Report - nahamcon2025asdasd.pages.dev/robots.txt

Report Overview

Visited public
2025-05-04 09:57:05
Tags
malicious
URL
nahamcon2025asdasd.pages.dev/robots.txt
Finishing URL
nahamcon2025asdasd.pages.dev/robots.txt
IP / ASN
172.66.47.160
#13335 CLOUDFLARENET
Title
reCAPTCHA Verification
Malicious - Copy/Paste Social Engineering

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nahamcon2025asdasd.pages.dev	unknown	2020-09-02	2025-05-04	2025-05-04	980 B	29 kB	172.66.47.160
upload.wikimedia.org	2215	2003-03-16	2012-05-21	2025-05-01	483 B	8.3 kB	185.15.59.240
use.fontawesome.com	942	2012-10-18	2017-01-30	2025-04-30	1.0 kB	88 kB	104.21.27.152

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-04 09:56:44	low	Client IP	172.66.47.160	ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	nahamcon2025asdasd.pages.dev/robots.txt	ScriptElement	5.2 kB	2025-02-23	2025-05-04
Pretty URL nahamcon2025asdasd.pages.dev/robots.txt IP 172.66.47.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-23 07:01 Last Seen2025-05-04 09:57 Times Seen2 Hash 559b29d449aa9f836856e947f98ad394 6b101c5afcb5c1dec164b6e443cde4b72521e9b8 fb334cfefd44434524dab6ffdb8e6b270a17a270cd0079d4816865eb690bad1b Loading...

HTTP Transactions (5)

URL IP Response Size

nahamcon2025asdasd.pages.dev/robots.txt

172.66.47.160

200 OK

14 kB

URL User Request GET
nahamcon2025asdasd.pages.dev/robots.txt
IP
172.66.47.160:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectnahamcon2025asdasd.pages.dev
FingerprintA4:89:7C:23:DC:DA:0C:98:19:5B:9D:8D:F0:77:0B:B2:6A:A9:50:4F
ValiditySat, 03 May 2025 16:24:08 GMT - Fri, 01 Aug 2025 17:17:14 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
14 kB (13484 bytes)
Hash
38202ea5849043e806daa5f394013808
7ea60001c0e7e4d774541a7bdf90482b63e4ecc6
e0103f59e351c9246293167fa16a21d2036f74e1a72e3bc455026d2acbf65119

Detections

Analyzer	Verdict	Alert
urlquery	malicious	Malicious - Copy/Paste Social Engineering

HTTP Headers

GET /robots.txt HTTP/1.1
Host: nahamcon2025asdasd.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 May 2025 09:56:44 GMT
content-type: text/html; charset=utf-8
cf-ray: 93a72141a85cb50b-OSL
server: cloudflare
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98jz9%2BIW674qDby1hk2LPx0tIfapg7PZsnmkvfcb9GVDxQKGaGYIJ5uvtluYVyY%2BX3yQ%2FZj7HOk9YnoqXKZcQft5VsyqX7DphbvlslL6mdr9v8zgahKJDwp7KCymaXFKCjAnBVYvFIRAx9uhBfdj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=473&min_rtt=450&rtt_var=108&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3302&recv_bytes=1282&delivery_rate=7956043&cwnd=253&unsent_bytes=0&cid=f5ee4c0960e6791f&ts=201&x=0"
X-Firefox-Spdy: h2

upload.wikimedia.org/wikipedia/commons/a/ad/RecaptchaLogo.svg

185.15.59.240

200 OK

7.3 kB

URL GET
upload.wikimedia.org/wikipedia/commons/a/ad/RecaptchaLogo.svg
IP
185.15.59.240:443
ASN
#14907 WIKIMEDIA

Requested by
https://nahamcon2025asdasd.pages.dev/robots.txt
Certificate
IssuerDigiCert Inc
Subject*.wikipedia.org
Fingerprint0B:3A:AB:D4:5E:55:A4:08:2B:F7:C1:DA:63:37:75:F1:EB:04:6E:A5
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
7.3 kB (7274 bytes)
Hash
32b3b6dbf7ad151e3b75823cadcdd417
a1025e15088c3350fd9aa97b9f6821161ec72a91
6ccbf564a3277563df485472619415de0093125c98385790da07409db3446205

HTTP Headers

GET /wikipedia/commons/a/ad/RecaptchaLogo.svg HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nahamcon2025asdasd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
x-object-meta-sha1base36: it2qxwo78v39sqvbu0iq4nywcsz226p
last-modified: Thu, 06 Feb 2020 16:07:33 GMT
date: Sun, 04 May 2025 09:56:44 GMT
server: envoy
etag: W/32b3b6dbf7ad151e3b75823cadcdd417
content-encoding: gzip
vary: Accept-Encoding
age: 2
accept-ranges: bytes
x-cache: cp3078 hit, cp3078 miss
x-cache-status: hit-local
server-timing: cache;desc="hit-local", host;desc="cp3078"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.0.0/css/all.css

104.21.27.152

200 OK

33 kB

URL GET
use.fontawesome.com/releases/v5.0.0/css/all.css
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nahamcon2025asdasd.pages.dev/robots.txt
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint2F:A0:71:2B:C1:50:E8:B9:6E:F6:46:C3:85:EA:4E:30:ED:94:CB:C6
ValiditySun, 04 May 2025 00:52:35 GMT - Sat, 02 Aug 2025 01:52:29 GMT

File type
ASCII text, with very long lines (33229)
Size
33 kB (33407 bytes)
Hash
e35d9c4ebaea0573df8e4a9505b72eea
5fbb384cd8cd7a64483e6487d8d8179a633f9954
9f29f2bbb25602f4bdbd3122c317244f8fd9741106ffd5a412574b02ee794993

HTTP Headers

GET /releases/v5.0.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nahamcon2025asdasd.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 May 2025 09:56:44 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"e35d9c4ebaea0573df8e4a9505b72eea"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
age: 999889
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbvlOewmSNghTJwoedsB8GjVTTq%2F%2FSqDxRd4H%2FV3tjLdrvdiPYDccunu4%2FgCi4oNSNhcV6I2sGRj2Zon0jaTsbX5x8EfjgKLcP%2F7bAFnvFJlpz1KL30WiFO4eiKkLPxI6QEfGJbW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93a721444e5b569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=490&min_rtt=438&rtt_var=153&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3274&recv_bytes=1231&delivery_rate=7956043&cwnd=253&unsent_bytes=0&cid=422a763392bf010c&ts=27&x=0"
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.0.0/webfonts/fa-brands-400.woff2

104.21.27.152

200 OK

53 kB

URL GET
use.fontawesome.com/releases/v5.0.0/webfonts/fa-brands-400.woff2
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nahamcon2025asdasd.pages.dev/robots.txt
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint2F:A0:71:2B:C1:50:E8:B9:6E:F6:46:C3:85:EA:4E:30:ED:94:CB:C6
ValiditySun, 04 May 2025 00:52:35 GMT - Sat, 02 Aug 2025 01:52:29 GMT

File type
Web Open Font Format (Version 2), TrueType, length 52648, version 1.0
Size
53 kB (52648 bytes)
Hash
657e828fb3a5963706e24cbf9d711bb8
84c08557d977e0a46ec8941b2d84235069dab229
45e39853c41558c4922ff1b0895547a99e378f136ec3d9d2f4df15cc269485fa

HTTP Headers

GET /releases/v5.0.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nahamcon2025asdasd.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 04 May 2025 09:56:45 GMT
content-type: font/woff2
content-length: 52648
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "657e828fb3a5963706e24cbf9d711bb8"
last-modified: Fri, 22 Sep 2023 01:44:04 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PHCYm9XTvdxknS2%2BOc97JAVBVrjdbfTkTxtpCHw8rMZpRGQq4XDE9h18dw5JybeO9BBzvV66jmndLBzkXpCj2VAOUZjNhqTYCX1pv6O4mlr%2Bp9%2BYnb9k2vC28m5BKncktwNk1ao%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93a72144fb490b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6432&min_rtt=490&rtt_var=11907&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3276&recv_bytes=1295&delivery_rate=7784946&cwnd=254&unsent_bytes=0&cid=b6bb8dd556c8df4d&ts=163&x=0"
X-Firefox-Spdy: h2

nahamcon2025asdasd.pages.dev/favicon.ico

172.66.47.160

200 OK

14 kB

URL GET
nahamcon2025asdasd.pages.dev/favicon.ico
IP
172.66.47.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nahamcon2025asdasd.pages.dev/robots.txt
Certificate
IssuerGoogle Trust Services
Subjectnahamcon2025asdasd.pages.dev
FingerprintA4:89:7C:23:DC:DA:0C:98:19:5B:9D:8D:F0:77:0B:B2:6A:A9:50:4F
ValiditySat, 03 May 2025 16:24:08 GMT - Fri, 01 Aug 2025 17:17:14 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
14 kB (13484 bytes)
Hash
38202ea5849043e806daa5f394013808
7ea60001c0e7e4d774541a7bdf90482b63e4ecc6
e0103f59e351c9246293167fa16a21d2036f74e1a72e3bc455026d2acbf65119

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: nahamcon2025asdasd.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nahamcon2025asdasd.pages.dev/robots.txt
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 04 May 2025 09:56:45 GMT
content-type: text/html; charset=utf-8
cf-ray: 93a72145fefcb505-OSL
server: cloudflare
content-encoding: br
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pxdhK661PfKlOCJDBqUIKYi8XC0A1eReH3YV15wx431GU2ebvkwIA77CFAcrTKHCeT%2FSepaPV8yRyPDI2zJjN%2FvBQGWbpvyNq%2BmqezzDNSlwXkvG86fzRLhfESV5sXO%2Frmei99FCkbxrlnMlXRAD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2445&min_rtt=1135&rtt_var=1361&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4145&recv_bytes=1229&delivery_rate=523086&cwnd=12000&unsent_bytes=0&cid=748e6772ac8879f6&ts=595&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers