GET cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/js/script.js
200 OK 14 kB URL GET HTTPS
cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/js/script.js
IP / ASN
104.21.16.1
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type Unicode text, UTF-8 text
First Seen 2025-07-04
Last Seen 2025-08-01
Times Seen 425
Size 14 kB (14108 bytes)
MD5 9ab6f30bb69bd5ed2b95ec080d6df17d
SHA1 14f144dc6c53d712be564b1eef94f53c0a6dc7fa
SHA256 81d9c53b2dbbf34093776268451edaf2081a00fe9ad13002cc2bbf687149a836
Certificate Info
Issuer Google Trust Services
Subject creative-sb1.com
Fingerprint CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B
Validity Tue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT
GET /sb/notifications/utility/default/robot/3/js/script.js HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:56 GMT
content-type: application/javascript
server: cloudflare
last-modified: Mon, 30 Jun 2025 11:15:08 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=5cN4OJTTlMTvodLavP3m1dRWg9llp%2FpZ5zxmJV04niVBNONCCEiJSW442fPRbLla0Q2mLlR%2Bar%2BkqITcl6DaVjggS22zgwwA7x16pMngqiFNWw%3D%3D"}]}
cf-cache-status: MISS
etag: W/"686271bc-371c"
content-encoding: br
cf-ray: 961900ac1b040b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Fcss%2Fstyle.css&l=7008&fd=513
200 OK 0 B URL GET HTTPS
wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Fcss%2Fstyle.css&l=7008&fd=513
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://neoxsoftworks.eu/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-05
Times Seen 5676336
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject wearychallengeraise.com
Fingerprint C2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
Validity Thu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Fcss%2Fstyle.css&l=7008&fd=513 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Cookie: uid_id2=18357b05-cf8c-4067-bc64-b138a63bb607:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27103957=1; slec84c7b9efb5fd008b61907101ad9fbeac=[6047964]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 19 Jul 2025 08:55:55 GMT
Content-Length: 0
Connection: keep-alive
x-envoy-upstream-service-time: 1
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL GET HTTPS
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP / ASN
142.250.178.99
#15169 GOOGLE
Requested by https://neoxsoftworks.eu/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
First Seen 2025-01-08
Last Seen 2025-08-05
Times Seen 99837
Size 40 kB (40128 bytes)
MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
Validity Mon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Jul 2025 08:13:08 GMT
expires: Sat, 18 Jul 2026 08:13:08 GMT
cache-control: public, max-age=31536000
age: 88968
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET flushpersist.com/pxf.gif?uuid=18357b05-cf8c-4067-bc64-b138a63bb607&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=9a6288a8e154f7f2e1b335af4d7df9c0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
200 OK 0 B URL GET HTTPS
flushpersist.com/pxf.gif?uuid=18357b05-cf8c-4067-bc64-b138a63bb607&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=9a6288a8e154f7f2e1b335af4d7df9c0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://neoxsoftworks.eu/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-05
Times Seen 5676336
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject flushpersist.com
Fingerprint 9E:08:20:A0:75:ED:21:51:E0:3D:DE:29:CD:B0:11:01:4D:04:77:0A
Validity Tue, 01 Jul 2025 15:12:33 GMT - Mon, 29 Sep 2025 15:12:32 GMT
GET /pxf.gif?uuid=18357b05-cf8c-4067-bc64-b138a63bb607&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=9a6288a8e154f7f2e1b335af4d7df9c0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: flushpersist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Jul 2025 08:55:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: flushpersist.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 33160c684131e8f172d28ad994a014ca
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/css/style.css
200 OK 7.0 kB URL GET HTTPS
cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/css/style.css
IP / ASN
104.21.16.1
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type ASCII text
First Seen 2025-07-04
Last Seen 2025-08-01
Times Seen 426
Size 7.0 kB (7008 bytes)
MD5 fb36710663e1b1cea266cd22469df0a5
SHA1 c26947d20f845e479a729880b019b94387a7572c
SHA256 489b7a8da57bff7e1700ef24006bbb60451f933c6c12b4808b251db88355fdf2
Certificate Info
Issuer Google Trust Services
Subject creative-sb1.com
Fingerprint CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B
Validity Tue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT
GET /sb/notifications/utility/default/robot/3/css/style.css HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:55 GMT
content-type: text/css
server: cloudflare
last-modified: Mon, 30 Jun 2025 11:33:47 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6862761b-1b60"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4WZaVtSpGx4mTpVnkGAcRE7wHB0%2FjYJtVV%2Brpa%2BT5bFfk0o%2FM0DwIF6sYQ3zmZ2mQ7nXtIP4%2FbifxEUsZAtqmCods45akIvZUWJjazlz48xkeg%3D%3D"}]}
cf-ray: 961900aa997c0b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 17 kB URL GET HTTPS
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP / ASN
142.250.178.74
#15169 GOOGLE
Requested by https://neoxsoftworks.eu/
Resource Info
File type ASCII text, with very long lines (1572)
First Seen 2025-06-02
Last Seen 2025-08-05
Times Seen 2480
Size 17 kB (16755 bytes)
MD5 e9d2e14beb088f37fae98294940a9dcd
SHA1 1dafc3c55550249c8c2d782d5616c7b445c8e005
SHA256 f2e491cc46d3fcba81f729065d622bd722751d4a2e7f80b479aa64a92c17b5c7
Certificate Info
Issuer Google Trust Services
Subject upload.video.google.com
Fingerprint DC:40:BF:B1:59:C9:CC:B5:4A:38:2D:D0:16:8D:06:A5:1D:B4:08:8B
Validity Mon, 23 Jun 2025 08:41:28 GMT - Mon, 15 Sep 2025 08:41:27 GMT
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Jul 2025 08:55:55 GMT
date: Sat, 19 Jul 2025 08:55:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/img/moto.jpg
200 OK 67 kB URL GET HTTPS
cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/img/moto.jpg
IP / ASN
104.21.16.1
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 979x977, components 3
First Seen 2025-07-04
Last Seen 2025-08-01
Times Seen 426
Size 67 kB (67346 bytes)
MD5 9332b3326cc361a4a12bedd347c0627b
SHA1 a664493b30154627e0111431603effa83ea3501d
SHA256 3a3e2f3cbb2612be427015f9d7890a061fd43d926f3e2c5520329cd9a98caecb
Certificate Info
Issuer Google Trust Services
Subject creative-sb1.com
Fingerprint CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B
Validity Tue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT
GET /sb/notifications/utility/default/robot/3/img/moto.jpg HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:55 GMT
content-type: image/jpeg
content-length: 67346
server: cloudflare
last-modified: Mon, 30 Jun 2025 11:15:07 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "686271bb-10712"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 28108
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2FcuWRe7COB%2FXlp2BUDUn4slX1KkQQrwkoNr1mzthiwDcBELk462AGQDh2ynMHxEr1xHf1PW2Y8tkZODrC6tJunCY7vN8ebCu0GjkeXKqkOIRIQ%3D%3D"}]}
cf-ray: 961900ab29e50b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET professionaltrafficmonitor.com/stats
200 OK 40 B URL GET HTTPS
professionaltrafficmonitor.com/stats
IP / ASN
35.157.202.115
#16509 AMAZON-02
Requested by https://neoxsoftworks.eu/
Resource Info
File type ASCII text, with no line terminators
First Seen 2025-07-19
Last Seen 2025-07-19
Times Seen 1
Size 40 B (40 bytes)
MD5 f95904bba160540256faf1c2e53f9822
SHA1 bb122dd9d55c63c8afee0dda184536f7052700db
SHA256 cabb522375a3c3d114964c8caf25d3b541782571c9eb813879eadbc1fb5a2eb0
Certificate Info
Issuer Amazon
Subject protrafficinspector.com
Fingerprint 5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6
Validity Tue, 01 Jul 2025 00:00:00 GMT - Thu, 30 Jul 2026 23:59:59 GMT
GET /stats HTTP/1.1
Host: professionaltrafficmonitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://neoxsoftworks.eu
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=18357b05-cf8c-4067-bc64-b138a63bb607:2:1; expires=Tue, 17 Jul 2035 08:55:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
200 OK 48 kB URL GET HTTPS
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
IP / ASN
142.250.178.99
#15169 GOOGLE
Requested by https://neoxsoftworks.eu/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48532, version 1.0
First Seen 2025-05-29
Last Seen 2025-08-05
Times Seen 9337
Size 48 kB (48532 bytes)
MD5 225835e6e0496c54dc2aca9f3d533892
SHA1 942ef5298bbe74bfe44e445def5f2bfc94027fa8
SHA256 acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
Validity Mon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT
GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Jul 2025 17:15:50 GMT
expires: Fri, 17 Jul 2026 17:15:50 GMT
cache-control: public, max-age=31536000
age: 142803
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/webfonts/fa-solid-900.woff2
200 OK 156 kB URL GET HTTPS
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/webfonts/fa-solid-900.woff2
IP / ASN
104.17.25.14
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 156532, version 773.256
First Seen 2024-01-04
Last Seen 2025-08-04
Times Seen 1714
Size 156 kB (156532 bytes)
MD5 d465bccb9edf0873f021f66d4b09d89c
SHA1 214f3c71de28c682602aecd39e9ad2bba15f1b0c
SHA256 f4c5a5b297e623bc159679563a4d1eb16e409ca3b57698fbc00fd2c907dadae0
Certificate Info
Issuer Google Trust Services
Subject cdnjs.cloudflare.com
Fingerprint 4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
Validity Thu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
GET /ajax/libs/font-awesome/6.5.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 19 Jul 2025 08:55:53 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 156532
cf-ray: 961900a03d41b4fa-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "656632a7-26374"
last-modified: Tue, 28 Nov 2023 18:34:15 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 21189
expires: Thu, 09 Jul 2026 08:55:53 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QlJldAbTzUmZfmronv1mNqeujS3MV%2Bh2wZKZ34Ka%2BpLbTM9ueyBeIA4XIxpm6Kqln9ceKvTBuQ8VdYxyXwbom0I7Xc5H25qAbvTkILe7dPbdlDnCXBX5Xe8ThUejY%2BehkZwzGAv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET preferencenail.com/sfp.js
200 OK 85 kB URL GET HTTPS
preferencenail.com/sfp.js
IP / ASN
185.196.197.72
#39572 DataWeb Global Group B.V.
Requested by https://neoxsoftworks.eu/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
First Seen 2025-07-08
Last Seen 2025-08-05
Times Seen 2299
Size 85 kB (85386 bytes)
MD5 46a6fef91632b94d14252fe324c1585f
SHA1 387cebbd261b8fe947fe9805875300f2ceeb5cfd
SHA256 36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5
Certificate Info
Issuer Let's Encrypt
Subject preferencenail.com
Fingerprint F9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3
Validity Tue, 01 Jul 2025 15:11:38 GMT - Mon, 29 Sep 2025 15:11:37 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: preferencenail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 19 Jul 2025 08:55:53 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28254
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: preferencenail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 9b33897805d70a28d82812ad42bbf6eb
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET wearychallengeraise.com/pixel/sbs?c=1
200 OK 0 B URL GET HTTPS
wearychallengeraise.com/pixel/sbs?c=1
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://neoxsoftworks.eu/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-05
Times Seen 5676336
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject wearychallengeraise.com
Fingerprint C2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
Validity Thu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Cookie: uid_id2=18357b05-cf8c-4067-bc64-b138a63bb607:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27103957=1; slec84c7b9efb5fd008b61907101ad9fbeac=[6047964]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 19 Jul 2025 08:55:56 GMT
Content-Length: 0
Connection: keep-alive
x-envoy-upstream-service-time: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Fcss%2Fmagic.css&l=45054&fd=530
200 OK 0 B URL GET HTTPS
wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Fcss%2Fmagic.css&l=45054&fd=530
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://neoxsoftworks.eu/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-05
Times Seen 5676336
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject wearychallengeraise.com
Fingerprint C2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
Validity Thu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Fcss%2Fmagic.css&l=45054&fd=530 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Cookie: uid_id2=18357b05-cf8c-4067-bc64-b138a63bb607:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27103957=1; slec84c7b9efb5fd008b61907101ad9fbeac=[6047964]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 19 Jul 2025 08:55:55 GMT
Content-Length: 0
Connection: keep-alive
x-envoy-upstream-service-time: 1
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL GET HTTPS
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP / ASN
142.250.178.99
#15169 GOOGLE
Requested by https://neoxsoftworks.eu/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
First Seen 2025-01-08
Last Seen 2025-08-05
Times Seen 99837
Size 40 kB (40128 bytes)
MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
Validity Mon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Jul 2025 08:13:08 GMT
expires: Sat, 18 Jul 2026 08:13:08 GMT
cache-control: public, max-age=31536000
age: 88968
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
200 OK 48 kB URL GET HTTPS
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
IP / ASN
142.250.178.99
#15169 GOOGLE
Requested by https://neoxsoftworks.eu/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48532, version 1.0
First Seen 2025-05-29
Last Seen 2025-08-05
Times Seen 9337
Size 48 kB (48532 bytes)
MD5 225835e6e0496c54dc2aca9f3d533892
SHA1 942ef5298bbe74bfe44e445def5f2bfc94027fa8
SHA256 acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
Validity Mon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT
GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Jul 2025 17:15:50 GMT
expires: Fri, 17 Jul 2026 17:15:50 GMT
cache-control: public, max-age=31536000
age: 142803
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET weirdopt.com/ad/advertisers.js
200 OK 0 B URL GET HTTPS
weirdopt.com/ad/advertisers.js
IP / ASN
185.196.197.72
#39572 DataWeb Global Group B.V.
Requested by https://neoxsoftworks.eu/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-05
Times Seen 5676336
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject weirdopt.com
Fingerprint 1A:27:71:C0:8E:44:D4:6B:F5:AA:49:F0:F1:AF:E5:5F:30:23:A4:D4
Validity Tue, 01 Jul 2025 15:18:37 GMT - Mon, 29 Sep 2025 15:18:36 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ad/advertisers.js HTTP/1.1
Host: weirdopt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 19 Jul 2025 08:55:54 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b04c56fe512d1366b4e4bb80e49c6acc
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET flushpersist.com/pxf.gif?uuid=18357b05-cf8c-4067-bc64-b138a63bb607&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=84c7b9efb5fd008b61907101ad9fbeac&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
200 OK 0 B URL GET HTTPS
flushpersist.com/pxf.gif?uuid=18357b05-cf8c-4067-bc64-b138a63bb607&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=84c7b9efb5fd008b61907101ad9fbeac&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://neoxsoftworks.eu/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-05
Times Seen 5676336
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject flushpersist.com
Fingerprint 9E:08:20:A0:75:ED:21:51:E0:3D:DE:29:CD:B0:11:01:4D:04:77:0A
Validity Tue, 01 Jul 2025 15:12:33 GMT - Mon, 29 Sep 2025 15:12:32 GMT
GET /pxf.gif?uuid=18357b05-cf8c-4067-bc64-b138a63bb607&eb=56a3745424804a23b12899170f9076de&te=9c9b2bc1fcb866fe34b4078d4dc2b749&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0&dev=e&res=14.3095&b_frame=0&pk=84c7b9efb5fd008b61907101ad9fbeac&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=8 HTTP/1.1
Host: flushpersist.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Jul 2025 08:55:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: flushpersist.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 6a8b9f5656e2b4350aa6f409c8944090
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/img/close.png
200 OK 7.0 kB URL GET HTTPS
cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/img/close.png
IP / ASN
104.21.16.1
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced
First Seen 2025-07-04
Last Seen 2025-08-01
Times Seen 484
Size 7.0 kB (7005 bytes)
MD5 5127599f81c439cb0cf21166da26e991
SHA1 a750620e45c25855fb32ede5f1adb69ad28c1eeb
SHA256 9402058e0a31e79cd70001ebb397de51144d6e638a482f33bcee9a94dc20a6ff
Certificate Info
Issuer Google Trust Services
Subject creative-sb1.com
Fingerprint CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B
Validity Tue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT
GET /sb/notifications/utility/default/robot/3/img/close.png HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:55 GMT
content-type: image/png
content-length: 7005
server: cloudflare
last-modified: Mon, 30 Jun 2025 11:15:07 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "686271bb-1b5d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 940880
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=0pQzMy5RHHDcdGJiKOzZP22elUjWJU27e41ZdjzyXhPeSDy9viHMJ2e3XE3yiU1NnKdTWOMvxl3uMtUx18ed%2BBFTO1izntEiE0mRgliw8ZNGgA%3D%3D"}]}
cf-ray: 961900ab29db0b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET wearychallengeraise.com/impr.gif?sid=H4sIAAAAAAAC_1SSzYscVRfGb01m9y7CGz8WgliiCwWn51ZX9ZdZJMYkGpxMQhLNQl3cr5q5TnXd8t6qrs64CY5IEAKtCIog1Dw9yRgNEjfuRO1x5Yhgi4tBM5v8A2Iga-mZhsGzOOfc-ztcznnOfX-92CUhCrZz_qxZ1UnC5hs16j9zWafSlM5fvOQHtEaP-pd12oyO-v2Js73ngzCq0Wf9l5RYMfN1GlAa0MA_ra2KTX9-j0JntztBrUNrUb0WNCL07X_PrvDgmAfZ2yVHoOX48L34dWgxQtq9c1K5ldxkz53qFgnLjUVPbr6arqSmTNE9SGPrIU43p9UwbkzIpzMw6eZ0ApjexmQCcD0mM4_eBU83p22C927sd8oTqBRc_g9lbwSVjKDZCMKsQcvfCCAkFs8h7d5cNLZkV_Ypm9AxmX1wH7ock9m7DyPtfn0i0X3_okmKXJvUoR9X0P0R9NIIWbGFfHUGutyCyN-Flr-S-QcLSLsb51xioOXO00E7bLQ4bcyJuC3mItpszXHRjOZ4ELZZM-S8SVt7Eul4BOZmUDgPhfZQxB6KzENX7vgRbUciYGEz7kjRohGLIqk47bTrlLKOaKEQk94HyLMBRDKAsFeR2atY0QPY4ge45QpOenA5QU9WKBVB6QhKRlBqgjInKHvVDZm4uqtuysQVPJjG-jSG1dDkS-vshsmXVErA7ABWVhs6e9utQeSHhquxk0MzcYzn1ZBxWa1nu-T_E1m9zz_6Aytqx29HosU7KuaNWFLa5s2gQ1sBDZjsxFwxAacraDcD5jys6jFZ9C8i02Py1HsDcLYFl2xB6EfAisfBygpsucJqeidVpu9MnJfGrriaKiBNhSyfRX7FW092yWN7y33j5b-gxPbxJ4-vHUk_uQ5hK2S2wlv6J4Kl5NrwginJxgVTOvLNuSzXXb3KJou_mLNczX75irpSGivPnHSDWy-ICZikty8ply-wVOp0yZGvTmgplT1trFDkuzPusuLnC7d8orBpkS2cf_H0mW5mlXPapCMwPSZk908IPSYPLfyz96mjxmvQdgRbVOgW22RqENlVuGz7-BP3vz21_vOPcIbAJgecZx7KohraOj-4TPSYnP34CyRq-xg-uP7LvVuHwXgFpw5E4Gr7-7_364eWTV5gulp317BkPbB8DWm3Qs9W6CUVWDKAKw4N88xuH_s93DPwxBvyxHobPLHJh_syO73jx6GqC0rbrWYQtmMVhJEUcaMddWST0TBUyN14-Z03P_s3AAD___fTUri2BAAA
200 OK 0 B URL GET HTTPS
wearychallengeraise.com/impr.gif?sid=H4sIAAAAAAAC_1SSzYscVRfGb01m9y7CGz8WgliiCwWn51ZX9ZdZJMYkGpxMQhLNQl3cr5q5TnXd8t6qrs64CY5IEAKtCIog1Dw9yRgNEjfuRO1x5Yhgi4tBM5v8A2Iga-mZhsGzOOfc-ztcznnOfX-92CUhCrZz_qxZ1UnC5hs16j9zWafSlM5fvOQHtEaP-pd12oyO-v2Js73ngzCq0Wf9l5RYMfN1GlAa0MA_ra2KTX9-j0JntztBrUNrUb0WNCL07X_PrvDgmAfZ2yVHoOX48L34dWgxQtq9c1K5ldxkz53qFgnLjUVPbr6arqSmTNE9SGPrIU43p9UwbkzIpzMw6eZ0ApjexmQCcD0mM4_eBU83p22C927sd8oTqBRc_g9lbwSVjKDZCMKsQcvfCCAkFs8h7d5cNLZkV_Ypm9AxmX1wH7ock9m7DyPtfn0i0X3_okmKXJvUoR9X0P0R9NIIWbGFfHUGutyCyN-Flr-S-QcLSLsb51xioOXO00E7bLQ4bcyJuC3mItpszXHRjOZ4ELZZM-S8SVt7Eul4BOZmUDgPhfZQxB6KzENX7vgRbUciYGEz7kjRohGLIqk47bTrlLKOaKEQk94HyLMBRDKAsFeR2atY0QPY4ge45QpOenA5QU9WKBVB6QhKRlBqgjInKHvVDZm4uqtuysQVPJjG-jSG1dDkS-vshsmXVErA7ABWVhs6e9utQeSHhquxk0MzcYzn1ZBxWa1nu-T_E1m9zz_6Aytqx29HosU7KuaNWFLa5s2gQ1sBDZjsxFwxAacraDcD5jys6jFZ9C8i02Py1HsDcLYFl2xB6EfAisfBygpsucJqeidVpu9MnJfGrriaKiBNhSyfRX7FW092yWN7y33j5b-gxPbxJ4-vHUk_uQ5hK2S2wlv6J4Kl5NrwginJxgVTOvLNuSzXXb3KJou_mLNczX75irpSGivPnHSDWy-ICZikty8ply-wVOp0yZGvTmgplT1trFDkuzPusuLnC7d8orBpkS2cf_H0mW5mlXPapCMwPSZk908IPSYPLfyz96mjxmvQdgRbVOgW22RqENlVuGz7-BP3vz21_vOPcIbAJgecZx7KohraOj-4TPSYnP34CyRq-xg-uP7LvVuHwXgFpw5E4Gr7-7_364eWTV5gulp317BkPbB8DWm3Qs9W6CUVWDKAKw4N88xuH_s93DPwxBvyxHobPLHJh_syO73jx6GqC0rbrWYQtmMVhJEUcaMddWST0TBUyN14-Z03P_s3AAD___fTUri2BAAA
IP / ASN
172.240.253.132
#7979 SERVERS-COM
Requested by https://neoxsoftworks.eu/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-05
Times Seen 5676336
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject wearychallengeraise.com
Fingerprint C2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
Validity Thu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC_1SSzYscVRfGb01m9y7CGz8WgliiCwWn51ZX9ZdZJMYkGpxMQhLNQl3cr5q5TnXd8t6qrs64CY5IEAKtCIog1Dw9yRgNEjfuRO1x5Yhgi4tBM5v8A2Iga-mZhsGzOOfc-ztcznnOfX-92CUhCrZz_qxZ1UnC5hs16j9zWafSlM5fvOQHtEaP-pd12oyO-v2Js73ngzCq0Wf9l5RYMfN1GlAa0MA_ra2KTX9-j0JntztBrUNrUb0WNCL07X_PrvDgmAfZ2yVHoOX48L34dWgxQtq9c1K5ldxkz53qFgnLjUVPbr6arqSmTNE9SGPrIU43p9UwbkzIpzMw6eZ0ApjexmQCcD0mM4_eBU83p22C927sd8oTqBRc_g9lbwSVjKDZCMKsQcvfCCAkFs8h7d5cNLZkV_Ypm9AxmX1wH7ock9m7DyPtfn0i0X3_okmKXJvUoR9X0P0R9NIIWbGFfHUGutyCyN-Flr-S-QcLSLsb51xioOXO00E7bLQ4bcyJuC3mItpszXHRjOZ4ELZZM-S8SVt7Eul4BOZmUDgPhfZQxB6KzENX7vgRbUciYGEz7kjRohGLIqk47bTrlLKOaKEQk94HyLMBRDKAsFeR2atY0QPY4ge45QpOenA5QU9WKBVB6QhKRlBqgjInKHvVDZm4uqtuysQVPJjG-jSG1dDkS-vshsmXVErA7ABWVhs6e9utQeSHhquxk0MzcYzn1ZBxWa1nu-T_E1m9zz_6Aytqx29HosU7KuaNWFLa5s2gQ1sBDZjsxFwxAacraDcD5jys6jFZ9C8i02Py1HsDcLYFl2xB6EfAisfBygpsucJqeidVpu9MnJfGrriaKiBNhSyfRX7FW092yWN7y33j5b-gxPbxJ4-vHUk_uQ5hK2S2wlv6J4Kl5NrwginJxgVTOvLNuSzXXb3KJou_mLNczX75irpSGivPnHSDWy-ICZikty8ply-wVOp0yZGvTmgplT1trFDkuzPusuLnC7d8orBpkS2cf_H0mW5mlXPapCMwPSZk908IPSYPLfyz96mjxmvQdgRbVOgW22RqENlVuGz7-BP3vz21_vOPcIbAJgecZx7KohraOj-4TPSYnP34CyRq-xg-uP7LvVuHwXgFpw5E4Gr7-7_364eWTV5gulp317BkPbB8DWm3Qs9W6CUVWDKAKw4N88xuH_s93DPwxBvyxHobPLHJh_syO73jx6GqC0rbrWYQtmMVhJEUcaMddWST0TBUyN14-Z03P_s3AAD___fTUri2BAAA HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Cookie: uid_id2=18357b05-cf8c-4067-bc64-b138a63bb607:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27103957=1; slec84c7b9efb5fd008b61907101ad9fbeac=[6047964]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 19 Jul 2025 08:55:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
access-control-allow-origin: *
vary: Origin
access-control-allow-credentials: true
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
set-cookie: iprc_l+aac849ce68e2fecb18ca3dd044bafc4e=6047964; expires=Sun, 20 Jul 2025 08:55:56 GMT; path=/; secure; SameSite=None
iprc_l:6047964=1; expires=Sun, 20 Jul 2025 08:55:56 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 2
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 761f176fd174bc4cee53a5b02bb566f2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/webfonts/fa-brands-400.woff2
200 OK 117 kB URL GET HTTPS
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/webfonts/fa-brands-400.woff2
IP / ASN
104.17.25.14
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 116672, version 773.256
First Seen 2024-01-04
Last Seen 2025-08-04
Times Seen 197
Size 117 kB (116672 bytes)
MD5 0474ccd4d3ec29857f1e7f8b9c56df8b
SHA1 3e8f0f46b2949dcc309f65fff1372b9a05e8f480
SHA256 b66b3da5ff7b2db79b6cb5a22c3e762e2bf16958a11987e69eeb1980bbbcdfb0
Certificate Info
Issuer Google Trust Services
Subject cdnjs.cloudflare.com
Fingerprint 4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
Validity Thu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
GET /ajax/libs/font-awesome/6.5.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 19 Jul 2025 08:55:53 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 116672
cf-ray: 961900a03d45b4fa-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "656632a7-1c7c0"
last-modified: Tue, 28 Nov 2023 18:34:15 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 10474
expires: Thu, 09 Jul 2026 08:55:53 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4GS%2FQfz7onQHVi1OxCRUBsbMMgctHzU1xK91qpj2LbS2NRV1Xdxken%2FGoD4BGzOHi9JDrSVhC7G5ut%2BVGFi%2BYJaVG6hnKb3o3RXnztRM3VK1iYXnp%2FZ%2FOTAYzGyC2vjB0dJlmnR0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET neoxsoftworks.eu/apple-touch-icon.png
200 OK 4.1 kB URL GET HTTPS
neoxsoftworks.eu/apple-touch-icon.png
IP / ASN
147.93.84.91
#0
Requested by https://neoxsoftworks.eu/
Resource Info
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
First Seen 2025-07-19
Last Seen 2025-07-19
Times Seen 1
Size 4.1 kB (4102 bytes)
MD5 cbe94700e4e0f100b487616564119b06
SHA1 ef10fb59052dcbf3e01eb8cf89fba3c60c2adb7c
SHA256 728c2bfda30f751ed3dabeb5e758c7d2c0f41fdaa4f29b9fc0e52d8a92670e0c
Certificate Info
Issuer Let's Encrypt
Subject neoxsoftworks.eu
Fingerprint C0:4E:B8:E5:2B:33:98:0E:7B:91:CE:E6:1B:9C:9A:09:E1:71:93:BA
Validity Fri, 04 Jul 2025 09:48:06 GMT - Thu, 02 Oct 2025 09:48:05 GMT
GET /apple-touch-icon.png HTTP/1.1
Host: neoxsoftworks.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=18357b05-cf8c-4067-bc64-b138a63bb607%3A2%3A1; pp_main_9a6288a8e154f7f2e1b335af4d7df9c0=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.26.3 (Ubuntu)
Date: Sat, 19 Jul 2025 08:55:54 GMT
Content-Type: image/png
Content-Length: 4102
Last-Modified: Wed, 09 Jul 2025 00:15:08 GMT
Connection: keep-alive
ETag: "686db48c-1006"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Accept-Ranges: bytes
GET cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/css/magic.css
200 OK 45 kB URL GET HTTPS
cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/css/magic.css
IP / ASN
104.21.16.1
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type ASCII text
First Seen 2025-06-11
Last Seen 2025-08-01
Times Seen 633
Size 45 kB (45054 bytes)
MD5 bcd1967f8c2604f55f57197de0ae895e
SHA1 c31a10c3ecde74b50450a0a1ad21aa474ff05e7d
SHA256 787eac5d9417257a04de7b18ef21f5ec887de3aee642ceba9a7d56a8209eea2a
Certificate Info
Issuer Google Trust Services
Subject creative-sb1.com
Fingerprint CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B
Validity Tue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT
GET /sb/notifications/utility/default/robot/3/css/magic.css HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:55 GMT
content-type: text/css
server: cloudflare
last-modified: Mon, 30 Jun 2025 11:15:09 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"686271bd-affe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QDDGaPSLNutGl3Ya6dppEF4sg3PoL8K6cg4hfFPLnQW3QWS%2FpihlF8FBMNZD01QEX%2FB0naM20LGxbPK9UibLMcxIy3Vgy8oVX97urLZMZDEtGw%3D%3D"}]}
cf-ray: 961900aa997a0b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/img/banner.png
200 OK 32 kB URL GET HTTPS
cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/img/banner.png
IP / ASN
104.21.16.1
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type PNG image data, 600 x 400, 8-bit/color RGBA, non-interlaced
First Seen 2025-07-04
Last Seen 2025-08-01
Times Seen 544
Size 32 kB (31747 bytes)
MD5 8b80e5aaebd2987d46dd0382da97fdc1
SHA1 bccdfd974f19600eac67f10c43a8d3cd92188aff
SHA256 41f23c36cc8dedef9d191f90f7f85c4aebba6012af7794fdfdf30331df5afe05
Certificate Info
Issuer Google Trust Services
Subject creative-sb1.com
Fingerprint CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B
Validity Tue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT
GET /sb/notifications/utility/default/robot/3/img/banner.png HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:55 GMT
content-type: image/png
content-length: 31747
server: cloudflare
last-modified: Mon, 30 Jun 2025 11:15:06 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "686271ba-7c03"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 940880
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XUReXjeXF57wkAirfPLNN%2BAkmczYY8L4OyZV0T33wZeP90ffwXWeCo3ebZfwEn7YbGp4F0uoKN0fMeOtsRWznJD4BFuq9ghOrP4NFKT%2F86zqyg%3D%3D"}]}
cf-ray: 961900ab29e00b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.css
200 OK 102 kB URL GET HTTPS
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.0/css/all.min.css
IP / ASN
104.17.25.14
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type ASCII text, with very long lines (52276)
First Seen 2024-01-04
Last Seen 2025-08-04
Times Seen 1932
Size 102 kB (102526 bytes)
MD5 c43cd173eeeba2f72aa6b431d06b8c07
SHA1 427a692f7f39eabb3d5b8510aee2743025daf813
SHA256 c880eb3d25c765d399840aa204fec22b3230310991089f14781f09a35ed80b8a
Certificate Info
Issuer Google Trust Services
Subject cdnjs.cloudflare.com
Fingerprint 4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
Validity Thu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
GET /ajax/libs/font-awesome/6.5.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:53 GMT
content-type: text/css; charset=utf-8
content-length: 18859
cf-ray: 9619009c2ff256a4-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "656632a7-49ab"
last-modified: Tue, 28 Nov 2023 18:34:15 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 25491
expires: Thu, 09 Jul 2026 08:55:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUgDnAOnzd4l8TiH4bS%2BacO9%2F3tJ3P2JVdDMVathi6ncAr6zZu6En8FWqRP%2BDhunzwoAsB96hjw3H8BZPxBriTdivQz76KUhIY96qEeRmvqi4pFQXu0t1gf72LQXsJE4U6WZNDi2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
200 OK 48 kB URL GET HTTPS
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
IP / ASN
142.250.178.99
#15169 GOOGLE
Requested by https://neoxsoftworks.eu/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48532, version 1.0
First Seen 2025-05-29
Last Seen 2025-08-05
Times Seen 9337
Size 48 kB (48532 bytes)
MD5 225835e6e0496c54dc2aca9f3d533892
SHA1 942ef5298bbe74bfe44e445def5f2bfc94027fa8
SHA256 acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
Validity Mon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT
GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Jul 2025 17:15:50 GMT
expires: Fri, 17 Jul 2026 17:15:50 GMT
cache-control: public, max-age=31536000
age: 142803
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Findex.html&l=2218&fd=176
200 OK 0 B URL GET HTTPS
wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Findex.html&l=2218&fd=176
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://neoxsoftworks.eu/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-05
Times Seen 5676336
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject wearychallengeraise.com
Fingerprint C2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
Validity Thu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Findex.html&l=2218&fd=176 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Cookie: uid_id2=18357b05-cf8c-4067-bc64-b138a63bb607:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27103957=1; slec84c7b9efb5fd008b61907101ad9fbeac=[6047964]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 19 Jul 2025 08:55:55 GMT
Content-Length: 0
Connection: keep-alive
x-envoy-upstream-service-time: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/js/jquery.min.js
200 OK 84 kB URL GET HTTPS
cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/js/jquery.min.js
IP / ASN
104.21.16.1
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-08-05
Times Seen 2485
Size 84 kB (84384 bytes)
MD5 6326c600df01e3bfb9b40e1aa08176f8
SHA1 6b4fb754d29b297b539bf62ba9b4eaf0f33f314a
SHA256 df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
Certificate Info
Issuer Google Trust Services
Subject creative-sb1.com
Fingerprint CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B
Validity Tue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT
GET /sb/notifications/utility/default/robot/3/js/jquery.min.js HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:55 GMT
content-type: application/javascript
server: cloudflare
last-modified: Mon, 30 Jun 2025 11:15:08 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=boC3BXnrbpuJmLxZvFdumGuHwRAKCNQLXtIxqtii4y4EVhic7GDMtbH5FiHZbS7PKovKz0eS9GzYsZKzeOsj%2F34YbqUgSTSp3mBteXHgWN0%2FPA%3D%3D"}]}
age: 940880
cf-cache-status: HIT
etag: W/"686271bc-149a0"
content-encoding: br
cf-ray: 961900ab29ec0b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET worryinginadmissible.com/84/c7/b9/84c7b9efb5fd008b61907101ad9fbeac.js
200 OK 67 kB URL GET HTTPS
worryinginadmissible.com/84/c7/b9/84c7b9efb5fd008b61907101ad9fbeac.js
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://neoxsoftworks.eu/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-07-19
Last Seen 2025-07-19
Times Seen 1
Size 67 kB (66961 bytes)
MD5 441adf042e62ced886d60b7fb735bcb7
SHA1 97fc5f61bea1edcb77c6f0d85b1b0bda63e3541f
SHA256 551ebab4035f683a1b772adc7d363433ca88e12cf77eaae039d1cd25953d1cf4
Certificate Info
Issuer Let's Encrypt
Subject worryinginadmissible.com
Fingerprint 13:05:01:D7:E3:42:17:9E:8A:FE:6D:DE:9D:02:58:3B:B9:4F:CF:47
Validity Tue, 15 Jul 2025 09:52:12 GMT - Mon, 13 Oct 2025 09:52:11 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /84/c7/b9/84c7b9efb5fd008b61907101ad9fbeac.js HTTP/1.1
Host: worryinginadmissible.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Jul 2025 08:55:53 GMT
Content-Type: application/javascript
Content-Length: 23928
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: worryinginadmissible.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 224a3906ca1afa42e9b666b5f1d44ccd
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET professionaltrafficmonitor.com/stats
200 OK 40 B URL GET HTTPS
professionaltrafficmonitor.com/stats
IP / ASN
35.157.202.115
#16509 AMAZON-02
Requested by https://neoxsoftworks.eu/
Resource Info
File type ASCII text, with no line terminators
First Seen 2025-07-19
Last Seen 2025-07-19
Times Seen 1
Size 40 B (40 bytes)
MD5 f95904bba160540256faf1c2e53f9822
SHA1 bb122dd9d55c63c8afee0dda184536f7052700db
SHA256 cabb522375a3c3d114964c8caf25d3b541782571c9eb813879eadbc1fb5a2eb0
Certificate Info
Issuer Amazon
Subject protrafficinspector.com
Fingerprint 5D:D5:8D:EB:A4:50:13:0D:7C:33:71:82:B8:02:49:4F:D6:31:B6:E6
Validity Tue, 01 Jul 2025 00:00:00 GMT - Thu, 30 Jul 2026 23:59:59 GMT
GET /stats HTTP/1.1
Host: professionaltrafficmonitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Cookie: uid_id2=18357b05-cf8c-4067-bc64-b138a63bb607:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://neoxsoftworks.eu
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
GET wearychallengeraise.com/ren.gif?sid=H4sIAAAAAAAC_1SSzYscVRfGb01m9y7CGz8WgliiCwWnp6qr-qPMIjEm0eBkEpJoFuriftXMdarrlvdWdXXGTXBEghBoRVAEofrpScZokLhxJ2qPK1sEW1wMmtnkHxADWUvPNAyexTnn3t_hcs5z7vuDYpcEKOjO-bN6XSUJXWzUPPeZyyoVurTu8iXX92reUfeySpvhUbc3dab7vB-ENe9Z9yXJ1_Ri3fM9z_d897QyMta9xT0Kld2O_Frk1cJ6zW-E6Jn_nm3hwFIHortLjkCJyeF78etQfIS0c-ektGu5zp471SkSmmuDrth6NV1LdZmic5DGxkGcbs2qoe2EkE_noNOt2QTQ3c3pBGBqQuYevQuWbs3aBOve2O-UJZApmPgfyu4IMhlB0RG43oASvxGACyyfQ9q5uaxNSa_sUzqlEzL_4D5UOSHzdx9G2vn6RKJ67kWdFLnSqUUvrqB6I6iVEbJiG_n6HFS5DZ6_CyV-JYsPlpB2Ns_ZREOJnaf9dtBoMa-xwOM2Xwi9ZmuB8Wa4wPygTZsBY02vtSeRikegdg6FdVAoB0XsoMgcdMSOG3rtkPs0aMaR4C0vpGEoJPOidt3zaMRbKPi09z7yrA-e9MHNVWTmKtZUH6b4AXa1ghUObE7QFRVKSVBagpISlIqgzAnKbnVDJLZuq5sisQXzZ7E-i0E11PnKgN7Q-YpMCajpw4hqU2Vv2w3w_NBwPbZiqKeOsrwaUiaqQbZL_j-V1fn8oz-wJnfcdshbLJIxa8TC89qs6Udey_d8KqKYScphVQVl50Ctg3U1IcvuRWRqQp56rw9Gt2GTbXD1CGjxOGhZga5WWE_vpFL3rI7zUps1W5MFhK6Q5fPIrziDZJc8trfcN17-C5KPjz95fONI-sl1cFMhMxXeUj8RrCTXhhd0STYv6NKSb85lueqodTpd_MWc5nL-y1fklVIbceak7d96gU_BNL19Sdp8iaZCpSuWfHVCCSHNaW24JN-dsZclO1_Y1ROFSYts6fyLp890MiOtVTodgaoJIbt_gqsJeWjpn71PHTZegzIjmKJCpxiTmYFnV2Gz8fEn7n97avDzj7CawCQHnGUOyqIamjo7uEzUhJz9-AskcnwMH1z_5d6tw6CsgpUHIjA5_v7v_fqhodMXqKoG9hpWjAOabyDtVOiaCt2kAk36sMWhYZ6Z8bHfgz0DS5whS4yzyRKTfLgvs1U7bqPOgma73ZRxU8SBCOqBiBqejEIaNcMobCC3k9V33vzs3wAAAP__C7vCZrYEAAA=
200 OK 0 B URL GET HTTPS
wearychallengeraise.com/ren.gif?sid=H4sIAAAAAAAC_1SSzYscVRfGb01m9y7CGz8WgliiCwWnp6qr-qPMIjEm0eBkEpJoFuriftXMdarrlvdWdXXGTXBEghBoRVAEofrpScZokLhxJ2qPK1sEW1wMmtnkHxADWUvPNAyexTnn3t_hcs5z7vuDYpcEKOjO-bN6XSUJXWzUPPeZyyoVurTu8iXX92reUfeySpvhUbc3dab7vB-ENe9Z9yXJ1_Ri3fM9z_d897QyMta9xT0Kld2O_Frk1cJ6zW-E6Jn_nm3hwFIHortLjkCJyeF78etQfIS0c-ektGu5zp471SkSmmuDrth6NV1LdZmic5DGxkGcbs2qoe2EkE_noNOt2QTQ3c3pBGBqQuYevQuWbs3aBOve2O-UJZApmPgfyu4IMhlB0RG43oASvxGACyyfQ9q5uaxNSa_sUzqlEzL_4D5UOSHzdx9G2vn6RKJ67kWdFLnSqUUvrqB6I6iVEbJiG_n6HFS5DZ6_CyV-JYsPlpB2Ns_ZREOJnaf9dtBoMa-xwOM2Xwi9ZmuB8Wa4wPygTZsBY02vtSeRikegdg6FdVAoB0XsoMgcdMSOG3rtkPs0aMaR4C0vpGEoJPOidt3zaMRbKPi09z7yrA-e9MHNVWTmKtZUH6b4AXa1ghUObE7QFRVKSVBagpISlIqgzAnKbnVDJLZuq5sisQXzZ7E-i0E11PnKgN7Q-YpMCajpw4hqU2Vv2w3w_NBwPbZiqKeOsrwaUiaqQbZL_j-V1fn8oz-wJnfcdshbLJIxa8TC89qs6Udey_d8KqKYScphVQVl50Ctg3U1IcvuRWRqQp56rw9Gt2GTbXD1CGjxOGhZga5WWE_vpFL3rI7zUps1W5MFhK6Q5fPIrziDZJc8trfcN17-C5KPjz95fONI-sl1cFMhMxXeUj8RrCTXhhd0STYv6NKSb85lueqodTpd_MWc5nL-y1fklVIbceak7d96gU_BNL19Sdp8iaZCpSuWfHVCCSHNaW24JN-dsZclO1_Y1ROFSYts6fyLp890MiOtVTodgaoJIbt_gqsJeWjpn71PHTZegzIjmKJCpxiTmYFnV2Gz8fEn7n97avDzj7CawCQHnGUOyqIamjo7uEzUhJz9-AskcnwMH1z_5d6tw6CsgpUHIjA5_v7v_fqhodMXqKoG9hpWjAOabyDtVOiaCt2kAk36sMWhYZ6Z8bHfgz0DS5whS4yzyRKTfLgvs1U7bqPOgma73ZRxU8SBCOqBiBqejEIaNcMobCC3k9V33vzs3wAAAP__C7vCZrYEAAA=
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://neoxsoftworks.eu/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-05
Times Seen 5676336
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject wearychallengeraise.com
Fingerprint C2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
Validity Thu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC_1SSzYscVRfGb01m9y7CGz8WgliiCwWnp6qr-qPMIjEm0eBkEpJoFuriftXMdarrlvdWdXXGTXBEghBoRVAEofrpScZokLhxJ2qPK1sEW1wMmtnkHxADWUvPNAyexTnn3t_hcs5z7vuDYpcEKOjO-bN6XSUJXWzUPPeZyyoVurTu8iXX92reUfeySpvhUbc3dab7vB-ENe9Z9yXJ1_Ri3fM9z_d897QyMta9xT0Kld2O_Frk1cJ6zW-E6Jn_nm3hwFIHortLjkCJyeF78etQfIS0c-ektGu5zp471SkSmmuDrth6NV1LdZmic5DGxkGcbs2qoe2EkE_noNOt2QTQ3c3pBGBqQuYevQuWbs3aBOve2O-UJZApmPgfyu4IMhlB0RG43oASvxGACyyfQ9q5uaxNSa_sUzqlEzL_4D5UOSHzdx9G2vn6RKJ67kWdFLnSqUUvrqB6I6iVEbJiG_n6HFS5DZ6_CyV-JYsPlpB2Ns_ZREOJnaf9dtBoMa-xwOM2Xwi9ZmuB8Wa4wPygTZsBY02vtSeRikegdg6FdVAoB0XsoMgcdMSOG3rtkPs0aMaR4C0vpGEoJPOidt3zaMRbKPi09z7yrA-e9MHNVWTmKtZUH6b4AXa1ghUObE7QFRVKSVBagpISlIqgzAnKbnVDJLZuq5sisQXzZ7E-i0E11PnKgN7Q-YpMCajpw4hqU2Vv2w3w_NBwPbZiqKeOsrwaUiaqQbZL_j-V1fn8oz-wJnfcdshbLJIxa8TC89qs6Udey_d8KqKYScphVQVl50Ctg3U1IcvuRWRqQp56rw9Gt2GTbXD1CGjxOGhZga5WWE_vpFL3rI7zUps1W5MFhK6Q5fPIrziDZJc8trfcN17-C5KPjz95fONI-sl1cFMhMxXeUj8RrCTXhhd0STYv6NKSb85lueqodTpd_MWc5nL-y1fklVIbceak7d96gU_BNL19Sdp8iaZCpSuWfHVCCSHNaW24JN-dsZclO1_Y1ROFSYts6fyLp890MiOtVTodgaoJIbt_gqsJeWjpn71PHTZegzIjmKJCpxiTmYFnV2Gz8fEn7n97avDzj7CawCQHnGUOyqIamjo7uEzUhJz9-AskcnwMH1z_5d6tw6CsgpUHIjA5_v7v_fqhodMXqKoG9hpWjAOabyDtVOiaCt2kAk36sMWhYZ6Z8bHfgz0DS5whS4yzyRKTfLgvs1U7bqPOgma73ZRxU8SBCOqBiBqejEIaNcMobCC3k9V33vzs3wAAAP__C7vCZrYEAAA= HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Cookie: uid_id2=18357b05-cf8c-4067-bc64-b138a63bb607:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27103957=1; slec84c7b9efb5fd008b61907101ad9fbeac=[6047964]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 19 Jul 2025 08:55:55 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
access-control-allow-origin: *
vary: Origin
access-control-allow-credentials: true
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 1
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c1763d337376ba87ed24abf662170f20
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET cdn.show-sb.com/sb/notifications/utility/default/robot/3/index.html
200 OK 2.2 kB URL GET HTTPS
cdn.show-sb.com/sb/notifications/utility/default/robot/3/index.html
IP / ASN
172.67.170.115
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type HTML document, ASCII text
First Seen 2025-07-04
Last Seen 2025-08-01
Times Seen 431
Size 2.2 kB (2218 bytes)
MD5 02f5dbb1330ff16517996ff3f06f9bac
SHA1 6c27e56a5d0173e4f518969906f71c1e37830a59
SHA256 ef0af1d5eb0bb2361e8ff64de642fb17e25a37cff8b0f5220eff0a1cb95c03ed
Certificate Info
Issuer Google Trust Services
Subject show-sb.com
Fingerprint DF:A8:5A:11:E9:7E:8B:0E:2E:08:20:FB:02:FE:C4:E3:E7:97:E8:3A
Validity Thu, 12 Jun 2025 07:26:41 GMT - Wed, 10 Sep 2025 08:25:04 GMT
GET /sb/notifications/utility/default/robot/3/index.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:55 GMT
content-type: text/html
server: cloudflare
last-modified: Mon, 30 Jun 2025 11:15:06 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rWMg2Uut4akHpUjvg286lT1UZ1IRQbApYqD6WL9oAmG51hAvH8dXQXg3D%2FCUuzi4cfr5qcS%2F%2BmavaqzDaew3EheeQwrQo4sXcthx2C0%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 961900a94ccc5693-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET wearychallengeraise.com/sbar.json?key=84c7b9efb5fd008b61907101ad9fbeac&uuid=18357b05-cf8c-4067-bc64-b138a63bb607%3A2%3A1
200 OK 6.1 kB URL GET HTTPS
wearychallengeraise.com/sbar.json?key=84c7b9efb5fd008b61907101ad9fbeac&uuid=18357b05-cf8c-4067-bc64-b138a63bb607%3A2%3A1
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://neoxsoftworks.eu/
Resource Info
File type JSON text data
First Seen 2025-07-19
Last Seen 2025-07-19
Times Seen 1
Size 6.1 kB (6059 bytes)
MD5 78b4a4195f72636622e218c63d5a5a8b
SHA1 b24ddfe4c2fa7d2edc6ab7ddf4b1d499cdf01862
SHA256 75bb4c6d2a29871ff031feca0010840b8075d671db1e960e5f8f296fd28f4c7a
Certificate Info
Issuer Let's Encrypt
Subject wearychallengeraise.com
Fingerprint C2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
Validity Thu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=84c7b9efb5fd008b61907101ad9fbeac&uuid=18357b05-cf8c-4067-bc64-b138a63bb607%3A2%3A1 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 19 Jul 2025 08:55:54 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
access-control-allow-origin: https://neoxsoftworks.eu
access-control-allow-credentials: true
set-cookie: uid_id2=18357b05-cf8c-4067-bc64-b138a63bb607:2:1; expires=Sat, 26 Jul 2025 08:55:54 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Sun, 20 Jul 2025 08:55:54 GMT; path=/; secure; SameSite=None
uncs=1; expires=Sun, 20 Jul 2025 08:55:54 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Sun, 20 Jul 2025 08:55:54 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Sun, 20 Jul 2025 08:55:54 GMT; path=/; secure; SameSite=None
u_pl27103957=1; expires=Sun, 20 Jul 2025 08:55:54 GMT; path=/; secure; SameSite=None
slec84c7b9efb5fd008b61907101ad9fbeac=[6047964]; expires=Sat, 19 Jul 2025 08:55:59 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 214
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 17a5556e2578da3d88a77fc3a896671c
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
GET wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Fjs%2Fscript.js&l=10920&fd=643
200 OK 0 B URL GET HTTPS
wearychallengeraise.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Fjs%2Fscript.js&l=10920&fd=643
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://neoxsoftworks.eu/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-05
Times Seen 5676336
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject wearychallengeraise.com
Fingerprint C2:9A:4F:D1:20:4F:D6:7B:AD:D9:F3:AE:DB:94:98:E2:A5:BE:EF:8B
Validity Thu, 19 Jun 2025 03:13:57 GMT - Wed, 17 Sep 2025 03:13:56 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F3%2Fjs%2Fscript.js&l=10920&fd=643 HTTP/1.1
Host: wearychallengeraise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Cookie: uid_id2=18357b05-cf8c-4067-bc64-b138a63bb607:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl27103957=1; slec84c7b9efb5fd008b61907101ad9fbeac=[6047964]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 19 Jul 2025 08:55:56 GMT
Content-Length: 0
Connection: keep-alive
x-envoy-upstream-service-time: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET skinnycrawlinglax.com/pixel/purst?dl=0&th=0&sc=0&rs=870&rd=870&fd=565&bv=25.7.6656&tmpl=70
200 OK 0 B URL GET HTTPS
skinnycrawlinglax.com/pixel/purst?dl=0&th=0&sc=0&rs=870&rd=870&fd=565&bv=25.7.6656&tmpl=70
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://neoxsoftworks.eu/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-05
Times Seen 5676336
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject skinnycrawlinglax.com
Fingerprint 4A:6A:48:C8:5B:C5:2B:2E:9C:03:AF:BF:4C:E6:10:23:E2:7B:EA:97
Validity Sat, 28 Jun 2025 22:21:33 GMT - Fri, 26 Sep 2025 22:21:32 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=870&rd=870&fd=565&bv=25.7.6656&tmpl=70 HTTP/1.1
Host: skinnycrawlinglax.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Jul 2025 08:55:53 GMT
Content-Length: 0
Connection: keep-alive
Host: skinnycrawlinglax.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET preferencenail.com/sfp.js
200 OK 85 kB URL GET HTTPS
preferencenail.com/sfp.js
IP / ASN
185.196.197.72
#39572 DataWeb Global Group B.V.
Requested by https://neoxsoftworks.eu/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
First Seen 2025-07-08
Last Seen 2025-08-05
Times Seen 2299
Size 85 kB (85386 bytes)
MD5 46a6fef91632b94d14252fe324c1585f
SHA1 387cebbd261b8fe947fe9805875300f2ceeb5cfd
SHA256 36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5
Certificate Info
Issuer Let's Encrypt
Subject preferencenail.com
Fingerprint F9:52:70:4B:81:A8:F8:39:E6:E7:96:8F:EA:FE:17:FD:96:C5:32:E3
Validity Tue, 01 Jul 2025 15:11:38 GMT - Mon, 29 Sep 2025 15:11:37 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: preferencenail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 19 Jul 2025 08:55:53 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28254
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: preferencenail.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 03ce5a4571a91a0f4c19c0d899f7b735
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
200 OK 48 kB URL GET HTTPS
fonts.gstatic.com/s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2
IP / ASN
142.250.178.99
#15169 GOOGLE
Requested by https://neoxsoftworks.eu/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 48532, version 1.0
First Seen 2025-05-29
Last Seen 2025-08-05
Times Seen 9337
Size 48 kB (48532 bytes)
MD5 225835e6e0496c54dc2aca9f3d533892
SHA1 942ef5298bbe74bfe44e445def5f2bfc94027fa8
SHA256 acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
Validity Mon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT
GET /s/inter/v19/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://neoxsoftworks.eu
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48532
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Jul 2025 17:15:50 GMT
expires: Fri, 17 Jul 2026 17:15:50 GMT
cache-control: public, max-age=31536000
age: 142803
last-modified: Wed, 28 May 2025 18:51:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET neoxsoftworks.eu/favicon.svg
200 OK 2.7 kB URL GET HTTPS
neoxsoftworks.eu/favicon.svg
IP / ASN
147.93.84.91
#0
Requested by https://neoxsoftworks.eu/
Resource Info
File type SVG Scalable Vector Graphics image
First Seen 2025-07-19
Last Seen 2025-07-19
Times Seen 1
Size 2.7 kB (2704 bytes)
MD5 81345b7555aa8fab633d628046860be2
SHA1 934fa993293a754eee82a5897498843a1c0aefa0
SHA256 1805f15176efb75aa6be461a84769aeb29cc5ad39b8e0b72a421637e9b71a41f
Certificate Info
Issuer Let's Encrypt
Subject neoxsoftworks.eu
Fingerprint C0:4E:B8:E5:2B:33:98:0E:7B:91:CE:E6:1B:9C:9A:09:E1:71:93:BA
Validity Fri, 04 Jul 2025 09:48:06 GMT - Thu, 02 Oct 2025 09:48:05 GMT
GET /favicon.svg HTTP/1.1
Host: neoxsoftworks.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=18357b05-cf8c-4067-bc64-b138a63bb607%3A2%3A1; pp_main_9a6288a8e154f7f2e1b335af4d7df9c0=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.26.3 (Ubuntu)
Date: Sat, 19 Jul 2025 08:55:54 GMT
Content-Type: image/svg+xml
Content-Length: 2704
Last-Modified: Wed, 09 Jul 2025 00:15:08 GMT
Connection: keep-alive
ETag: "686db48c-a90"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Accept-Ranges: bytes
200 OK 20 kB URL User Request GET HTTPS
neoxsoftworks.eu/
IP / ASN
147.93.84.91
#0
Resource Info
File type HTML document, ASCII text, with very long lines (10445)
First Seen 2025-07-19
Last Seen 2025-07-19
Times Seen 1
Size 20 kB (20326 bytes)
MD5 b320266c1b320214579fbe731be75deb
SHA1 1caf09126932426890be8b9af14bd645b9370aec
SHA256 2c423f6f3316da93b151d6f3b7adb17c2d9c76a34721937b991eb2e07c365147
Certificate Info
Issuer Let's Encrypt
Subject neoxsoftworks.eu
Fingerprint C0:4E:B8:E5:2B:33:98:0E:7B:91:CE:E6:1B:9C:9A:09:E1:71:93:BA
Validity Fri, 04 Jul 2025 09:48:06 GMT - Thu, 02 Oct 2025 09:48:05 GMT
GET / HTTP/1.1
Host: neoxsoftworks.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.26.3 (Ubuntu)
Date: Sat, 19 Jul 2025 08:55:52 GMT
Content-Type: text/html
Last-Modified: Sat, 19 Jul 2025 07:05:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"687b43a0-4f66"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Content-Encoding: gzip
GET worryinginadmissible.com/9a/62/88/9a6288a8e154f7f2e1b335af4d7df9c0.js
200 OK 104 kB URL GET HTTPS
worryinginadmissible.com/9a/62/88/9a6288a8e154f7f2e1b335af4d7df9c0.js
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://neoxsoftworks.eu/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-07-19
Last Seen 2025-07-19
Times Seen 1
Size 104 kB (104191 bytes)
MD5 466da96c4465266fcf6027d45a07759d
SHA1 5bdfe27afe2ff07c844667c3984b3777395f73b0
SHA256 a49586b8a339a65b1c7dce32bcf0d33dcbdc5a1eb346f67ac2c1e538ed5c2046
Certificate Info
Issuer Let's Encrypt
Subject worryinginadmissible.com
Fingerprint 13:05:01:D7:E3:42:17:9E:8A:FE:6D:DE:9D:02:58:3B:B9:4F:CF:47
Validity Tue, 15 Jul 2025 09:52:12 GMT - Mon, 13 Oct 2025 09:52:11 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /9a/62/88/9a6288a8e154f7f2e1b335af4d7df9c0.js HTTP/1.1
Host: worryinginadmissible.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 19 Jul 2025 08:55:53 GMT
Content-Type: application/javascript
Content-Length: 32874
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: worryinginadmissible.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 2138b916b72d662cc19684a713fd0aae
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
200 OK 10 kB URL GET HTTPS
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
IP / ASN
142.250.178.74
#15169 GOOGLE
Requested by https://neoxsoftworks.eu/
Resource Info
File type ASCII text
First Seen 2025-05-29
Last Seen 2025-08-05
Times Seen 1589
Size 10 kB (10108 bytes)
MD5 eea55531c78093c1f80ece9ef6485401
SHA1 406db5cf6ad96dd0b4f7b40dab664c24605e63be
SHA256 b984ffbaf076dc36a9c279697c9eed1539c031769c94aba15ea9b0c4782ddb1a
Certificate Info
Issuer Google Trust Services
Subject upload.video.google.com
Fingerprint DC:40:BF:B1:59:C9:CC:B5:4A:38:2D:D0:16:8D:06:A5:1D:B4:08:8B
Validity Mon, 23 Jun 2025 08:41:28 GMT - Mon, 15 Sep 2025 08:41:27 GMT
GET /css2?family=Inter:wght@400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://neoxsoftworks.eu/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Jul 2025 08:55:53 GMT
date: Sat, 19 Jul 2025 08:55:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/img/cap.png
200 OK 10 kB URL GET HTTPS
cdn.creative-sb1.com/sb/notifications/utility/default/robot/3/img/cap.png
IP / ASN
104.21.16.1
#13335 CLOUDFLARENET
Requested by https://neoxsoftworks.eu/
Resource Info
File type PNG image data, 413 x 104, 8-bit/color RGB, non-interlaced
First Seen 2025-07-04
Last Seen 2025-08-01
Times Seen 425
Size 10 kB (9969 bytes)
MD5 cd399821f365e9b2e08a8db38a7bf686
SHA1 94a95b55d5c755df8c30f7b2a80022ad014ab2b5
SHA256 f6fe4493007eb93efc7760942585342f506295cff8ca86432bde23fe256ccdb3
Certificate Info
Issuer Google Trust Services
Subject creative-sb1.com
Fingerprint CD:76:E0:2A:28:09:08:24:2D:4C:A1:14:B2:AE:6C:39:A4:CC:2F:6B
Validity Tue, 01 Jul 2025 14:01:22 GMT - Mon, 29 Sep 2025 14:59:36 GMT
GET /sb/notifications/utility/default/robot/3/img/cap.png HTTP/1.1
Host: cdn.creative-sb1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Jul 2025 08:55:55 GMT
content-type: image/png
content-length: 9969
server: cloudflare
last-modified: Mon, 30 Jun 2025 11:15:07 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "686271bb-26f1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 25415
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=N%2FA7h6W4arH4aHXZGoiF2m4Nhe0A3yVdqJ5oX9cxN9bQSolwY9caaGkWrX3LVZJoCWRcf1WjVaOCYjIffQ2dlXop1kW5iaTXa1mS3qL9Lz50xg%3D%3D"}]}
cf-ray: 961900ab29ea0b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
