aeba3db93d7d7a5

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/icon_4.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/png
content-length: 1288
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-508"
accept-ranges: bytes
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/images/action_1.gif

45.141.156.111

200 OK

1.1 kB

URL GET HTTP/2
cerfoben.xyz/1/src/images/action_1.gif
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
GIF image data, version 89a, 16 x 16
Size
1.1 kB (1125 bytes)
Hash
43a246e3403a1f973bf654aeb9577c96
0f8f2ce4658de33a21c569ad1eff628234a1ece1
08c54845cddc1d149dfcc2ec4c1cb554cdc618eaef67d7fb809540ac70f5df53

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/action_1.gif HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/gif
content-length: 1125
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
etag: "65d7bdd6-465"
accept-ranges: bytes
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/images/action_2.gif

45.141.156.111

200 OK

377 B

URL GET HTTP/2
cerfoben.xyz/1/src/images/action_2.gif
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
GIF image data, version 89a, 16 x 16
Size
377 B (377 bytes)
Hash
c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/action_2.gif HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/gif
content-length: 377
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
etag: "65d7bdd6-179"
accept-ranges: bytes
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/images/action_3.gif

45.141.156.111

200 OK

234 B

URL GET HTTP/2
cerfoben.xyz/1/src/images/action_3.gif
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
GIF image data, version 89a, 16 x 16
Size
234 B (234 bytes)
Hash
9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/action_3.gif HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: image/gif
content-length: 234
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
etag: "65d7bdd6-ea"
accept-ranges: bytes
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/styles/default.css

45.141.156.111

200 OK

2.9 kB

URL GET HTTP/2
cerfoben.xyz/1/src/styles/default.css
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
gzip compressed data, from Unix
Size
2.9 kB (2883 bytes)
Hash
118a7e5071db3a28b54a8414ce92cf85
df837ff6025281b8b66da65e562c59d0696f2d61
0262581edd4b920ca644b801e0b2c56d2f2d903b8e950e6c731e8c36127ce210

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/styles/default.css HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: text/css
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
vary: Accept-Encoding
etag: W/"65d7bdd6-2574"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 540477
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 540477
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 540477
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 540477
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

threatdetect.org/fonts/?font=aHR0cHM6Ly9jZXJmb2Jlbi54eXovMS83Lmh0bWw=

172.67.177.232

200 OK

12 kB

URL GET HTTP/2
threatdetect.org/fonts/?font=aHR0cHM6Ly9jZXJmb2Jlbi54eXovMS83Lmh0bWw=
IP
172.67.177.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectthreatdetect.org
FingerprintF6:23:B8:9E:08:03:83:36:F4:82:1C:31:29:E6:F5:FC:ED:66:02:14
ValidityThu, 18 Apr 2024 10:28:31 GMT - Wed, 17 Jul 2024 10:28:30 GMT

File type
data
Size
12 kB (12374 bytes)
Hash
e3011bd17ad8adb495fe66782d6f4001
a07d01543de2b118c64b1faf8b173ba18d5d0a7f
2699e5491e9fb3ff610533b80b2d8b0174e87a55ff05f08704705e75fd496201

HTTP Headers

GET /fonts/?font=aHR0cHM6Ly9jZXJmb2Jlbi54eXovMS83Lmh0bWw= HTTP/1.1
Host: threatdetect.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:42:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5F0OAKvdbnhz7sLjTzvzqtB44OQFhseSYeZQNBQyVza5MkQ0P9cOW6QNynqQna9f2Sg39effShcyLaOoV26fMtMQmcGcN1UaabOLj0avb%2BgXs5BhU1hsnrX8%2Bt0uRDS5%2FCjp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794cd8b0922569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css

104.21.27.152

200 OK

84 kB

URL GET HTTP/2
use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30343)
Size
84 kB (83915 bytes)
Hash
36082410df2ef7f83932219089dc1443
7961402d7d01e19387fe609a38454b0bc8c6cca4
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

HTTP Headers

GET /releases/v4.7.0/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/f182237388.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:42:57 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"36082410df2ef7f83932219089dc1443"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2505115
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twTMOur2s76uiZacTG4B8ZlLYqBEQSRKeWh%2BQzwT%2BbwA5Al4ljiFR%2FSx58YgyTeOkPPsjktjpMReXBvH6eYlRHW4y5wOZyDjqyNXutlU6xw0Z7CEEUSmnhG2qCWmjevoHju0oyw8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794cd8b6e010afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

142.250.74.142

200 OK

32 kB

URL GET HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D
ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT

File type
gzip compressed data, max compression
Size
32 kB (31500 bytes)
Hash
ef3262eac29d12e158328a9fe660d255
50e9380c6c1c030e4b8527a0ea98171800642215
df1b20b879d09cd387b22322c6288db99bed7c76aa751a3869394710140b741f

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 08:42:57 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css

142.250.74.35

200 OK

4.0 kB

URL GET HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
ASCII text, with very long lines (20367), with no line terminators
Size
4.0 kB (3960 bytes)
Hash
72d3a735ccca1027f6b3afba2c93e3a7
67f8eff8d17334c59c28fc1753bf451527c7490d
c8c845f55e2346b89894ce0df8185ee182359e096bf29987d5cf1f8a7391bef1

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:44:30 GMT
expires: Fri, 18 Apr 2025 02:44:30 GMT
cache-control: public, max-age=31536000
age: 539907
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main

142.250.74.106

200 OK

73 kB

URL GET HTTP/3
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (2308)
Size
73 kB (73076 bytes)
Hash
b78a598053844b5ae2d3c1d98851d54a
f75001b57e8d501345f9f6a24bb05b4da381022d
c1e457211fafb84677e66e20fa411e5d6875dfced5e2e8727615589aa3434d02

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.rAQgPhmzeTE.O/am=AAQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpElKtW5uNqS2LmP6f0mFEPK7-RPw/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 73076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 17:35:04 GMT
expires: Wed, 23 Apr 2025 17:35:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:10:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

216.58.207.227

200 OK

3.3 kB

URL GET HTTP/3
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
SVG Scalable Vector Graphics image
Size
3.3 kB (3340 bytes)
Hash
2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

HTTP Headers

GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 Apr 2024 18:58:28 GMT
expires: Mon, 21 Apr 2025 18:58:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 222269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.TpYxICw8iG4.L.F4.O/am=wA/d=0/rs=AN8SPfpVjmduEbJeaKDPJmqpx8swJVpW8A/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 20:51:29 GMT
expires: Wed, 23 Apr 2025 20:51:29 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 42688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback

142.250.74.106

1.4 kB

URL
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text
Size
1.4 kB (1392 bytes)
Hash
a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067

HTTP Headers

GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 24 Apr 2024 08:42:58 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=513=PYlEx4RmWuGz34gPNfsDcQtxZnuGKNFbxJ4Xa-iGuoI1--OnaA5eYrgBZ4_tzIv4OYkX62DFwaWAz-hZXGrDEXGjYUghSdRIw7TNw0ozJpHKq6NTIR_AXkmdVHdKqDpip946JYi0OXg9nTf4e9pYX0SV1AnaNz0eEoYfLHWMVHs; expires=Thu, 24-Oct-2024 08:42:58 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
expires: Wed, 24 Apr 2024 08:42:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap

142.250.74.106

200 OK

10 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
gzip compressed data, max compression
Size
10 kB (10371 bytes)
Hash
436785b99c2c2813bdecf4bf6a18016b
6516d58ec9bcd4c5f2f33889f4fe37a02306c581
fc32ec2258477241513378cbd3fe796f4123d1e94fd1ea5343be06136f2b0f89

HTTP Headers

GET /css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 08:42:56 GMT
date: Wed, 24 Apr 2024 08:42:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.106

200 OK

0 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://cerfoben.xyz/
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://cerfoben.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Wed, 24 Apr 2024 08:43:07 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0

142.250.74.106

200 OK

131 B

URL POST HTTP/3
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JSON text data
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cerfoben.xyz/
X-Goog-AuthUser: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1178
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
access-control-allow-origin: https://cerfoben.xyz
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Wed, 24 Apr 2024 08:43:08 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cerfoben.xyz/1/src/script/myjs.js

45.141.156.111

200 OK

28 kB

URL GET HTTP/2
cerfoben.xyz/1/src/script/myjs.js
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type

Size
28 kB (28302 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/script/myjs.js HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
vary: Accept-Encoding
etag: W/"65d7bdd6-6e8e"
content-encoding: gzip
X-Firefox-Spdy: h2

use.fontawesome.com/f182237388.css

104.21.27.152

200 OK

1.0 kB

URL GET HTTP/2
use.fontawesome.com/f182237388.css
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1054), with no line terminators
Size
1.0 kB (1033 bytes)
Hash
38ab6981f2d275f63d6a5e13e551e2ae
fed5822d1194a5965a5012005fa4dafd5be9ae2e
b029b512b28b1f42efe25a07a756b0d6bd97a071e0845129c8fae7fe288c18a8

HTTP Headers

GET /f182237388.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:42:57 GMT
content-type: text/css
etag: W/"c34c69a9993e345a33d3899b6f063f04"
last-modified: Fri, 22 Sep 2023 01:40:27 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 6428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NzjBFh3T0mXNizJPLiyQUDEh81zDTJYgPQ%2B2L9NdzxyNei08OtRQb%2FvBvhq0Nd2ELhT%2BDBmDSh3p6Pg3Y%2FeFjw59CMhC7DQa8gI6VvIhglnLi9SHaIYm1gfK7TYuQKrXtGw7n4dy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794cd8adda50afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/script/smart.js

45.141.156.111

200 OK

2.2 kB

URL GET HTTP/2
cerfoben.xyz/1/src/script/smart.js
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
JavaScript source, ASCII text, with very long lines (2304), with no line terminators
Size
2.2 kB (2198 bytes)
Hash
79218c8e4d6b9589da61b4daddd1d721
c8bdf2b44db9327ac24f0d02e2aa0bfc69097ab5
db4e31aaf6f2022d9cd8c052537ee237b0b69cd49ab27d6d29913bf401b1ea5a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/script/smart.js HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
vary: Accept-Encoding
etag: W/"65d7bdd6-896"
content-encoding: gzip
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/script/lang.js

45.141.156.111

200 OK

1.2 kB

URL GET HTTP/2
cerfoben.xyz/1/src/script/lang.js
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
JavaScript source, ASCII text, with very long lines (1223), with no line terminators
Size
1.2 kB (1157 bytes)
Hash
00d68d5fcbe959205761ae2eb92bda5a
e70670eba70fd9428d8ee7d8acacea623bd72d4f
994454fb2f960994c4f0721e63734138eb06498b18f1236e39d4c66de579b054

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/script/lang.js HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
vary: Accept-Encoding
etag: W/"65d7bdd6-485"
content-encoding: gzip
X-Firefox-Spdy: h2

cerfoben.xyz/1/src/images/favicon.png

45.141.156.111

200 OK

12 kB

URL GET HTTP/2
cerfoben.xyz/1/src/images/favicon.png
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
12 kB (12373 bytes)
Hash
a8bcc7014fe22c103dab669d3965e0da
a0112cc92a8581d13108f5dabe4da78e278d7504
3e69c9d5ec6baf33f208f71e44814f58f8b85d903c7988d1074895e63fd3b2a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/src/images/favicon.png HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/1/7.html
Cookie: GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:57 GMT
content-type: image/png
content-length: 12373
last-modified: Thu, 22 Feb 2024 21:34:15 GMT
etag: "65d7bdd7-3055"
accept-ranges: bytes
X-Firefox-Spdy: h2

cerfoben.xyz/1/7.html

45.141.156.111

200 OK

15 kB

URL User Request GET HTTP/2
cerfoben.xyz/1/7.html
IP
45.141.156.111:443
ASN
#206776 Ophidian Network Limited

Certificate
IssuerLet's Encrypt
Subjectcerfoben.xyz
FingerprintCF:ED:E9:F3:64:5F:81:21:42:4C:D6:5F:1B:59:DF:CB:A1:12:F4:A5
ValidityThu, 28 Mar 2024 11:27:52 GMT - Wed, 26 Jun 2024 11:27:51 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
15 kB (15036 bytes)
Hash
c6ccdd4d37f89172683c464c14796cb4
62dc901e955418a67bcce640fc93b8579bd68862
00aa0db73faa2b6ddfd0aee7a9c9ca7d05c687448b5f1ecf1c94919d945c961e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1/7.html HTTP/1.1
Host: cerfoben.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: text/html
last-modified: Thu, 22 Feb 2024 21:34:14 GMT
vary: Accept-Encoding
etag: W/"65d7bdd6-3abc"
content-encoding: gzip
X-Firefox-Spdy: h2

use.fontawesome.com/f182237388.js

104.21.27.152

200 OK

9.5 kB

URL GET HTTP/2
use.fontawesome.com/f182237388.js
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (9731), with no line terminators
Size
9.5 kB (9496 bytes)
Hash
2cacb88151a513dc4eaf4bde78faff7b
a4c63129b001af45bd8c1e60a462a87edd9be8e9
2cfdf34668c0492fe9303c1210943aa7f4a5353e4674812bb96c79542802ebf7

HTTP Headers

GET /f182237388.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cerfoben.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:42:56 GMT
content-type: text/javascript
etag: W/"642925e489914ab3dd425cb843636667"
last-modified: Fri, 22 Sep 2023 01:40:28 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 2214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zG4wWzQDHGcOB3kS9UV2AKjNFl%2BRM7F7w%2F3YzsfcuODE0ZAVviZsTsJvUFrTgjZ23quDDoe5mQJoMyEmrbMhsjHbxmQ6POFwAdG3hG3ZuXVgXYbr87BnaQp5qShBsB5aPwyxm2Yu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794cd897cdb0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2

104.21.27.152

200 OK

77 kB

URL GET HTTP/2
use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cerfoben.xyz/1/7.html
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /releases/v4.7.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cerfoben.xyz
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 08:42:57 GMT
content-type: application/font-woff2
content-length: 77160
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRd9%2F3bWUXkNCeKStL56IFY1L1A5yYCfhDeuppUS0WffJ0NjdjFmoVDbDN97uK%2BWhONUdba4WDZJ1%2FWL7l2fRPyPa1YBhmSEFkX2Q3F1de9H9AsW%2B69VhWO8is8PP0CmK%2F17YSI3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8794cd8cbec00afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML