| tokenlogger.zip/ | 172.67.175.24 | | 0 B |
IP172.67.175.24:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: tokenlogger.zip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 25 Apr 2024 23:12:50 GMT
content-length: 0
location: https://nest.rip/?ref=viewer
x-cache-status: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NiMVb0JNfmu%2FbTSYFjBEm0pykY%2BSFD3SOivbreXlMELaw0Dmh0waX%2Bacjg0CuYXTrQhZQ0FjbKMe97ktWbLti37werGkuNdVwpTanZdhtx5JBlj9WLcbDGu%2BedQPr8Rqwbk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a2052baf43b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| o1377474.ingest.sentry.io/api/6716465/envelope/?sentry_key=d1b0aef14a634ea48678ded634fc3103&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.86.0 | 34.120.195.249 | | 2 B |
URL o1377474.ingest.sentry.io/api/6716465/envelope/?sentry_key=d1b0aef14a634ea48678ded634fc3103&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.86.0 IP34.120.195.249:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/6716465/envelope/?sentry_key=d1b0aef14a634ea48678ded634fc3103&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.86.0 HTTP/1.1
Host: o1377474.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nest.rip/
Content-Type: text/plain;charset=UTF-8
Content-Length: 429
Origin: https://nest.rip
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nest.rip/apple-touch-icon.png | 188.114.97.1 | | 1.6 kB |
URL nest.rip/apple-touch-icon.png IP188.114.97.1:0
File typePNG image data, 180 x 180, 8-bit colormap, non-interlaced Hashc647b64982049b98716b0b868db6ee36 7c17e563226934db73b7072af903dde4f44a6a1c 4f8ed7ffc57e043e38685071d27fffcc567504bf47f7bedc7d77973388a6d013
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /apple-touch-icon.png HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/png
content-length: 1607
cache-control: public, max-age=0
last-modified: Sun, 04 Feb 2024 16:10:53 GMT
etag: W/"647-18d74e30de9"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHjUG6yjuGQ%2BedWbdlyKkJpLHP1%2Fd8OFMF8JWGHRp31hK5eAACE15q%2BqBU1WIfnj1M6xVNB%2BhDKgLq8B3WI3bfwsKqT58WGXmfqyIHWh0ZGrJmdGsTnBTX2eLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a205316a0056c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nest.rip/favicon-16x16.png | 188.114.97.1 | | 271 B |
URL nest.rip/favicon-16x16.png IP188.114.97.1:0
File typePNG image data, 16 x 16, 4-bit colormap, non-interlaced Hash81c32654b68b2a30004d4e0fca7272f7 64d7fd882612bc81387ae45b41d60a0c3116390d 14ef296d4813bf0015d77552aed18d146a8b84b8c208fed2a9394c986d3b381c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon-16x16.png HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/png
content-length: 271
cache-control: public, max-age=0
last-modified: Sun, 04 Feb 2024 16:10:53 GMT
etag: W/"10f-18d74e30ded"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cpYqN1ipQqDpIoupgkQfzdbfCZRqfWgXWrbf26AT2%2FwWDbT%2BqGuWFXoJsTP7lI8f6VxaCqmp1iwAsPs5p25I5zGBo6MS9SLQlSpoL8gswcVKASylZAHm1AtUog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a205316a0156c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/66d80fea-cb4c-4b36-ab7b-056cc1822797.png | 188.114.97.1 | | 31 kB |
URL cdn.nest.rip/avatars/66d80fea-cb4c-4b36-ab7b-056cc1822797.png IP188.114.97.1:0
File typePNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced Hashb709e245740fb840db9cd5cdd3602995 d8377ccaf2ded90bec922976f879c88d907efab9 ba879587a764bc8c5637c2280cc92e20adb86bcfef727a60994854c8515f7a6c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/66d80fea-cb4c-4b36-ab7b-056cc1822797.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/png
content-length: 30734
content-disposition: filename="avatar.png"
content-security-policy: block-all-mixed-content
etag: "b709e245740fb840db9cd5cdd3602995"
last-modified: Thu, 14 Jul 2022 17:36:53 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17BF0883B0C28B6D
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 1c285b7a-bca6-41d9-b913-674f8fb824ec
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uHGsqrgUTch9oogX2%2FvNzcmHcE7uqaQqnI0sAa5dv60kuUeYFTUt482kkkK3%2FhaGD8dJ%2BQW4yuBfLMszDLHtDMWn5ZrXRKPptHqBICd8f7HzUhet0wtnTqvTNzu4z2Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205322a5f56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/24a2805c-f433-4531-9c17-53d078807656.png | 188.114.97.1 | | 2.9 kB |
URL cdn.nest.rip/avatars/24a2805c-f433-4531-9c17-53d078807656.png IP188.114.97.1:0
File typePNG image data, 400 x 400, 8-bit colormap, non-interlaced Hash772aa709423494dba2e436c8df1fe643 c89753dd9d4eaca510eedac17cd0e485b8cca17f 6d34bedb72ec3f2dc15085747d365fbb3f34319d5b549a8776438b92853344b6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/24a2805c-f433-4531-9c17-53d078807656.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/png
content-length: 2872
content-disposition: filename="default_profile_400x400.png"
content-security-policy: block-all-mixed-content
etag: "772aa709423494dba2e436c8df1fe643"
last-modified: Mon, 03 Oct 2022 12:50:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B0B71238A40C46
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: f9ed1e55-789c-437f-bcd2-412fc16d78e8
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0D5t0V8cevKfi3yHh%2BpAnCtfm4qFtxJgQjO8dvmPq8wXzxggtqcBWyxD2ycdKDL8%2F116YsZmwjKzEivRNsg1YUNb7YB8XJfgJ45mxPtUq%2BJ0aEMeFTyHS4S9am2%2By0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205322a6156c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/98439ff6-7c76-4637-a046-971e1d21dde1.png | 188.114.97.1 | | 32 kB |
URL cdn.nest.rip/avatars/98439ff6-7c76-4637-a046-971e1d21dde1.png IP188.114.97.1:0
File typePNG image data, 128 x 128, 8-bit/color RGB, non-interlaced Hasha31952ee54dc91c8b1f37831b2b92233 0e892163bd01072623145a5d089bdf9f5fc8d8eb 25f9381191306907079105428fe0fbd4814dd8f2687ee11fc4315a40175269c4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/98439ff6-7c76-4637-a046-971e1d21dde1.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/png
content-length: 31609
content-disposition: filename="avatar.png"
content-security-policy: block-all-mixed-content
etag: "a31952ee54dc91c8b1f37831b2b92233"
last-modified: Mon, 11 Dec 2023 09:17:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17C7BD381068CB7D
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: e83f2ecf-fc18-4a36-b735-2d9c69626d0f
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j1GXMCcQHa0WvhXqnVIyHwOhneodq5blVrOLOjin9HnAujh8tiFn1GaKGxUdheug3oo90Gamxv3BzCdp5ekHJp%2BMDOtMJ%2Bhkw67JVAq8XrlBXdZ2EtR8wnDgnpG0vW8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205322a6656c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/78309afe-e866-4a29-b5c3-5da0c1e0a586.png | 188.114.97.1 | | 25 kB |
URL cdn.nest.rip/avatars/78309afe-e866-4a29-b5c3-5da0c1e0a586.png IP188.114.97.1:0
File typeGIF image data, version 89a, 128 x 128 Hash97df7f98d3bd8e15d415f21d9a275a85 8ab47011f4de3132cae7a2cb42a6d53f6739321a a6c0136843c9f3092cb69f953a30e19d0f8f226805fa836c1f4277874429b27b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/78309afe-e866-4a29-b5c3-5da0c1e0a586.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/gif
content-length: 24949
content-disposition: filename="avatar.png"
content-security-policy: block-all-mixed-content
etag: "97df7f98d3bd8e15d415f21d9a275a85"
last-modified: Fri, 16 Feb 2024 03:06:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B438F5A0DE6AE1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: e6220932-4896-4a76-b7b4-bdde1435f5ab
drive: SSD
x-cache-status: MISS
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08Fh7tAbZlJ7orTt5Q17r%2FhnNcOEns85VghOZrYI7qdp%2FdFf4stHz6y24MpIsKNMjP3FY0Wc0sA566BOlGRgkLOUQRvCsq2mNcb4C9nO%2FG6AvHGI8zQX7zEZOWg7b6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205322a6256c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/80436425-804b-4a3a-8b6d-1c983a57571e.jpg | 188.114.97.1 | | 46 kB |
URL cdn.nest.rip/avatars/80436425-804b-4a3a-8b6d-1c983a57571e.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x600, components 3 Hashbc62455b6ecaad0ca9b9fea912824471 eb2c3043aa2900ce4ad193fbbd4d233ae8a52178 471c182ba6f8e88814fdd1e834ac91f28c0e1be88e63626efeae8f594ee48f9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/80436425-804b-4a3a-8b6d-1c983a57571e.jpg HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/jpeg
content-length: 45922
content-disposition: filename="channels4_profile.jpg"
content-security-policy: block-all-mixed-content
etag: "bc62455b6ecaad0ca9b9fea912824471"
last-modified: Sun, 19 Feb 2023 08:51:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B8711C9169F27A
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 78549dd3-bf2b-4839-8dca-a67cade7ec21
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2Feho4DF35K7KgyFHVstQn1HjeLN6%2B3rMzB7P2XEWyyQxAaC1ksiMqQY6nlaRt6dFZ4rQu0FH2JIL0AEr7CxQQ75aQjvYCeFC879BgMY1pvww251yXdzagxLPU12L70%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205323a6856c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/0681018c-3ea9-4fe8-a163-708e917c6ede.gif | 188.114.97.1 | | 2.1 MB |
URL cdn.nest.rip/avatars/0681018c-3ea9-4fe8-a163-708e917c6ede.gif IP188.114.97.1:0
File typeGIF image data, version 89a, 184 x 184 Size2.1 MB (2093847 bytes) Hash0921b2c8a86c25dfef33c1ce4937e99d e081bb44f8c79e9b5ae44d1be71aae559d7fcf88 37877ebf8aa0f72193c0efc2c0940da7ffe6cf0956716dbc414d95791c6e10ed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/0681018c-3ea9-4fe8-a163-708e917c6ede.gif HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/gif
content-length: 2093847
content-disposition: filename="e081bb44f8c79e9b5ae44d1be71aae559d7fcf88.gif"
content-security-policy: block-all-mixed-content
etag: "0921b2c8a86c25dfef33c1ce4937e99d"
last-modified: Wed, 24 May 2023 15:06:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B129C7BB962675
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: d1b2b3e7-0f72-48d6-9b4f-08158331e440
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U3%2B3DbI8PA9ShYHwrdo9uts0%2BotAi2p8d6Vhng%2BYsd6qIqfPgb8yNc6gL%2BCtk5XyJeTS9OkKiibmsUHyQ0TjRdqI2%2Bv5siDsOtbyaM7UBAZzX4lmJp%2BJgk9ASuhHZno%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205322a5e56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nest.rip/_next/static/chunks/pages/_app-5b4adf06232fc9cd.js | 188.114.97.1 | | 481 kB |
URL nest.rip/_next/static/chunks/pages/_app-5b4adf06232fc9cd.js IP188.114.97.1:0
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size481 kB (480641 bytes) Hash7e44f89b3d52b5b794ea28b76e572f9c 3f6ebd3e6adac67ec51a788ae9c946d65903eb5a 9e12f20071e30bea9a6d7faf35b2469773829ba6ff4459bdd8441bbec110473c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-5b4adf06232fc9cd.js HTTP/1.1
Host: nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/?ref=viewer
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:50 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
cf-polished: origSize=788750
etag: W/"c090e-18d74ee6c02"
last-modified: Sun, 04 Feb 2024 16:23:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27E4imY3hjlNUhIgkI2ShxlqkFuU9pVL2vAt%2F%2Fm6i%2Bs6U34J7Z0U2eQhg2iivQlk6Rub1L4LgjVPcIBO4GrWujyPnYDGv49hMpu5dxKy3nikQ5B7m38cTxRl6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87a2052e388456c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/65c2573c-3e1e-4d26-8042-28c3e4fef6e2.png | 188.114.97.1 | | 82 kB |
URL cdn.nest.rip/avatars/65c2573c-3e1e-4d26-8042-28c3e4fef6e2.png IP188.114.97.1:0
File typePNG image data, 1280 x 853, 8-bit/color RGB, non-interlaced Hash63645eaadd518d376267f55c95a28928 a83db9918c1273c98c4e9ad7c91f561e5416c705 b9fd246a7346f33889c5ddacc77b5e28de9f65b7437ed081eeccad5cac3c9171
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/65c2573c-3e1e-4d26-8042-28c3e4fef6e2.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/png
content-length: 81655
content-disposition: filename="NahSahh.png"
content-security-policy: block-all-mixed-content
etag: "63645eaadd518d376267f55c95a28928"
last-modified: Tue, 02 Aug 2022 10:30:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B86AA46707F32F
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 21e94d0b-1626-48aa-811a-b8bd1723c745
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ODnc4dGMOP905vjIbt0dIZKZTSDAX6PCT8dJ65nDV8Y59DhaZ61r5W%2BPxr1ka9VM6mIds%2FIVn%2Fg%2FEoQm%2FLlaZFwVUMrXvMqkUjB5dOspKj8gyxqulCGsTK3PjNF65n4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205323a6b56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/88b96cca-1166-4246-9c00-52d15f901ac0.png | 188.114.97.1 | | 7.8 kB |
URL cdn.nest.rip/avatars/88b96cca-1166-4246-9c00-52d15f901ac0.png IP188.114.97.1:0
File typePNG image data, 512 x 512, 8-bit/color RGB, non-interlaced Hash24f4cab5f90cf48b774ccb24fb2d7beb db6b7e20e8cb683a499988664885cdc116cde0ca d9b1a50903eb49cce7b180f04069a04dc3b3617623f2a6df8c1fb4edb9b27753
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/88b96cca-1166-4246-9c00-52d15f901ac0.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/png
content-length: 7833
content-disposition: filename="syz-icon1.png"
content-security-policy: block-all-mixed-content
etag: "24f4cab5f90cf48b774ccb24fb2d7beb"
last-modified: Sun, 10 Sep 2023 13:12:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B0B71230DBB289
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: d0c27910-b74c-4299-add4-48a6fe2f48d0
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H0w23ssKUyhEK20L5AxFw95cgbYIumr263YaEyZt2dwfWto00AgKfZUIkMNS1cYrzf1ffJIa%2FjEf7FS0ZeCOIV4ZP5KDGMMrIwRdj1qqKKcUUWFf81XtXH46qyAhvdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205323a6e56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/11519c48-4a0e-468c-98e1-a0f84082b8fc.png | 188.114.97.1 | | 9.5 kB |
URL cdn.nest.rip/avatars/11519c48-4a0e-468c-98e1-a0f84082b8fc.png IP188.114.97.1:0
File typePNG image data, 1920 x 1920, 1-bit colormap, non-interlaced Hash7ae62c8347823500ba39f6a25e287876 e284cb763ef4fb6982ddf5a873c41761a3ae239a 1a7fcd93544f9111ecd6d47bf6e4dab19108e093c7d94a6e79e3ac0babe7c89f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/11519c48-4a0e-468c-98e1-a0f84082b8fc.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/png
content-length: 9454
content-disposition: filename="lol.png"
content-security-policy: block-all-mixed-content
etag: "7ae62c8347823500ba39f6a25e287876"
last-modified: Wed, 14 Feb 2024 11:24:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B3B6FCB4A291E4
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: c62b4ef1-22b4-4e5d-8aa3-40a4c78e020d
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAAIyVmxFUKcdOiTt8RBTJWQLsPlJpr3Wv3nAW5jPl0qmvK9aXzyxeGqg3ptY1uS7J1PTx8Dlp0N07XeF8O8JgZ7XIX4k%2Bfc%2Ft6ZqQLWQd88F0myNaUlhOhAqNpZ5FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205323a6f56c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/51b63ded-f8f2-4cdc-950b-a82ce01ae805.png | 188.114.97.1 | | 4.9 MB |
URL cdn.nest.rip/avatars/51b63ded-f8f2-4cdc-950b-a82ce01ae805.png IP188.114.97.1:0
File typeGIF image data, version 89a, 128 x 128 Size4.9 MB (4931350 bytes) Hashfcd67fdb7cb70a721d109b307e2683bc ca7f544960984fcc5f2576c7c94872025987fa2e 7e603cd07d09cbb4f692fd6e12bf9d883d7de8ed5de3389c7c845b1aaa74eb56
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/51b63ded-f8f2-4cdc-950b-a82ce01ae805.png HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/gif
content-length: 4931350
content-disposition: filename="avatar.png"
content-security-policy: block-all-mixed-content
etag: "fcd67fdb7cb70a721d109b307e2683bc"
last-modified: Thu, 22 Sep 2022 16:18:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B0B709A158730D
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: 1a174d76-f750-45cf-b903-7fb2cf7899e7
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4a%2BiJvNoNj3Ux1yTnFiCbLLEFfhI2cusu2mwL%2F2sJsTBICdqHq2ylPq7bVzcQDxyja%2F2qAm43KeeLPFC5ThM7lfLnZz6J4eaQlUW%2Ff3c0QjwoHtKNgSZQqoAecwrIpk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205323a7256c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/eb46ea7d-8510-40ff-aab4-aa5a1200719b.jpeg | 188.114.97.1 | | 41 kB |
URL cdn.nest.rip/avatars/eb46ea7d-8510-40ff-aab4-aa5a1200719b.jpeg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 563x558, components 3 Hash4336275a04c428b4b1703df9aaaac241 4ef5049544e29aa86fe6ba971560f6648fa7fb1f b6b466ea4cb761438da65249faa1b1afa750c90f86eef4dce915b6a2f3ca1718
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/eb46ea7d-8510-40ff-aab4-aa5a1200719b.jpeg HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/jpeg
content-length: 40630
content-disposition: filename="deeznutshaha.jpeg"
content-security-policy: block-all-mixed-content
etag: "4336275a04c428b4b1703df9aaaac241"
last-modified: Sat, 19 Aug 2023 18:38:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B0B7122782DF86
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: d9d9beed-b8e5-4425-bb55-28fab0093860
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sX5tzQGaWtHhvXUnYgzBQ3e3g3kBWcgdIJxXddpWmH3RUUeUacLQLrEBaNfgfzrfXKjJltYfaX%2FF8mJwQrQN2tGa7OmMLw0mtRN3x4Mg1p1UM6cGNNx7AW7JYKRpoWQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205324a7456c3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.nest.rip/avatars/4a8cad77-cd2d-4094-bcdb-a0c4a828f73b.jpg | 188.114.97.1 | | 54 kB |
URL cdn.nest.rip/avatars/4a8cad77-cd2d-4094-bcdb-a0c4a828f73b.jpg IP188.114.97.1:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 216x216, segment length 16, progressive, precision 8, 563x555, components 3 Hashed8eacb2771c39f81645e1ca53d5c16f 8c2bc37c076bda8353ed3f086a1b90fc5ac17c56 f1f32c86c36ff90ae23f76c9d5c00b04a58a827d854306360bf8ac2ac8d56e6f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /avatars/4a8cad77-cd2d-4094-bcdb-a0c4a828f73b.jpg HTTP/1.1
Host: cdn.nest.rip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nest.rip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 23:12:51 GMT
content-type: image/jpeg
content-length: 54110
content-disposition: filename="raccoon.jpg"
content-security-policy: block-all-mixed-content
etag: "ed8eacb2771c39f81645e1ca53d5c16f"
last-modified: Thu, 15 Feb 2024 07:00:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Origin, Accept-Encoding
x-amz-request-id: 17B3F724A5796EC3
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-meta-originaluploader: fc286833-5d4a-4953-b1fe-526cadb2e8f5
drive: SSD
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HlmQDo6d0gl0bncuAxTTteAXSbwVXK9zJ2WY1%2BcLWNe%2Br6NByp1duoAxYhcO4tI7YqRny6cBVd%2FnX4bJn4gNVBbKEaoGFlIKdJM3NiaH0GoB8RGLG7%2FfOGAneeQEW2A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a205324a7956c3-OSL
alt-svc: h3=":443"; ma=86400
|
|