Report - htmlpreview.github.io/?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html

Report Overview

Visited public
2025-04-26 06:30:09
Tags
URL
htmlpreview.github.io/?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html
Finishing URL
google.com/404
IP / ASN
185.199.111.153
#54113 FASTLY
Title
Error 404 (Not Found)!!1

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
htmlpreview.github.io	unknown	2013-03-08	2013-12-05	2025-04-16	1.7 kB	18 kB	185.199.111.153
proxirelay.com	unknown	unknown	No data	No data	524 B	1.9 kB	193.143.1.169
google.com	1	1997-09-15	2013-10-02	2025-04-23	592 B	1.8 kB	142.250.74.78
www.google.com	7	1997-09-15	2015-05-10	2025-04-23	996 B	11 kB	142.250.178.100
gist.githubusercontent.com	36903	2014-02-06	2014-02-19	2025-04-23	516 B	2.5 kB	185.199.108.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-26 06:29:39	medium	193.143.1.169	Client IP	ET DROP Spamhaus DROP Listed Traffic Inbound group 37

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	htmlpreview.github.io/htmlpreview.js	ScriptElement	4.7 kB	2023-03-14	2025-04-26
Pretty URL htmlpreview.github.io/htmlpreview.js IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 04:55 Last Seen2025-04-26 06:30 Times Seen10 Hash dda994c4fc9b9d812cf528f7001eeccd 86963cc3558673a993493dd21e810d1928d9aed9 68636cf5930de24848122bb2f2650a20bc160d9e99377454ca084861c05f8842 Loading...

	htmlpreview.github.io/?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html	ScriptElement	100 B	2025-04-26	2025-04-26
Pretty URL htmlpreview.github.io/?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-26 06:30 Last Seen2025-04-26 06:30 Times Seen1 Hash 1de47b08b8f316d1ca47cab63bf1a3a4 e336fcf47b439aa2b4502ad75cf5ca55331d70c0 db36fb028ff8baa1487fd940cbd18539e8e2bc7d778366bc84ea27a880926c72 Loading...

		Size	First Seen	Last Seen
	#1 Write - 3babf3524c5627e7f5da5039939b9357	1.7 kB	2025-04-26 06:30	2025-04-26 06:30
Pretty Observations First Seen2025-04-26 06:30 Last Seen2025-04-26 06:30 Times Seen1 Hash 3babf3524c5627e7f5da5039939b9357 79ff2312edc8fc7b13058a2b43006d2309ffbd6a e59d302cc13498548d1c64f58fac9cdaca16fd521d316c646ead8283338c3f0c Loading...

HTTP Transactions (8)

	URL	IP	Response	Size
	htmlpreview.github.io/htmlpreview.js	185.199.111.153	200 OK	4.7 kB
URL GET htmlpreview.github.io/htmlpreview.js IP 185.199.111.153:443 ASN #54113 FASTLY Requested by https://htmlpreview.github.io/?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html Certificate IssuerSectigo Limited Subject.github.io Fingerprint8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91 ValidityFri, 07 Mar 2025 00:00:00 GMT - Sat, 07 Mar 2026 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (322) Size 4.7 kB (4664 bytes) Hash dda994c4fc9b9d812cf528f7001eeccd 86963cc3558673a993493dd21e810d1928d9aed9 68636cf5930de24848122bb2f2650a20bc160d9e99377454ca084861c05f8842 HTTP Headers GET /htmlpreview.js HTTP/1.1 Host: htmlpreview.github.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://htmlpreview.github.io/?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: GitHub.com content-type: application/javascript; charset=utf-8 permissions-policy: interest-cohort=() last-modified: Sun, 11 Jul 2021 09:15:51 GMT access-control-allow-origin: * etag: W/"60eab6c7-1238" expires: Fri, 25 Apr 2025 21:22:04 GMT cache-control: max-age=600 content-encoding: gzip x-proxy-cache: MISS x-github-request-id: E259:149677:DF984D:E1A62A:680BFAA4 accept-ranges: bytes date: Sat, 26 Apr 2025 06:29:38 GMT via: 1.1 varnish age: 0 x-served-by: cache-hel1410024-HEL x-cache: HIT x-cache-hits: 4 x-timer: S1745648978.237713,VS0,VE125 vary: Accept-Encoding x-fastly-request-id: 9bce13987a8e1e47149e6abfaf86336dd338f8a9 content-length: 1566 X-Firefox-Spdy: h2

	proxirelay.com/	193.143.1.169	302 Found	1.6 kB
URL User Request GET proxirelay.com/ IP 193.143.1.169:443 ASN #198953 Proton66 OOO Certificate IssuerLet's Encrypt Subjectproxirelay.com Fingerprint8F:AA:1E:A9:B2:1C:A7:68:17:38:44:EA:0E:DC:14:F7:EC:20:E1:ED ValidityFri, 25 Apr 2025 00:31:07 GMT - Thu, 24 Jul 2025 00:31:06 GMT File type Size 1.6 kB (1564 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: proxirelay.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://htmlpreview.github.io/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found server: nginx date: Sat, 26 Apr 2025 06:29:40 GMT content-type: text/html; charset=UTF-8 expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache set-cookie: PHPSESSID=nve6la0e4i1uvtkao3eaepemt2; path=/ location: https://google.com/404 x-powered-by: PHP/8.3.20, PleskLin X-Firefox-Spdy: h2`

	google.com/404	142.250.74.78	404 Not Found	1.6 kB
URL User Request GET google.com/404 IP 142.250.74.78:443 ASN #15169 GOOGLE Certificate IssuerGoogle Trust Services Subject.google.com Fingerprint67:52:2F:AB:93:DE:39:DA:94:50:11:AE:8B:37:CB:88:8F:DC:56:7D ValidityMon, 31 Mar 2025 08:54:37 GMT - Mon, 23 Jun 2025 08:54:36 GMT File type HTML document, Unicode text, UTF-8 text, with very long lines (1136) Size 1.6 kB (1564 bytes) Hash eedc418e44c986823cb7d61274416834 ecce6db88ead74446bdbdede37152688ea73d344 c3d40562984207ca4629d46c875d119e200efb45bbf270eba900fce4262bfe9f HTTP Headers GET /404 HTTP/1.1 Host: google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://htmlpreview.github.io/ DNT: 1 Connection: keep-alive Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 404 Not Found content-type: text/html; charset=UTF-8 referrer-policy: no-referrer content-length: 1564 date: Sat, 26 Apr 2025 06:29:40 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png	142.250.178.100	200 OK	3.2 kB
URL GET www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png IP 142.250.178.100:443 ASN #15169 GOOGLE Requested by https://google.com/404 Certificate IssuerGoogle Trust Services Subjectwww.google.com FingerprintD0:D7:4C:27:9F:7B:15:26:DB:1E:8C:54:8C:59:28:47:E4:A8:63:68 ValidityMon, 31 Mar 2025 08:56:27 GMT - Mon, 23 Jun 2025 08:56:26 GMT File type PNG image data, 150 x 54, 8-bit/color RGBA, non-interlaced Size 3.2 kB (3170 bytes) Hash 9d73b3aa30bce9d8f166de5178ae4338 d0cbc46850d8ed54625a3b2b01a2c31f37977e75 dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139 HTTP Headers `GET /images/branding/googlelogo/1x/googlelogo_color_150x54dp.png HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-type: image/png cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 3170 date: Sat, 26 Apr 2025 06:29:41 GMT expires: Sat, 26 Apr 2025 06:29:41 GMT cache-control: private, max-age=31536000 last-modified: Tue, 22 Oct 2019 18:30:00 GMT x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com/images/errors/robot.png	142.250.178.100	200 OK	6.3 kB
URL GET www.google.com/images/errors/robot.png IP 142.250.178.100:443 ASN #15169 GOOGLE Requested by https://google.com/404 Certificate IssuerGoogle Trust Services Subjectwww.google.com FingerprintD0:D7:4C:27:9F:7B:15:26:DB:1E:8C:54:8C:59:28:47:E4:A8:63:68 ValidityMon, 31 Mar 2025 08:56:27 GMT - Mon, 23 Jun 2025 08:56:26 GMT File type PNG image data, 171 x 213, 8-bit colormap, non-interlaced Size 6.3 kB (6327 bytes) Hash 4c9acf280b47cef7def3fc91a34c7ffe c32bb847daf52117ab93b723d7c57d8b1e75d36b 5f9fc5b3fbddf0e72c5c56cdcfc81c6e10c617d70b1b93fbe1e4679a8797bff7 HTTP Headers `GET /images/errors/robot.png HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable" report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-length: 6327 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 21 Apr 2025 13:15:16 GMT expires: Tue, 21 Apr 2026 13:15:16 GMT cache-control: public, max-age=31536000 age: 407665 last-modified: Tue, 22 Oct 2019 18:30:00 GMT content-type: image/png alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	htmlpreview.github.io/?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html	185.199.111.153	200 OK	1.3 kB
URL User Request GET htmlpreview.github.io/?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html IP 185.199.111.153:443 ASN #54113 FASTLY Certificate IssuerSectigo Limited Subject.github.io Fingerprint8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91 ValidityFri, 07 Mar 2025 00:00:00 GMT - Sat, 07 Mar 2026 23:59:59 GMT File type HTML document, ASCII text Size 1.3 kB (1269 bytes) Hash 00fea4290c2fb473a36da40ac1987f35 5069f27b01308f3cf71c9d7f3a5c924e3a91b243 5497ad8c2cbbc4e89f76417df799a907f3dab0f387802d7fc763fffd0a960e71 HTTP Headers GET /?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html HTTP/1.1 Host: htmlpreview.github.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK server: GitHub.com content-type: text/html; charset=utf-8 permissions-policy: interest-cohort=() last-modified: Sun, 11 Jul 2021 09:15:51 GMT access-control-allow-origin: etag: W/"60eab6c7-4f5" expires: Thu, 24 Apr 2025 02:16:32 GMT cache-control: max-age=600 content-encoding: gzip x-proxy-cache: MISS x-github-request-id: 3F14:3D339D:4167E6F:41FA010:68099CA8 accept-ranges: bytes age: 0 date: Sat, 26 Apr 2025 06:29:37 GMT via: 1.1 varnish x-served-by: cache-hel1410024-HEL x-cache: HIT x-cache-hits: 0 x-timer: S1745648978.648150,VS0,VE132 vary: Accept-Encoding x-fastly-request-id: 84e95c71f9d04f097200976b9f0825bf69331066 content-length: 680 X-Firefox-Spdy: h2

	gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html	185.199.108.133	200 OK	1.6 kB
URL GET gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html IP 185.199.108.133:443 ASN #54113 FASTLY Requested by https://htmlpreview.github.io/?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html Certificate IssuerSectigo Limited Subject.github.io Fingerprint8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91 ValidityFri, 07 Mar 2025 00:00:00 GMT - Sat, 07 Mar 2026 23:59:59 GMT File type HTML document, ASCII text Size 1.6 kB (1610 bytes) Hash ae82b7c64d9d6f025d6d60f9f3c0908b 4735074d54a73f16457c8843c7d881a545895b13 71412e791901a72ca3747f02a0997b034a624f9afebb7bb575aae217432a1653 HTTP Headers `GET /CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html HTTP/1.1 Host: gist.githubusercontent.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://htmlpreview.github.io/ Origin: https://htmlpreview.github.io DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK cache-control: max-age=300 content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox content-type: text/plain; charset=utf-8 etag: W/"c456501465bb6c2fc33638fd1b68751af7aea86b4cab219e2e62931a9da1782e" strict-transport-security: max-age=31536000 x-content-type-options: nosniff x-frame-options: deny x-xss-protection: 1; mode=block x-github-request-id: C786:5C80D:EC688B:10A5362:680C7D52 accept-ranges: bytes date: Sat, 26 Apr 2025 06:29:38 GMT via: 1.1 varnish x-served-by: cache-hel1410025-HEL x-cache: MISS x-cache-hits: 0 x-timer: S1745648978.480303,VS0,VE173 vary: Authorization,Accept-Encoding,Origin access-control-allow-origin: * cross-origin-resource-policy: cross-origin x-fastly-request-id: 4087a375bcce5a282a354b110e11996c5b30983a expires: Sat, 26 Apr 2025 06:34:38 GMT source-age: 0 content-length: 1610 X-Firefox-Spdy: h2

	htmlpreview.github.io/favicon.ico	185.199.111.153	404 Not Found	9.4 kB
URL GET htmlpreview.github.io/favicon.ico IP 185.199.111.153:443 ASN #54113 FASTLY Requested by https://htmlpreview.github.io/?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html Certificate IssuerSectigo Limited Subject.github.io Fingerprint8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91 ValidityFri, 07 Mar 2025 00:00:00 GMT - Sat, 07 Mar 2026 23:59:59 GMT File type HTML document, ASCII text, with very long lines (3909) Size 9.4 kB (9379 bytes) Hash c1f9838a645648cb3b25359f7890a288 0cf12d25140e329bcb4c304feefce63f8f0ba7b3 b620507312c5e97566a3c6cfaf99144fefc18a0da7d941401dfa0f5f58fb0368 HTTP Headers GET /favicon.ico HTTP/1.1 Host: htmlpreview.github.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://htmlpreview.github.io/?https://gist.githubusercontent.com/CobaltBPS/5f29828e72436812426db645204aeede/raw/redirect.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 404 Not Found server: GitHub.com content-type: text/html; charset=utf-8 permissions-policy: interest-cohort=() access-control-allow-origin: * etag: W/"64d248ca-24a3" content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self' content-encoding: gzip x-proxy-cache: MISS x-github-request-id: DBDB:5EEDD:187E12E:18B9101:680C78DB accept-ranges: bytes age: 1143 date: Sat, 26 Apr 2025 06:29:38 GMT via: 1.1 varnish x-served-by: cache-hel1410024-HEL x-cache: HIT x-cache-hits: 0 x-timer: S1745648979.508986,VS0,VE1 vary: Accept-Encoding x-fastly-request-id: 9f5c6c11c69dd2484739c1c2dd17d54db452fffb content-length: 5254 X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (8)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers