Report - carboxatling.pro/

Report Overview

Visited public
2024-12-27 13:13:19
Tags
URL
carboxatling.pro/
Finishing URL
carboxatling.pro/?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504&id=42
IP / ASN
172.67.188.97
#13335 CLOUDFLARENET
Title
Top news of the week

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

108

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-25	2.1 kB	78 kB	142.250.74.99
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-25	462 B	1.9 kB	142.250.74.106
subscribe.swgotapush.com	unknown	2024-07-22	2024-08-01	2024-12-22	1.1 kB	2.2 kB	188.114.96.1
carboxatling.pro	unknown	2024-05-09	2024-12-27	2024-12-27	32 kB	1.4 MB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	swgotapush.com	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	swgotapush.com	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed
2024-12-27	medium	carboxatling.pro	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	From	Size	First Seen	Last Seen
	carboxatling.pro/_nuxt/DbAbcG7r.js	ImportedModule	7.7 kB	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/DbAbcG7r.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash 4695daeca6b605aeaef6459f8876f703 4d3c86cac0a7bf9bc7db5d9682574d814222e8cf 1cb15617110a8586ada637fb4c6dad4b0456831c93bec1443c153179ac2ba460 Loading...

	carboxatling.pro/_nuxt/vnHShMTM.js	ImportedModule	307 B	2024-11-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/vnHShMTM.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-11-19 20:11 Last Seen2025-01-14 08:10 Times Seen236 Hash 29b448f57c23c885610fb8e7f8ebb2ed e5532fcef9fd4899128162f4b6ce51540cb67ff5 a3997153640d2fbe2a4808bb6631114dec17e45573125b33869cadeaeaa7e6c7 Loading...

	carboxatling.pro/_nuxt/DJKhqW6V.js	ScriptElement	4.8 kB	2024-12-18	2025-01-14
Pretty URL carboxatling.pro/_nuxt/DJKhqW6V.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-18 23:33 Last Seen2025-01-14 08:10 Times Seen212 Hash 9cdf87475f012b62aa9ac08c986470be fc25db9027e864ca2709712ed2960aa7d893f37e 04c737d419f8c913e821aec88aeccedebe4754dcebdcacd0d6610bf71914418f Loading...

	carboxatling.pro/	ScriptElement	80 kB	2024-12-27	2024-12-27
Pretty URL carboxatling.pro/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-27 13:13 Last Seen2024-12-27 13:13 Times Seen1 Hash 6a0d9c3bbdbd38b47eb742638c224f15 f40b0efdbb267520ef2af00ace9dcd8ae8258d00 41acaf5dead40698f245724176867686e25596a77e2d985aad9f6b9628b2d780 Loading...

	carboxatling.pro/_nuxt/CNBkLS2w.js	ImportedModule	586 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/CNBkLS2w.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash 18ed35957446c6ebb84a4de70fe60973 acf1bf00261cfdb93f97da943d58da3acc4720cb eb3e3f1fe7c9bf7eccab70cb0135e13ef8f1c65ec70bc829e5a5c87f7d0d6136 Loading...

	carboxatling.pro/_nuxt/tkqtS-zy.js	ImportedModule	2.6 kB	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/tkqtS-zy.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash 980c923241bb409758228a6bdc99a7a6 0f01fbbef7db7a25d514fdfd533022e2f8a70718 2b6c3194bb621bccb559d89621ec3a49542364acb632f1c0a446515f0c7e60d8 Loading...

	carboxatling.pro/_nuxt/D8AK1za9.js	ImportedModule	103 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/D8AK1za9.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash 0e36a6d672ed92825587c6b0524d9908 700768ac5271a3f30715c3f3a29e1b50691c91ce 5b3b58d6cf74f7d58f66b61185ac09305448654c632c92519823642f8a254947 Loading...

	carboxatling.pro/_nuxt/BRNg2fBp.js	ScriptElement	277 kB	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/BRNg2fBp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash 40eeea57619bc578c83449774f30766d 649737fe0b7721deb33495bfe0c182ebaf78fa18 a40a9dbd39215b939446886d6f6e9141f4bf3e47cc2c4934180c6cb39290ab1e Loading...

	carboxatling.pro/_nuxt/BK5thrQs.js	ImportedModule	100 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/BK5thrQs.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash 0b0ed22f61d2dec37c50b28bcc97c1a8 fc58dbf029c7f3c34d20a18c27b10c2849d1edf1 50e4eff01c0a2cb9f522a8720ef092a0eedce17bb3188b531acabd4a1e200119 Loading...

	carboxatling.pro/_nuxt/A9yumdvT.js	ImportedModule	685 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/A9yumdvT.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 14:06 Last Seen2025-01-14 08:10 Times Seen95 Hash a6e9434eb18693c37b6d1f68a17d3603 11ded794c4f47eaf97c10beadec6439e6fea0987 41d3fa5fa6e52b937dd431158b111fa0dfaadc582d903f0ff5be7cb045843e1d Loading...

	carboxatling.pro/_nuxt/BRBj6No2.js	ImportedModule	255 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/BRBj6No2.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash 540242550e8dd0dd988d2ea1e7236c9c 91a06fc8adf49b7f98892502cf415fd2d3384484 f0c59329ccf016e65be7e056edc0763b8e0fd08434446069c222146c7e291283 Loading...

	carboxatling.pro/_nuxt/DKzjMyrj.js	ImportedModule	146 B	2024-11-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/DKzjMyrj.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-11-19 20:11 Last Seen2025-01-14 08:10 Times Seen213 Hash aa2a14106591d0675054f995e7d58dc1 e776ffd0abbf2fb09c21c77af6d3b2485d2043ea c382764ab13ca5406a42f7aaf13b15802ccb2f981fe9a6d9bb8d1264c7c57ddb Loading...

	carboxatling.pro/	ScriptElement	162 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/ IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash 1f17503f800d353a69d39a8ef5752410 2c02641a6a17172a11bfaba1b3a34e0bfdd89e26 ed8fe46c0c4282680e9eff4f032dc6e07f46e7fbf5f2ea12b4bb811900392760 Loading...

	carboxatling.pro/_nuxt/CTyyZwgn.js	ImportedModule	91 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/CTyyZwgn.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 14:06 Last Seen2025-01-14 08:10 Times Seen117 Hash 8ff40e56b184130927f7136c9d9d5217 4b2067842581799fc11f289c121a98ac16a926c8 79037c92a31a4b9836f69fe063bb95492a4a589ac14473a8174cbf500b722649 Loading...

	carboxatling.pro/_nuxt/D1lHC0qF.js	ImportedModule	5.6 kB	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/D1lHC0qF.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash eb36f0d9550cec68125a6e6615704489 a4913b61e1125f3fba7c180b9d99d5c51d4d1dbe 0150cbd56d297843427783fa13d38e75c65c8a17d608c5219287d154c78e71af Loading...

	carboxatling.pro/_nuxt/CG1ZRPRh.js	ImportedModule	20 kB	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/CG1ZRPRh.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash 1ce79adc49790f6d515b7addc5bc734e bd980dd044bce75f7088f3532fa02075a887ffb8 35a3ffa6c0ad4543996f6c62f17603816d50e606cb86790ba552a94b0b1cbabe Loading...

	carboxatling.pro/_nuxt/Ve_9shmk.js	ImportedModule	7.3 kB	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/Ve_9shmk.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 14:06 Last Seen2025-01-14 08:10 Times Seen95 Hash 23f69fbda46c8330afb2cee8a72fc14d d990f3f66a4b3850dce401b8a7b2bd701e5f875b 2e5bde2b045685c3cae8c73bcadd634316aaffc91ca8f663df0a96807d231096 Loading...

	carboxatling.pro/_nuxt/Dy3GFlJH.js	ImportedModule	6.6 kB	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/Dy3GFlJH.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen128 Hash ac9ce0d84c9791508750e0389f194bcc ab87468030d6c02552689fab2fe33d06247aed88 82af6a8a50933cf63d3c75c21f699ed0f0d36ce555173f011b1449dbc7b5fbcc Loading...

	carboxatling.pro/_nuxt/DDfGOg_6.js	ScriptElement	452 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/DDfGOg_6.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-19 14:06 Last Seen2025-01-14 08:10 Times Seen95 Hash 01ca8ce90a5a5714f98dd3b0cc333ed7 b593ee35de05cd91052a8c901e694770527b7d35 2825d71838cf0f66546bdb906854aea5b2963c5b7568abe82704410ee2c39245 Loading...

	carboxatling.pro/_nuxt/47uhC8fP.js	ScriptElement	351 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/47uhC8fP.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-19 14:06 Last Seen2025-01-14 08:10 Times Seen95 Hash 205d49f4b1382285dce576d19675d555 fd6e022f82a168886a8fcf607598fa0f48df3983 f5e29d72e0da0076388c9b93adb208c860a401c7ea4c42b93c64f91d9e50adcb Loading...

	carboxatling.pro/_nuxt/yeSBswzV.js	ImportedModule	847 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/yeSBswzV.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash 628eefd5361f612a58a971f76a415999 bd7928b64b6ed4d3245f91bab38fff01d8b4eacd cee59e5fea7293879ec8cb9ee1f06876d579b085ab44c9a1c706011463464a1e Loading...

	carboxatling.pro/_nuxt/B2-mJ7ah.js	ImportedModule	104 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/B2-mJ7ah.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen128 Hash 591af3c5053227c54d3e6b89fc1155c1 06f46651a76ec550db0946c37e53bdedd5c3de37 6f73a6c854bc77174205398a1b74f4406f149c9a795ca5a4c029a47c07653222 Loading...

	carboxatling.pro/_nuxt/fpPkKohB.js	ScriptElement	73 B	2024-12-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/fpPkKohB.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-19 09:05 Last Seen2025-01-14 08:10 Times Seen150 Hash dcb009ecede7dd963ae2fe84019595e0 233adf6ad9596b8b9fe0b48a0cd43a5a34b4a719 1a5a9f6b6d1df66b0387e546f4b4d4fc200eda7f53764d2787da121e49ac00d8 Loading...

	carboxatling.pro/_nuxt/CsZ_Y7xb.js	ImportedModule	791 B	2024-11-19	2025-01-14
Pretty URL carboxatling.pro/_nuxt/CsZ_Y7xb.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-11-19 20:11 Last Seen2025-01-14 08:10 Times Seen236 Hash 5d351afe244cfca840f9b4fef854774e df38b29b483c54bc978c0e0025c082d588656f5d de630b4f034420addf71b5ec4f16f774cd8e48119a117d44ef4d2bbd30d4aa04 Loading...

		Size	First Seen	Last Seen
	#1 Eval - cd2c9984543af27f50d45e1ec49db8bd	60 kB	2024-12-06 17:30	2025-01-08 10:12
Pretty Observations First Seen2024-12-06 17:30 Last Seen2025-01-08 10:12 Times Seen233 Hash cd2c9984543af27f50d45e1ec49db8bd 844c2853b6b53dcb7a42eeb3326900a1bd7bc918 81a705617d0dc667bed9397947715ba5daa60e8cfb4bd454a735706efca5b1d8 Loading...

	#2 Eval - 5da27f39276810c51c3f59708089b1e9	16 B	2024-12-27 13:13	2024-12-27 13:13
Pretty Observations First Seen2024-12-27 13:13 Last Seen2024-12-27 13:13 Times Seen1 Hash 5da27f39276810c51c3f59708089b1e9 b80c62705ae3ef22a803264de6f5bc5bcfe8c20b 4f4d4837cc366dc3f8c2d653b9391c72836f9b40093c347fb306e8b1558d92ca Loading...

HTTP Transactions (59)

URL IP Response Size

carboxatling.pro/.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp

188.114.97.1

200 OK

6.1 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.1 kB (6064 bytes)
Hash
d8e163aff7b938bc19d67ce4f8a7e948
b433e43df282df096ef1706895296f4d52542001
56f696d0a1aa8f113ecf3b8727f0282b2c035651f56fff90c3d33e848ea9a5c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/5531a5/6512bd/65563ea244d6e/0cd65563ea244d85.webp HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:52 GMT
content-type: image/webp
content-length: 6064
last-modified: Thu, 16 Nov 2023 16:09:06 GMT
etag: "65563ea2-17b0"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IhIoNn%2BCisowhWMOebOurbbu1996ROHt6WeG0j68ungvDd8HUct1ZqG6I129TJJbV2uXhUReMnsBAIQhvelkda9%2BtMbwML7p2yfTxhbx2deHu6MM1tzg5uV9bbIJPjHeLHlP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990926f83b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3832&min_rtt=2601&rtt_var=1854&sent=26&recv=28&lost=0&retrans=0&sent_bytes=4499&recv_bytes=10815&delivery_rate=228361&cwnd=12000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=332&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp

188.114.97.1

200 OK

32 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
32 kB (32264 bytes)
Hash
d17d60a2e79ccae6e72bc68232617491
359fe3b61c3545948c56548c4bd775c1214388b6
4c30c33481e95187ec9f5413576058092ed9aa64549e6e2367c7c41e66f9d93f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/07811d/eccbc8/65f4672d327fb/0cd65f4672d327ed.webp HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:52 GMT
content-type: image/webp
content-length: 32264
last-modified: Fri, 15 Mar 2024 15:20:16 GMT
etag: "65f46730-7e08"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7oXXe7cMkQTzCs1Uyv3SrmpkU0Euwm64sXGOHUnnQM1WoUEW%2F4s6z2rrmlZ%2BIdKrFr1uqrK960QARfohzDpdLAGITyvz2idOtfg6%2BE8mO5Zpr3vUnWkirB6PvT5cWG8cAHG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990926f7cb50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3471&min_rtt=1526&rtt_var=1723&sent=36&recv=30&lost=0&retrans=0&sent_bytes=15578&recv_bytes=10903&delivery_rate=2129041&cwnd=12000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=353&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp

188.114.97.1

200 OK

25 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
25 kB (24686 bytes)
Hash
c4f03d67997708a24c6e5418b266db68
2ae0bc0b59199667c8d190bc50572f2b78d691bc
1526ba8494ffe3e261ad5950f07cdb189dab5da5660fd35c40c10d413ce06a5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/07811d/eccbc8/65f199dbe9e54/0cd65f199dbe9e3b.webp HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:52 GMT
content-type: image/webp
content-length: 24686
last-modified: Wed, 13 Mar 2024 12:19:41 GMT
etag: "65f199dd-606e"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WcXjpTL%2BLvSpPQjwb6Bjw5vfhOQlNQPCmC0bDzXvCey0HvKuxtqtEM9A42SH4d5pA5nMUa0Gd4CzlhjqMoNuk1bM5%2BWa3WeNtHH5htiEbbEE%2BRulqkM%2FoXxWSyNJBEJdS6kL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990926f6db50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3213&min_rtt=1411&rtt_var=1807&sent=65&recv=31&lost=0&retrans=0&sent_bytes=49342&recv_bytes=10946&delivery_rate=1194243&cwnd=24000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=355&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp

188.114.97.1

200 OK

12 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (11664 bytes)
Hash
1c6d201910df8df0eb3fcea8739007bb
52a6c44df68eff2c8c126799e3bece8ff6fa1913
41d821dee96ed747866d48785783bb3c6bbffd4b66415cf873231e38d98fcaa7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/5531a5/d72d18/64c39bf6a1e77/0cd64c39bf6a1e87.webp HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/webp
content-length: 11664
last-modified: Fri, 28 Jul 2023 10:44:06 GMT
etag: "64c39bf6-2d90"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7gFQ%2BE29Et6oN4sK0n%2FnOjW6ckFhvzPWW2XKRi%2B6e2A8ALJeSS4bH%2B5VT8O0SGbgD8hdjrYHGcavEGAZ%2FUAZW7THvHNWogCCLRodLpMx%2Brz%2FFiqRaV%2F9A2OODj83u0h6t3Ra"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990925f61b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2771&min_rtt=1411&rtt_var=1435&sent=88&recv=34&lost=0&retrans=0&sent_bytes=75355&recv_bytes=11079&delivery_rate=13175622&cwnd=45600&unsent_bytes=0&cid=b038f72fd1fb388b&ts=360&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg

188.114.97.1

200 OK

52 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
52 kB (52299 bytes)
Hash
eea3f35d627929a8e55ae6d284e7d63f
bd861c976319e7d4d9bbeec131062636396bf135
32dee5a9d35987b7dfa3ce7c9aab3d2edfcb7218de82e272d2ca4929430b90bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/63750d01b51d5/35c63750d01b51f2.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 52299
last-modified: Wed, 16 Nov 2022 16:17:05 GMT
etag: "63750d01-cc4b"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BwwfNWAu2gl4gJH4Gmk0Oxb%2FRACIq0edYmK4rcc0BmdN1kAt4lt3M8vRrNckpuerNkPV4yemcpjPES5LirMWcXn0%2FoR%2FGcIWLRqWQhMC8qIkPjYDDoYyMayr4ej2OoMolvtY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927f86b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2657&min_rtt=1411&rtt_var=1304&sent=100&recv=35&lost=0&retrans=0&sent_bytes=89097&recv_bytes=11125&delivery_rate=6800081&cwnd=45600&unsent_bytes=0&cid=b038f72fd1fb388b&ts=379&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg

188.114.97.1

200 OK

36 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
36 kB (35849 bytes)
Hash
a61e07058497be1291ed1540251054c1
46d533bd7665695ba14ae35299f7f1d18577a850
0c28d7ed71b2591ceeb4a98400545100fc53995fa56f4b284057604314634c6c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b72e16a31a/35c636b72e16a32a.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 35849
last-modified: Wed, 09 Nov 2022 09:29:05 GMT
etag: "636b72e1-8c09"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNE3JbR1gHumL%2BZ3CX2wjGZ4QikCdDBERnzl474sKGO%2BZT7S31WsoMRy2uXOOE304mYeLKuw8Mq40zeR1rL8avZyUorCqNHUZclGr8BdvWLlMiEWvqiQt7x0PgTU17Zr%2BxQI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927fafb50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2527&min_rtt=1411&rtt_var=1238&sent=147&recv=36&lost=0&retrans=0&sent_bytes=143412&recv_bytes=11170&delivery_rate=7193477&cwnd=91200&unsent_bytes=0&cid=b038f72fd1fb388b&ts=384&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg

188.114.97.1

200 OK

34 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
34 kB (34181 bytes)
Hash
edc0a1fc9de5536352d35075fe9ed449
56329bcb5c6b1ae7a6ee622b4a6b33d08dbcd89a
ce0b1f2feeaa809e4af0686bfb6b0b20e06c9f3718f762d2b38b8bb9ab64e670

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b76293ed6f/35c636b76293ed7e.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 34181
last-modified: Wed, 09 Nov 2022 09:43:05 GMT
etag: "636b7629-8585"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Isc%2B04fUfCf%2FwGxOuX%2FWWl4Equ1ZrSgYfW4cTy3KTn1Rkx7Qmu4x%2FA31%2BC6pkJ02NIimFTQviW2H%2BKtGGHamJMD8awiAABFDFmasECgioXZF%2BDODdQfh53t%2FKZDgsfde8CIs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927faab50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2563&min_rtt=1411&rtt_var=1001&sent=179&recv=37&lost=0&retrans=0&sent_bytes=180874&recv_bytes=11216&delivery_rate=3481431&cwnd=91200&unsent_bytes=0&cid=b038f72fd1fb388b&ts=386&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/3a8241/6512bd/637249312b254/35c637249312b266.jpeg

188.114.97.1

200 OK

41 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/637249312b254/35c637249312b266.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
41 kB (41364 bytes)
Hash
0aaf8a2b8612db8da51f4712fe3da102
c78512cfb9b823f700507d20e53389522723e37d
4bbce417dd897ae737f278b206b09119984dc4e04b288664fde5c0971e6ebc41

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/637249312b254/35c637249312b266.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 41364
last-modified: Mon, 14 Nov 2022 13:57:05 GMT
etag: "63724931-a194"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eAj29kG2uvyVfIt4VU1vD13dTu9phd7g1lM%2BIs2pPBxrQjqEkVHirmG5N2igIpjR14YqexUsT%2BHaIWgdrfECU8ZsN7k3dXv%2FEOzhMNEyLD34KmE4SLL9lOXe%2FaH0C9jumbQW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927f87b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2553&min_rtt=1411&rtt_var=704&sent=236&recv=39&lost=0&retrans=0&sent_bytes=248763&recv_bytes=11308&delivery_rate=20171071&cwnd=91200&unsent_bytes=0&cid=b038f72fd1fb388b&ts=394&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg

188.114.97.1

200 OK

54 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
54 kB (54269 bytes)
Hash
cb023a9718909b62aab3877d49ff438a
d8cda96d27249b680ab9d33c6b0ee01647f0db54
e1e6878ad26b276a567d87b3ca38d103c09a0a624f494dafba0cc061fca17fdb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b83485271c/d0b636b83485272f.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 54269
last-modified: Wed, 09 Nov 2022 10:39:04 GMT
etag: "636b8348-d3fd"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DWH7Kxqp9YRfusRsq4nP9RdqLtjeoYdX5v3svQB02L9zCyb4H71Bn7FHXCK0flHkPyDnWaj2djUTARqR91JF3PK49IsYDHh5MdqfOUu0UVg7hutXrWdTxoGaiXTvq8PHZdD7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927f9ab50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2484&min_rtt=1411&rtt_var=666&sent=282&recv=40&lost=0&retrans=0&sent_bytes=303823&recv_bytes=11353&delivery_rate=8551128&cwnd=91200&unsent_bytes=0&cid=b038f72fd1fb388b&ts=400&x=1", cfExtPri, cfHdrFlush;dur=1

carboxatling.pro/.cdn/lna/3a8241/6512bd/636b6d424fff5/35c636b6d4250005.jpeg

188.114.97.1

200 OK

48 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/636b6d424fff5/35c636b6d4250005.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 374x281, components 3
Size
48 kB (48397 bytes)
Hash
0306319c8822c78a3d976d130f88457a
a10a01bdead3db7b606ca74d5a878997570d9784
bfb33add1e0ae2490861830f47bb46f1674ba2d60e5266769393fec27e13d467

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b6d424fff5/35c636b6d4250005.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 48397
last-modified: Wed, 09 Nov 2022 09:05:06 GMT
etag: "636b6d42-bd0d"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hw22UrhD%2BVRSBbgI10UoQII%2FAl%2Fyf1zq2xpyzgCsjYOdcQwuAhzP%2Fyq7%2FwBkD7Vl26BP6%2Bq9x%2BZDljiSRtNXUw%2FaqXINxp8fhl1OLo%2Fmxn77YVAom89a5J1vFoG1lCuHxQcc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927fb0b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2484&min_rtt=1411&rtt_var=666&sent=272&recv=40&lost=0&retrans=0&sent_bytes=291823&recv_bytes=11353&delivery_rate=8551128&cwnd=91200&unsent_bytes=0&cid=b038f72fd1fb388b&ts=400&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg

188.114.97.1

200 OK

50 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
50 kB (50282 bytes)
Hash
e75c3493c1cebcb7e13900b81b85a8a0
fd8f37f7d19cade85448a8f48ca69d5f3375d592
3bd3f444925bb2eca9714d3dbb6347df03910af3c0ec2dfd489eb0a8b9e76c9d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b81a41458a/d0b636b81a41459a.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 50282
last-modified: Wed, 09 Nov 2022 10:32:04 GMT
etag: "636b81a4-c46a"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=583%2F5HCIHYQWVD4%2FSkVE0wtdKzdFqv4bIZaCAG7WTj9ZcDnv86HH%2Bx4TUAF%2FJ7WfUPgU1yAMQpVgTQh2pbDAAH2mpY5DTmTlx2221BR6EGIBZsUBms9Dx2jyGt%2BwUYF%2BA9PY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927fa0b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2402&min_rtt=1411&rtt_var=663&sent=362&recv=41&lost=0&retrans=0&sent_bytes=398452&recv_bytes=11399&delivery_rate=7750213&cwnd=109200&unsent_bytes=0&cid=b038f72fd1fb388b&ts=402&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg

188.114.97.1

200 OK

41 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
41 kB (41383 bytes)
Hash
fdc453185fc49a46076a58975d775d34
de1cb1926958c2fb71f90e9ade279813832ee818
943a4746f0a7cc92dd62e4e5e0b6c137bf55744af18f438d3f706249021bc97a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b80efc50c7/d0b636b80efc50da.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 41383
last-modified: Wed, 09 Nov 2022 10:29:03 GMT
etag: "636b80ef-a1a7"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BT91pcfASWWsRsU29LI4prr1iKrFBsf5X3nV4x5ym0iogAgEN6GKR4F2SfPIh4JA3u0GaypQNQkaH8Ab00InBY7QXZllvKpmF%2BqF8JPa%2FvfSi8AfcYG2AoFVgvGRqvj7rSdw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927fa3b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2336&min_rtt=1411&rtt_var=628&sent=407&recv=42&lost=0&retrans=0&sent_bytes=450744&recv_bytes=11445&delivery_rate=8029838&cwnd=162000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=407&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp

188.114.97.1

200 OK

30 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 374x281, Scaling: [none]x[none], YUV color, decoders should clamp
Size
30 kB (30410 bytes)
Hash
d4c7fdb2c0791086e522ae6e07d36e9e
54c5f49c465b10125b0f67d850a1c65ada62e0b2
bff6cb3aee9059bbe83a337fab3cbca5256a112d2cb43ca27028cf5065849975

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/07811d/eccbc8/65f185ee99fc5/0cd65f185ee99fad.webp HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/webp
content-length: 30410
last-modified: Wed, 13 Mar 2024 10:54:40 GMT
etag: "65f185f0-76ca"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IbkKCkftFpeR2ie3CS4Qvd40SMfmQJXwXl7%2BpEo6itKVCthGKvb7SSrWIdSEsKDB4wOs4g5rPoGDPr30FEM8yFDhJH21aXCjJMGGBNjVcuEu8ObRvWVrstzcjy8jX4KTupqX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990926f73b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2336&min_rtt=1411&rtt_var=628&sent=460&recv=42&lost=0&retrans=0&sent_bytes=513963&recv_bytes=11445&delivery_rate=8029838&cwnd=162000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=422&x=1", cfExtPri, cfHdrFlush;dur=5

carboxatling.pro/.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg

188.114.97.1

200 OK

64 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
64 kB (64053 bytes)
Hash
dd6c17179d9a5dc32fa4dce0417575c9
6a46633f7fe6d4b4979352ce40a097fcbe1a5f05
32c0f2113456b78dbdd2de5cb4047d0a3e8a99e663482c671cbe6f9b78a39436

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b829994870/d0b636b829994882.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 64053
last-modified: Wed, 09 Nov 2022 10:36:09 GMT
etag: "636b8299-fa35"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TRWGIEKWWsx1B9WJA6oUrfUZ7BYWxCNNPujCkD69gLNB%2FqyKbEKVI15ibjyHuo7OmUT9TBZrVtNvT6kE5ZAhcae8SJv9onGHqokG3CQsKuII%2FzpkNSc4612jGn6RSnzsMvi6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927f9db50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2336&min_rtt=1411&rtt_var=628&sent=460&recv=42&lost=0&retrans=0&sent_bytes=513963&recv_bytes=11445&delivery_rate=8029838&cwnd=162000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=417&x=1", cfExtPri, cfHdrFlush;dur=10

carboxatling.pro/.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg

188.114.97.1

200 OK

96 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
96 kB (95730 bytes)
Hash
9cf3a47a546fbd6e05a7f7261a869bd9
118659c1183d55e0d5d99055ad6c11e775ffa368
518c9ee67c5d7240953aab4767528df8d52e86b0a414ccf6824774cccf176ea3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b85dc364a3/d0b636b85dc364b4.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 95730
last-modified: Wed, 09 Nov 2022 10:50:04 GMT
etag: "636b85dc-175f2"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n8RppPTY8dWNiHVlDtzgF%2BoS8th5b%2BBnSAh7Rlsa9HMjwLHDVVWl3KDS5jJgRpYYSNVmHBntm0RLCtM92z829%2B2Y6fmLZHpvEaHxqUNv0c9SbVTVxw2UaMcHEHHpvDiJXDW7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927f8ab50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2517&min_rtt=1411&rtt_var=843&sent=209&recv=38&lost=0&retrans=0&sent_bytes=216613&recv_bytes=11262&delivery_rate=10322928&cwnd=91200&unsent_bytes=0&cid=b038f72fd1fb388b&ts=392&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/3a8241/6512bd/636b7794d355e/d0b636b7794d356f.jpeg

188.114.97.1

200 OK

48 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/636b7794d355e/d0b636b7794d356f.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
48 kB (47465 bytes)
Hash
474892f32ae78ca73762f4b778e1d627
81869fbef818b224e0dcdfba71ddb4b96ccd4af9
9a2c48214c29315a742ff47b91b1a29870c97c10e1824993d7cb5a82ef2b2c4f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b7794d355e/d0b636b7794d356f.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 47465
last-modified: Wed, 09 Nov 2022 09:49:08 GMT
etag: "636b7794-b969"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6uXLwoutr7WtFBG49PSPYAfJGLW955WDoU8I5UHkiqjx55RmgTsey37g8CCzlzGbwC%2BsSogAGxKWsIlg9yURsh4QNTKICpKWbFRKSewcy6F7LCUVjop%2BtLD7gxU6MIsbQuHx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927fa7b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2336&min_rtt=1411&rtt_var=628&sent=460&recv=42&lost=0&retrans=0&sent_bytes=513963&recv_bytes=11445&delivery_rate=8029838&cwnd=162000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=414&x=1", cfExtPri, cfHdrFlush;dur=13

carboxatling.pro/.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg

188.114.97.1

200 OK

86 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
86 kB (85521 bytes)
Hash
a570d4ef05b160b52b62dca43f2063b7
f3791c6a6462e78c5b3f8650ff9b4f0af5a3d2a2
d36307787c78da545446c2718062fc46c63539d89566ef0bce140a2ba5d4de19

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636b6b607b07c/d0b636b6b607b08d.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 85521
last-modified: Wed, 09 Nov 2022 08:57:04 GMT
etag: "636b6b60-14e11"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxRV2AidNpJt3EtoivQ1CDiujr0gTqWcDcc7f9v0SqGYK52k57PSBcyf9iwlUY15U%2BkIjXkCEkG6COH8UaC4OtstG9QSyJA39nXzboyc7N7rgeyfNGXDQ1Ee3JJQ7CDY7pOt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927fb2b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2336&min_rtt=1411&rtt_var=628&sent=443&recv=42&lost=0&retrans=0&sent_bytes=493856&recv_bytes=11445&delivery_rate=8029838&cwnd=162000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=412&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg

188.114.97.1

200 OK

112 kB

URL GET HTTP/3
carboxatling.pro/.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 500x500, components 3
Size
112 kB (111894 bytes)
Hash
30330bc3c2d0130854437011eb94302d
b089730191e5efa8db30b0b2bf5ddf47783f5853
85acbaf8f03c122e1a6421968dd56ca53ef5868523679ceb6ed66d2c50735cda

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /.cdn/lna/3a8241/6512bd/636a794445484/d0b636a794445497.jpeg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/jpeg
content-length: 111894
last-modified: Tue, 08 Nov 2022 15:44:04 GMT
etag: "636a7944-1b516"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GjjecQZj386I4NioGbVTr82pmbN6454%2B2U19qT08SZq8H98sDQm17LSfeHdOHIQZ%2Bekag9x%2Fr33OGs7Dl9KBDHzUjfcjMnYT1%2B8hxXN6U20EwRsYBVZOc%2Fjp5UcsJL8vqVG8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f8990927fb4b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2336&min_rtt=1411&rtt_var=628&sent=460&recv=42&lost=0&retrans=0&sent_bytes=513963&recv_bytes=11445&delivery_rate=8029838&cwnd=162000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=424&x=1", cfExtPri, cfHdrFlush;dur=31

fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.99

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18588, version 1.0
Size
19 kB (18588 bytes)
Hash
115c2d84727b41da5e9b4394887a8c40
44f495a7f32620e51acca2e78f7e0615cb305781
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carboxatling.pro
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Dec 2024 04:17:05 GMT
expires: Sun, 21 Dec 2025 04:17:05 GMT
cache-control: public, max-age=31536000
age: 550548
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carboxatling.pro
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Dec 2024 11:37:11 GMT
expires: Fri, 26 Dec 2025 11:37:11 GMT
cache-control: public, max-age=31536000
age: 92142
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1249 bytes)
Hash
88cdf7b0350042fff6435b58307331bb
0f8c0955d1b6779fdda0b2b4057f5473122eba71
6c1ab2282509d68080b0cdc16985bd3572854386e3e14d8d4ce5e467a53b4d03

HTTP Headers

GET /css2?family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://carboxatling.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 27 Dec 2024 13:12:53 GMT
date: Fri, 27 Dec 2024 13:12:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.99

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
Size
19 kB (18596 bytes)
Hash
c83e4437a53d7f849f9d32df3d6b68f3
fabea5ad92ed3e2431659b02e7624df30d0c6bbc
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carboxatling.pro
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Dec 2024 04:13:02 GMT
expires: Sun, 21 Dec 2025 04:13:02 GMT
cache-control: public, max-age=31536000
age: 550791
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

142.250.74.99

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18436, version 1.0
Size
18 kB (18436 bytes)
Hash
6d5bbe47bbb0003b62d890c94825b7a8
30f546f4ee2e6285462360355942c5898ff0bf1c
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://carboxatling.pro
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Dec 2024 02:57:19 GMT
expires: Sun, 21 Dec 2025 02:57:19 GMT
cache-control: public, max-age=31536000
age: 555334
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

carboxatling.pro/_showcase/images/templates/rednews/decorator-pattern-red.svg

188.114.97.1

200 OK

5.9 kB

URL GET HTTP/3
carboxatling.pro/_showcase/images/templates/rednews/decorator-pattern-red.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
SVG Scalable Vector Graphics image
Size
5.9 kB (5853 bytes)
Hash
e32356af77941db3f8ca32444bcdc675
b26f17fcdda7b9390f438fe3437ff48212177c41
67413b2fcf93c94066e87e178b10cea2a2177bc3825141d35eff6812341aa0da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/templates/rednews/decorator-pattern-red.svg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://carboxatling.pro/_nuxt/app.CSFLKBUs.css
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"c8-sm8X/N2nuTkPQ4/jQ3/0ghIXfEE"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BSBM6aItbXapuoR0%2FElvHQva%2FGjujgujB2kaeG0mRsx148vUx3EDuS8%2FddEaB13FhrGovNINSmMyEwxEZTnWzbGx5WkIUlG8awlOTfSgbgTHekhXK27ErYG3nnMxDamS12uS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f899094daa0b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3829&min_rtt=1411&rtt_var=3635&sent=903&recv=51&lost=0&retrans=1&sent_bytes=1036253&recv_bytes=12583&delivery_rate=6468&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=798&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/

188.114.97.1

200 OK

42 kB

URL User Request GET HTTP/2
carboxatling.pro/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
HTML document, ASCII text, with very long lines (63028)
Size
42 kB (41575 bytes)
Hash
e0fb068843ffc1af76d7b389c5750676
1b2b3f011423447331eb050fe917d72c1e3935c3
0ddb81f509734079f059074552bd9ccfc8361d4e1145720979c8d818920d0d18

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 27 Dec 2024 13:12:52 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-expose-headers: *
set-cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; Path=/; Expires=Sat, 27 Dec 2025 13:12:52 GMT
trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; Path=/
visit_uuid=449cbf67-3e59-4466-855d-45102e983222; Path=/
1073626138=1; Path=/; Expires=Sat, 27 Dec 2025 13:12:52 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zYlEQ5boeU5dM4YDPHPnIxPdURXh%2FlBBVValpgNYE3XfG9%2BoczC3viTk6xdZU57ZA36YEuK%2FobuwNc03IO0IMWdZISfYfVDdCqv4X3i7XL1blzXmr6PHs4urm9BNQDfPSl7G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f89908f5a900b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6750&min_rtt=558&rtt_var=12074&sent=9&recv=12&lost=0&retrans=1&sent_bytes=3299&recv_bytes=1168&delivery_rate=6170454&cwnd=256&unsent_bytes=0&cid=c43305371aff07f1&ts=280&x=0"
X-Firefox-Spdy: h2

carboxatling.pro/_showcase/images/svg/icons/search.svg

188.114.97.1

200 OK

7.0 kB

URL GET HTTP/3
carboxatling.pro/_showcase/images/svg/icons/search.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
SVG Scalable Vector Graphics image
Size
7.0 kB (7022 bytes)
Hash
7049686d9ce18b77f977755e5ec41834
33d4be4753862920fb8c16fb8704e7a7d4e567d7
e34d0c8ca9705363627a5f8378fb1bff2a801380f2fecdb0c19f66655f82841f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/svg/icons/search.svg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"366-M9S+R1OGKSD7jBb7hwTnp9TlZ9c"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ye1aW09VGNKa%2BEFtlxjFpfu9P506I89yK3R1t9dxdCXjtgKNNhK3GJX04%2Fc0rSh4A04H6AUtGwIfDNBGPIsX0IajARjBVao8jjgNZuTgSam8pJdki6bS5KHZ7rBXr13bAbDH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990925f5fb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2657&min_rtt=1411&rtt_var=1304&sent=99&recv=35&lost=0&retrans=0&sent_bytes=88007&recv_bytes=11125&delivery_rate=6800081&cwnd=45600&unsent_bytes=0&cid=b038f72fd1fb388b&ts=375&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/yeSBswzV.js

188.114.97.1

200 OK

493 B

URL GET HTTP/3
carboxatling.pro/_nuxt/yeSBswzV.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
Java source, ASCII text, with very long lines (846)
Size
493 B (493 bytes)
Hash
628eefd5361f612a58a971f76a415999
bd7928b64b6ed4d3245f91bab38fff01d8b4eacd
cee59e5fea7293879ec8cb9ee1f06876d579b085ab44c9a1c706011463464a1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/yeSBswzV.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"34f-vXkotktu1NMkX5G6s4//Adi06s0"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHEEGXV4UH%2B6BkY2rT1gdc%2FSkyAR4uCsmSg%2FEyQuRyJe5EpB1lvsE%2BGC3cwX9GWvVTxc%2FqJ0snf49EoQ667wFeBp25vn7RYS4ym2AVjsmAYtNQXz0B5wqyJ7Je%2BAQBsxRPHy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990996884b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3367&min_rtt=1052&rtt_var=3729&sent=944&recv=82&lost=0&retrans=1&sent_bytes=1058632&recv_bytes=21700&delivery_rate=1222610&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1456&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/CTyyZwgn.js

188.114.97.1

200 OK

91 B

URL GET HTTP/3
carboxatling.pro/_nuxt/CTyyZwgn.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with no line terminators
Size
91 B (91 bytes)
Hash
2b4ede45cd48ec65cd46e358aa608cd2
a6ca8b2e152b26ca932d03aad7307d3c8db177bd
8c12c5b4a796b29b6f64b1d1c32bdfc5de7c408fbf6e5d4172f7c20ff7ea636c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/CTyyZwgn.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/47uhC8fP.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"5b-SyBnhCWBeZ/BHyicEhqYrBapJsg"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UAb%2BZZFaOlWbRabcHfW%2BfIMu6wjnvYYJHKAjYzudAyS7bdyIWl7wo10yJXj0SG8EAaK66%2FbAi1eJzu4OtoN5C4pSu9l23xaXWlLgyoYnYq%2FN9qsLOQq%2BLT0W5QkeO81YZRDJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990965c9fb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3589&min_rtt=1411&rtt_var=3206&sent=908&recv=55&lost=0&retrans=1&sent_bytes=1038182&recv_bytes=13756&delivery_rate=40074&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=904&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/A9yumdvT.js

188.114.97.1

200 OK

685 B

URL GET HTTP/3
carboxatling.pro/_nuxt/A9yumdvT.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (706), with no line terminators
Size
685 B (685 bytes)
Hash
d4d92e6101e73acee0d92d8ecf16adaa
5ae6b99a920907b140d745f460b2124dee17488b
43aae9e30ddbb9349f7baf2778fe23aa3a67db79f3ee3b6c235c85e1974e8280

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/A9yumdvT.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"2ad-Ed7XlMT0fq+XwQvq3sZDnm/qCYc"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y5d6USrF0xy53VhdCJtCx8SajSeJG48mI7jquqRvKJjja3fe6pxRkKBUY50iOFqCaHTXcHtYLLGIkrLH2%2BfdfNAbS6RZYXMmUqVa4HreYsv3bLLgqCeMQZN%2F35utC3yKUZrb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990996883b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4433&min_rtt=1180&rtt_var=5011&sent=936&recv=79&lost=0&retrans=1&sent_bytes=1052387&recv_bytes=21564&delivery_rate=9801&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1446&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/entry.BC6_636c.css

188.114.97.1

200 OK

140 B

URL GET HTTP/3
carboxatling.pro/_nuxt/entry.BC6_636c.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with no line terminators
Size
140 B (140 bytes)
Hash
5e517928ec0f4dad9288a03fe5783382
fce639b6c520119d25d173b866847416b72e23e9
3ad55b42bf2ef1b944bff1be7d4b5bf79606060b882df58dd61e951c93952f65

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/entry.BC6_636c.css HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://carboxatling.pro/
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:52 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"8c-M4FJxkKyMRmtARLRgJKFCgKaN54"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tu%2B7W3yZx6rYuWUM4LVe386x3lXZFfgFJBco9S1vVocT%2FEmlLGd%2F6r%2FMGxxMH%2FYIGbuozZocp70PCiT%2BtiU5OmcOUTdIWdeHLKUm5gjELzuj30e0rSPZifqe4S7nL3XHyMGo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990925f54b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3748&min_rtt=2601&rtt_var=1557&sent=35&recv=29&lost=0&retrans=0&sent_bytes=14688&recv_bytes=10859&delivery_rate=21630&cwnd=12000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=344&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_showcase/images/svg/icons/calendar.svg

188.114.97.1

200 OK

3.0 kB

URL GET HTTP/3
carboxatling.pro/_showcase/images/svg/icons/calendar.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
SVG Scalable Vector Graphics image
Size
3.0 kB (3039 bytes)
Hash
6612c5644ad96add55a77120b2c98e3b
061d7a3df4e1c48a3dad50391c8decea4209d334
3b9f1c2530581caaaf22b17fe6c29b04092d7bbd7eff1d8c2e97fe90039bc10f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/svg/icons/calendar.svg HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/svg+xml
vary: Accept-Encoding
etag: W/"bdf-Dr5CJovDuUS0Dw6XTkrx0wX8aPo"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mcSmfZH51rdFTn4NvEpFj5QX28oA%2B3TRlki5QjQ8SYDMBt5rRu6YJ2N0haDClQmzPKqKwW30NaiSwypTvkSZxXSF4zDwIuZd2vgHosGkqgt1b4HsuIhEbzyIGINer1XsDrRJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990926f67b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4454&min_rtt=1411&rtt_var=4560&sent=898&recv=47&lost=0&retrans=1&sent_bytes=1033735&recv_bytes=11675&delivery_rate=2694843&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=568&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/tkqtS-zy.js

188.114.97.1

200 OK

2.6 kB

URL GET HTTP/3
carboxatling.pro/_nuxt/tkqtS-zy.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (2636), with no line terminators
Size
2.6 kB (2585 bytes)
Hash
7a33217e12d82cbadf6857e89b3dd07d
eadcfc0ec3adecc1478eda590b44327ef2dc5f36
0fc5dabd27d35acce9d768272ef7b9368c2ad128395e718682cb3a94675a7d1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/tkqtS-zy.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"a19-DwH7vvfbeiXVFP39UzAi4vinBxg"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GTe7KvXMoNYJyhSwn7n5O8PdYVtAHct2Iw57cFAsprRTKE9KW7UD%2BmEmAPe7tucf2v9MNim%2F5WSyyVFClzJfVg9MMxsIA%2BU1HJCbBvpRJ%2F4MJvEKgJxoYs67pzQX8xp8aOeF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990997894b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2893&min_rtt=1052&rtt_var=2909&sent=949&recv=84&lost=0&retrans=1&sent_bytes=1062917&recv_bytes=21790&delivery_rate=1670706&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1462&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/BRNg2fBp.js

188.114.97.1

200 OK

277 kB

URL GET HTTP/3
carboxatling.pro/_nuxt/BRNg2fBp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JavaScript source, ASCII text, with very long lines (35725)
Size
277 kB (277409 bytes)
Hash
40eeea57619bc578c83449774f30766d
649737fe0b7721deb33495bfe0c182ebaf78fa18
a40a9dbd39215b939446886d6f6e9141f4bf3e47cc2c4934180c6cb39290ab1e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/BRNg2fBp.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"43ba1-ZJc3/gt3Id6zNJW/4MGC6694+hg"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=prFrhRgXBH8KWa9RGG5XzEkfuRSn9hQHX24kSk1fGzlViv%2Fw1%2FdTYAmNbmp9pYmzgFIXiLecESPSnMXtcYIklLwHFzc5tm%2BSc0gLIidWlN08cr%2Fd5iUlgrLs9OyzAPTQKmEt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990925f5cb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2873&min_rtt=1411&rtt_var=1606&sent=810&recv=45&lost=0&retrans=0&sent_bytes=928640&recv_bytes=11583&delivery_rate=22725513&cwnd=242400&unsent_bytes=0&cid=b038f72fd1fb388b&ts=478&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/CG1ZRPRh.js

188.114.97.1

200 OK

20 kB

URL GET HTTP/3
carboxatling.pro/_nuxt/CG1ZRPRh.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (17314)
Size
20 kB (19532 bytes)
Hash
1ce79adc49790f6d515b7addc5bc734e
bd980dd044bce75f7088f3532fa02075a887ffb8
35a3ffa6c0ad4543996f6c62f17603816d50e606cb86790ba552a94b0b1cbabe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/CG1ZRPRh.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/47uhC8fP.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"4c4c-vZgN0ES8519wiPNTL6AgdaiH/7g"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l22OzasfC38M7EJZBv%2FOPRJsOoLTWdAX4w4kyi%2ByliwldiKwMHqIsCsuRxL7U9T3tdGmvvmVveeWjFk1M0lxM1M2FMfqbjjCyokumWypqckTIA1nEW%2FHU%2BCaK%2BKZwy1fSpui"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990965c97b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3313&min_rtt=1385&rtt_var=2955&sent=909&recv=56&lost=0&retrans=1&sent_bytes=1039068&recv_bytes=13802&delivery_rate=36241&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=993&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/fpPkKohB.js

188.114.97.1

200 OK

73 B

URL GET HTTP/3
carboxatling.pro/_nuxt/fpPkKohB.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with no line terminators
Size
73 B (73 bytes)
Hash
3e77d49e7d7a5f02250ddc02aa85f4ea
43bc5c3ac17ca641aabf559f36fa1ec12a4b28e1
e8a9466a913bc57c318d3134eb9e22301c442b7521aa62abb961ff9dfee3ab53

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/fpPkKohB.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/BRNg2fBp.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"49-IzrfatlZa4uf4LSKDNQ6WjS0pxk"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: HIT
age: 0
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XpWreb%2BsjKhORUlFe1sfZ8KzblAWdf63db86mELhm6GyIcZKOZWSL8Ch8O7LDtqRdByCCqS%2BGkECh6NG27EI3h7YNBye3rPpog6dBGlWYNT%2BRbmbIz%2BQEWVWzs2aDnmDLYiJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990982ee7b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3224&min_rtt=1180&rtt_var=2644&sent=924&recv=64&lost=0&retrans=1&sent_bytes=1049329&recv_bytes=15902&delivery_rate=252196&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1153&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/CsZ_Y7xb.js

188.114.97.1

200 OK

791 B

URL GET HTTP/3
carboxatling.pro/_nuxt/CsZ_Y7xb.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (794), with no line terminators
Size
791 B (791 bytes)
Hash
8a877396dfdc348d8ffeda78a2d90d9a
33350bc03d7036b4b31c8173d0acbedbf8c2c76b
9b3beefa74105012bef18fa7d872526c7fbcdd13b1a5b8e4686e124909daae87

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/CsZ_Y7xb.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"317-3ziym0g8VLyXjA4AJcCC1Yhlb10"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xS6SwnjZPdckkDulXHodhCnRuIDCcsiUpmrs%2BQZuSx%2FK2F%2BoNxFI%2B2CsCZUr97Jjy24tfOg%2BmTcWPmVEadu8lJOO4HvdVz4nTNeNFpWyaOce5bT4ndYi74rYhAY9%2Fsktkee5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990996887b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3698&min_rtt=1180&rtt_var=4090&sent=941&recv=81&lost=0&retrans=1&sent_bytes=1056302&recv_bytes=21655&delivery_rate=1961683&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1452&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504&id=42

188.114.97.1

200 OK

541 B

URL POST HTTP/3
carboxatling.pro/.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504&id=42
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (558), with no line terminators
Size
541 B (541 bytes)
Hash
d051f6f803116a9cfe233c95290b4ba7
364384e22e22c3c8bc9c7019ef0e0018d649f80b
746a10bd0d1c459e501ef88f9a6498770feab8b0996d90ee4b3c14a38cbdf1fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /.events/v2/page_view?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504&id=42 HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/?stream_uuid=00000000-0000-0000-0000-000000000000&googleIdTh=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504&id=42
Content-Type: text/plain;charset=UTF-8
Content-Length: 506
Origin: https://carboxatling.pro
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SnGNBK2ac0vxtpWEz4FJ%2FZJFLtKval%2BafvT73rJfoKMlxMBpdtsOnzNKmJs0pC4lERilIuOpbWJv%2B2oJF8dW%2FJfM8FwuPDigmRzA%2FukID%2F8BRV0viAF9Nm1XjBbc09SLkkk9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f89909afa8bb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1918&min_rtt=1052&rtt_var=1154&sent=967&recv=93&lost=0&retrans=1&sent_bytes=1078879&recv_bytes=23556&delivery_rate=59378&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1644&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/DbAbcG7r.js

188.114.97.1

200 OK

7.7 kB

URL GET HTTP/3
carboxatling.pro/_nuxt/DbAbcG7r.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (7835), with no line terminators
Size
7.7 kB (7710 bytes)
Hash
bca1418252ed96af04e023c5fd36610e
e82b27a18147ac08b959226a1087eaef1b07c95d
b88b979cc7ce336cde99a4d780eb7135e8f76b9f6a68a4e657adce6a42d11336

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DbAbcG7r.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"1e1e-TTyGysCnv5vH212WgldNgUIi6M8"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5s5Sl2sPmUgFtOzBLhqApby%2BoeyZRAwL6Y3Cjkxk9md2%2Fc%2Bdjg0IBAmvCZyiV2vDp8jDGxVawpXjQUTKZL0glOdeFGr3KpMEPXeb30It5E3I0o1wE0TDmaWfL7bh%2BiDhhBf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f899099688fb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2893&min_rtt=1052&rtt_var=2909&sent=954&recv=84&lost=0&retrans=1&sent_bytes=1068298&recv_bytes=21790&delivery_rate=1670706&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1464&x=1", cfExtPri, cfHdrFlush;dur=0

subscribe.swgotapush.com/v1/config?page=https://carboxatling.pro&api_key=

188.114.96.1

200 OK

0 B

URL OPTIONS HTTP/2
subscribe.swgotapush.com/v1/config?page=https://carboxatling.pro&api_key=
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectswgotapush.com
Fingerprint03:6B:DD:62:95:71:77:45:4F:D4:90:B2:DB:01:91:E8:6C:CA:9B:DC
ValiditySun, 17 Nov 2024 05:12:00 GMT - Sat, 15 Feb 2025 05:11:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /v1/config?page=https://carboxatling.pro&api_key= HTTP/1.1
Host: subscribe.swgotapush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://carboxatling.pro/
Origin: https://carboxatling.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-length: 0
allow: GET, OPTIONS
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nsKcZQczmCTtib%2FhD6NDnaYY3%2BEnHuJDV%2FGfBfirR612Whp9byzCVepBFsJ1pWBPXj5gHcQy1yXrvL9xlqbnpT57SjxgjLgl%2BbxU6a8g%2F4xJqrUxFxK4iHzrrwGSpdVLLxb4EEfva781C50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f89909bdb91b517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6462&min_rtt=465&rtt_var=11731&sent=9&recv=12&lost=0&retrans=1&sent_bytes=3298&recv_bytes=1369&delivery_rate=7476764&cwnd=256&unsent_bytes=0&cid=1065bdbfdaaa0a73&ts=233&x=0"
X-Firefox-Spdy: h2

carboxatling.pro/_nuxt/Dy3GFlJH.js

188.114.97.1

200 OK

6.6 kB

URL GET HTTP/3
carboxatling.pro/_nuxt/Dy3GFlJH.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (6987), with no line terminators
Size
6.6 kB (6618 bytes)
Hash
027ef1443d122706f2df89f26928b325
c45dbb81e51b0d1d5a3a40eceaf3466c56add51a
4be01fb0fdc8b71fc94acded6c2d91b91e92a530d5ef932f99effd81b6e3701a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/Dy3GFlJH.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"19da-q4dGgDDWwCVSaJ+rL+M9BiR67Yg"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2HrFLYIEoMXuDu3v8%2BcLCJWDq%2BsetCOQzGKQa1A8BMTjF2PWk%2BxnkRZE4xkzFB67%2FZq9KW1EW6LTF5Bd4pgqJuPgQw3G%2FPP16TcLIVgZsKgNXx%2BOPuIAWVVKu73%2FmMKGIpM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990996888b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2893&min_rtt=1052&rtt_var=2909&sent=951&recv=84&lost=0&retrans=1&sent_bytes=1065039&recv_bytes=21790&delivery_rate=1670706&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1463&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/BK5thrQs.js

188.114.97.1

200 OK

100 B

URL GET HTTP/3
carboxatling.pro/_nuxt/BK5thrQs.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
7a8b2e8213762d89dfee25378f8d89e8
dd0f51c4fb402d0892466ea82963d8bc8243c4c2
6e8f36e9c34f4cafc8c3d6a8d1409a187f168bd4c1ead36fa3c7d86c58471a15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/BK5thrQs.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"64-/Fjb8CnH88NNIKGMJ7EMKEnR7fE"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=it4jdr%2FvFMGIDxmrMMiqvF8HyjV439iDSSWp%2Fy6ftcDyqf9DVXCVFGZf9qS2KE%2BaOoX%2BL92LUvYqJtBZJ8KD1utMlfUhZIRrVQ%2BTLtZKWsll56QbXnvzQX6Oue6R%2BZc4yESB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f89909978a2b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2335&min_rtt=1052&rtt_var=2076&sent=959&recv=87&lost=0&retrans=1&sent_bytes=1073085&recv_bytes=21925&delivery_rate=7216362&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1468&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/app.CSFLKBUs.css

188.114.97.1

200 OK

93 kB

URL GET HTTP/3
carboxatling.pro/_nuxt/app.CSFLKBUs.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type

Size
93 kB (93406 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/app.CSFLKBUs.css HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://carboxatling.pro/
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"16cde-9bgj2qPwDbcm0S7m6Qc3cqxmGNk"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvMULZf1o0UHq2Swf6ZamKG4c%2Bf2pM2fd%2BdT3ldtQm%2Fe%2BZcL0CWMb1qqO%2Fv1iGAsk8tge%2FgHpkJauzaajgz8wHJXaIsnSszBaqUmKqdhLOWbKFjsGehYwxFxqYAd1eNVJTQ3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990925f5ab50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2508&min_rtt=1411&rtt_var=814&sent=571&recv=43&lost=0&retrans=0&sent_bytes=644844&recv_bytes=11491&delivery_rate=4142247&cwnd=194100&unsent_bytes=0&cid=b038f72fd1fb388b&ts=447&x=1", cfExtPri, cfHdrFlush;dur=8

carboxatling.pro/_nuxt/fpPkKohB.js

188.114.97.1

200 OK

73 B

URL GET HTTP/3
carboxatling.pro/_nuxt/fpPkKohB.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with no line terminators
Size
73 B (73 bytes)
Hash
3e77d49e7d7a5f02250ddc02aa85f4ea
43bc5c3ac17ca641aabf559f36fa1ec12a4b28e1
e8a9466a913bc57c318d3134eb9e22301c442b7521aa62abb961ff9dfee3ab53

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/fpPkKohB.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://carboxatling.pro/
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"49-IzrfatlZa4uf4LSKDNQ6WjS0pxk"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YUDa4pwX2Pg3cfL6Lx4ngUmFOutBCx0s59kOjysycMRy2B%2B5sLwCgBGQuEVIGc0lLRWALFjKjvphVzsmK483bEIJULMlTUakyFn2rinuKniOPFcdBFco%2Ff1vezRh6CyqtVZg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990975de5b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3224&min_rtt=1180&rtt_var=2644&sent=922&recv=63&lost=0&retrans=1&sent_bytes=1048425&recv_bytes=15527&delivery_rate=252196&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1132&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/D8AK1za9.js

188.114.97.1

200 OK

103 B

URL GET HTTP/3
carboxatling.pro/_nuxt/D8AK1za9.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
ca70d8e137201b3206aae09bbe6c585a
f56a8fbd56e169ef465b94eefb2c76bfffa99610
ada576ea520b176e4bfb7c3d749f56c22a759cceb56872dd963683ad9f329d3c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/D8AK1za9.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"67-cAdorFJxo/MHFcPzop4bUGkckc4"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PFCJH79AOT7UvVOS25XJfPgOeF3XMZ%2F7cTJBePL3Fs68m7lA8%2BCwHuQtqXsZ4wTa71nBFM3DwA8raIQysSsxAz62fCTBNh1xjact2at3k97gIm2nmkY3B4ncmVPI8gdz9iX2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f89909978a7b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2036&min_rtt=1052&rtt_var=1687&sent=962&recv=89&lost=0&retrans=1&sent_bytes=1075233&recv_bytes=22015&delivery_rate=1173009&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1475&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/BRBj6No2.js

188.114.97.1

200 OK

255 B

URL GET HTTP/3
carboxatling.pro/_nuxt/BRBj6No2.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with no line terminators
Size
255 B (255 bytes)
Hash
3993172a0c90c050b0c1e7e095f8e1bd
93e87236ec4e8538853eaa5aa0eb0c2e1570d900
0c409b845a690f989d74275cdc799ba60a1303e7a304b2ce06b1da07bf9b565b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/BRBj6No2.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/47uhC8fP.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"ff-kaBvyK30m3+YiSUCz0Ff0tM4RIQ"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gv2bHw8ZPr0vGdLtTqEw53qp4la7gGBsEVod2MIPKrIQAFDMAjCq4KIqmC8MUUhsHx6bXaWHwxAwF43YmB52LWyWbCM3oWgkgoj%2FZ4hB9f57i6l2DpYhBRhJ9UAzniRNjfDz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990965c9cb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3589&min_rtt=1411&rtt_var=3206&sent=907&recv=55&lost=0&retrans=1&sent_bytes=1037211&recv_bytes=13756&delivery_rate=40074&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=898&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/DJKhqW6V.js

188.114.97.1

200 OK

4.8 kB

URL GET HTTP/3
carboxatling.pro/_nuxt/DJKhqW6V.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JavaScript source, ASCII text, with very long lines (4988), with no line terminators
Size
4.8 kB (4803 bytes)
Hash
8036fca7057068edfea0e64781b56398
a8891a36acc92a0c7e9e8c63e940690f482b4173
a6453a3779f95db79a3110005e5cba05bd205ccf57d896d1b9594b849976a138

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DJKhqW6V.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/D1lHC0qF.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"12c3-/CXbkCfoZMonCXEu0pYKp9iT834"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cHbwbznvoUWOcKTHNX%2Bbdx4Rbyd4FvlMeiQZjpDXST8AIwPpyUIJxZIANGc1gzPlpNS5eRy3tfEVlwLu%2FpH2E%2B7IHkevQMHC4HGaoLNVm8dcl2s0SiXpEFl3PDlE%2BjY1vqCo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f89909afa8cb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1973&min_rtt=1052&rtt_var=1390&sent=964&recv=92&lost=0&retrans=1&sent_bytes=1076163&recv_bytes=23510&delivery_rate=41929&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1639&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/BvMnD2Ca.js

188.114.97.1

200 OK

268 B

URL GET HTTP/3
carboxatling.pro/_nuxt/BvMnD2Ca.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
268 B (268 bytes)
Hash
6e579f44e2b7d1013f4bee81a877916a
8f63c26cff9e490f1947cd3726bce14ffdd74bf7
c2cc1706ebc6561b414abeaa80bfe503bc0c3765b9b5de046666385a1ff705a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/BvMnD2Ca.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://carboxatling.pro/
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"10c-JiKBGRyCacGaLivVeJJtnUFL6w8"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YVuujdZwB30OKyAx%2B8YXfgscS4VywjEyFqIA1d94ez3il1shfv54ao%2BkK9YG4xaAyabGSKDxzkosce8EVEB3wNP2d%2F3EhI51xUphJv2uf89uzroxK5A8ww%2FBeXnFdn0XMplK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990975deab50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3119&min_rtt=1385&rtt_var=2604&sent=918&recv=60&lost=0&retrans=1&sent_bytes=1045385&recv_bytes=15033&delivery_rate=3537799&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1054&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/builds/meta/d0cdb29d-3d77-4df0-a548-a95005404899.json

188.114.97.1

200 OK

139 B

URL GET HTTP/3
carboxatling.pro/_nuxt/builds/meta/d0cdb29d-3d77-4df0-a548-a95005404899.json
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
6d1beac2b4f1a7cb7347799200ab453b
1e378fb25cd82f16ad1968a46f8c7457ca6bbc36
d5c88fbcd9ffb50bde2663d4d5e999415d89a00006878ae14c05469f07213c33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/builds/meta/d0cdb29d-3d77-4df0-a548-a95005404899.json HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: application/json
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"8b-imR7H7/xYycgZ0e54Btd3I0YCE8"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=swZBnmFhKeXaj5QlW2xfGK2AtCyXqN%2BfrCrjpsa9KAfd%2BGyHCazcvqgkNyCMsU9jERlqJmUbQk55rcRrvFL88PTrxK2CXl1EGFFQKU1R7Bxu0u5uUa0u7X0lgOmXLIrU3vut"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f899097be47b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3516&min_rtt=1385&rtt_var=2747&sent=921&recv=62&lost=0&retrans=1&sent_bytes=1047530&recv_bytes=15482&delivery_rate=13318&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1121&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/DKzjMyrj.js

188.114.97.1

200 OK

146 B

URL GET HTTP/3
carboxatling.pro/_nuxt/DKzjMyrj.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
7142bf665e5ceaaf4c92c464f240731a
7c4a927cac432057edd34913e99f0101b30503f8
f913097c9affd4ad0dfba51001122039b4dd3dac404ee66cdeb74fc96eb90023

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DKzjMyrj.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"92-53b/0Ku/L7CcIcd69tOySF0gQ+o"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HwDrhglzXdCTJ0qBpLnvpGY%2FQGmVabXlA4TGevgxnVIYqyzGfmA51I7PwYWOBLT0SQKp0bIyk%2FQT5GV1Z%2B3sSGPsF2chXqq5aFMGYHsFogswu8OMVppBnGBizdIYpRWl21Mi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990997896b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2335&min_rtt=1052&rtt_var=2076&sent=958&recv=87&lost=0&retrans=1&sent_bytes=1072151&recv_bytes=21925&delivery_rate=7216362&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1465&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/vnHShMTM.js

188.114.97.1

200 OK

307 B

URL GET HTTP/3
carboxatling.pro/_nuxt/vnHShMTM.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (332), with no line terminators
Size
307 B (307 bytes)
Hash
3c3b6d3a5a5861286e2d7aad0a7c438c
7e8655d8da3bcab721efebf3fe4eee3785639941
227334082ecd0d224d81f209d1c4ae79e954a840fb7a4f23e5d76714248ad37e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/vnHShMTM.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"133-5VMvzvn9SJkSgWL0ts5RVAy2f/U"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2BUZnlRBH1eIGF5zKwd9xIr32DUPzo3uZMJpTWl5bpM9r%2BYEo%2BCkRRoy4ylFTWHkrAZJeClTcHLTbS4xteLSyxbCo51VBGlkU1LYmh443fJ5EuhhFROmXlUd5uhWCmJj%2BOcp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990997897b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3698&min_rtt=1180&rtt_var=4090&sent=943&recv=81&lost=0&retrans=1&sent_bytes=1057589&recv_bytes=21655&delivery_rate=1961683&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1453&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/B2-mJ7ah.js

188.114.97.1

200 OK

104 B

URL GET HTTP/3
carboxatling.pro/_nuxt/B2-mJ7ah.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
4fe36da1afccb1387f76c6b03a36a23c
873165e5f6dfcfff76da894041931134a5bbd76d
4644c804d3e915bd8b6eeceb511fa26a156bd1e86d81ae9963db1ff9fdd73943

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/B2-mJ7ah.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"68-BvRmUaduxVDbCUbDflO97dXD3jc"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sP6yEI8%2By1hLvbk%2FG%2BHKKg0qP4UXdrUPw%2F2K%2FYfaXrEGtuQZcVK3LREJpsdJLVzeC%2FzJJtb73%2BfyVnh7kmZFKns2FqrFesQwCbdjWd342NCwyBFU7BFQGzzFqyI2G99zkIyg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f89909978a0b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4832&min_rtt=1180&rtt_var=5620&sent=935&recv=78&lost=0&retrans=1&sent_bytes=1051477&recv_bytes=21518&delivery_rate=6587&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1413&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/47uhC8fP.js

188.114.97.1

200 OK

351 B

URL GET HTTP/3
carboxatling.pro/_nuxt/47uhC8fP.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (364), with no line terminators
Size
351 B (351 bytes)
Hash
07d10e71670fcb1fc21131307b5bfb0d
58f123c1421b900ef29d1de5ed94b7c36906bd3b
08095243d165b25ed54d2e3c593ced2108f69ebcb14fe1fdfb8c8e01e2c51891

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/47uhC8fP.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/BRNg2fBp.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"15f-/W4CL4KhaIhqj89gdZj6D0jfOYM"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8sC1Eo%2FcDYyVTEc88QNv8LVAT9maRWA2Dv3eTPWC3QXZoszX6OSPRyJpyl144p3HS7t8uOO7u24q1%2BXDgPxfcogdRtceyJhu91NBhMottucBxuAResb1abTeik9qm9LFQ1F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990956b34b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4092&min_rtt=1411&rtt_var=4145&sent=902&recv=50&lost=0&retrans=1&sent_bytes=1035217&recv_bytes=12537&delivery_rate=918310&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=750&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/DDfGOg_6.js

188.114.97.1

200 OK

452 B

URL GET HTTP/3
carboxatling.pro/_nuxt/DDfGOg_6.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (489), with no line terminators
Size
452 B (452 bytes)
Hash
7be2fbe0cbea481be5c8a229f7b0c621
84e12f628d77160881952b7d112846b9f0de7feb
ed5bde3ac27e475656f1f95fc3835e150fb9f9e2482024f74373c099e88aa3da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/DDfGOg_6.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/CG1ZRPRh.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"1c4-tZPuNd4FzZEFKoyQHmlHcFJ7fTU"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=StkISKKvWWHh%2FT676Vbt4%2FokJVYjsV6xl4A%2BgaBgvqEST35C81M4tkJCU44D5Q0i7VNtnNS8%2FBIFvs%2BR%2B6EV1fnggMD7lIBVc3qkbq2CKAnwb9zLwemjbm3hD4lc%2B1940Rw1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990986f36b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5252&min_rtt=1180&rtt_var=6373&sent=927&recv=67&lost=0&retrans=1&sent_bytes=1050261&recv_bytes=16370&delivery_rate=1184&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1315&x=1", cfExtPri, cfHdrFlush;dur=0

subscribe.swgotapush.com/v1/config?page=https://carboxatling.pro&api_key=

188.114.96.1

200 OK

429 B

URL GET HTTP/2
subscribe.swgotapush.com/v1/config?page=https://carboxatling.pro&api_key=
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectswgotapush.com
Fingerprint03:6B:DD:62:95:71:77:45:4F:D4:90:B2:DB:01:91:E8:6C:CA:9B:DC
ValiditySun, 17 Nov 2024 05:12:00 GMT - Sat, 15 Feb 2025 05:11:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (464), with no line terminators
Size
429 B (429 bytes)
Hash
1a64df4b564dbe34887aed4312937ac6
cf4698e540a1aaab2033a61197a1c78be6e0664d
6c9606b0c54b95fadb82186c23db16d5f31a565cd9cb967828b0927e6164141e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /v1/config?page=https://carboxatling.pro&api_key= HTTP/1.1
Host: subscribe.swgotapush.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://carboxatling.pro
DNT: 1
Connection: keep-alive
Referer: https://carboxatling.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n8FS3v5ecHm9vubuqRYdjYcT1KyhQ%2BOZ2d1cTvnDVz%2BCyck9va7DYZAE7paSw5Wk%2FwojgMrBWbgwwTUg7TjUlsvSf%2B8utWhYvMb1xR1kh5HZaHTpgrKmHEAmeQKYPuZXMZO5YJNFFei6ZPU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f89909d2d9fb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5714&min_rtt=465&rtt_var=10294&sent=11&recv=14&lost=0&retrans=1&sent_bytes=3968&recv_bytes=1492&delivery_rate=7476764&cwnd=257&unsent_bytes=0&cid=1065bdbfdaaa0a73&ts=450&x=0"
X-Firefox-Spdy: h2

carboxatling.pro/_nuxt/Ve_9shmk.js

188.114.97.1

200 OK

7.3 kB

URL GET HTTP/3
carboxatling.pro/_nuxt/Ve_9shmk.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (7702), with no line terminators
Size
7.3 kB (7327 bytes)
Hash
fc5dfacca0a7a636e2db098e08afd917
35396628f56496df4f3cb420236e45dfb50d4af7
4a6855ef8064dedf1fdb40481c0c4c388e581a8e889dd7beeeaf51b41abbaadb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/Ve_9shmk.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"1c9f-2ZDz9mpLOFDc5AG4p7K9cB5fh1s"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0MOj%2BuDdxFw%2FczSMRzBvqHjItgXBafiM3%2FZgYB%2FMfUoTeO15PZb4t%2FSCrpXPPUbDivEj5TZSkh7u33rK%2BDkZPvNDKY1uM8QMMvJHRM7cNaPPjlOrYZIgnRhsC%2BmuIOZaLe%2Bo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f899099687fb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4034&min_rtt=1180&rtt_var=4557&sent=938&recv=80&lost=0&retrans=1&sent_bytes=1053662&recv_bytes=21610&delivery_rate=722120&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1451&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/app.BRr80QMN.css

188.114.97.1

200 OK

9.2 kB

URL GET HTTP/3
carboxatling.pro/_nuxt/app.BRr80QMN.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (9192), with no line terminators
Size
9.2 kB (9185 bytes)
Hash
d1a38d8cc494c2318a41fd3cfe09f005
009d40cdc75a49ef46536ba915d55422465b8973
f65b4443a0036f24fca17e528bf9e32a6af13fd1f25a3d790451031325a30e0f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/app.BRr80QMN.css HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://carboxatling.pro/
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:52 GMT
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"23e1-S9CRAj2GzUpitXAx/mCKGRu4IA8"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7jYNSHkjTJoF4ONcuAICJw8L%2BmaTpdjcR1i%2FTPSzOdPQLBmqsF2i7ngYMKjDKfZzOyDD3jESeIBmQr6Ju9xbwZ%2Ft2QpZFdTGRJI%2FKm%2FL%2BuHZikqtsUeot4q9lcJ6F4SmOcw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990925f58b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3748&min_rtt=2601&rtt_var=1557&sent=32&recv=29&lost=0&retrans=0&sent_bytes=11437&recv_bytes=10859&delivery_rate=21630&cwnd=12000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=343&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_showcase/images/templates/rednews/favicon.png

188.114.97.1

200 OK

408 B

URL GET HTTP/3
carboxatling.pro/_showcase/images/templates/rednews/favicon.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
PNG image data, 59 x 59, 4-bit colormap, non-interlaced
Size
408 B (408 bytes)
Hash
b4fddd4262d09275da6a0819c9595e4c
44adabf5be128e498fde7b3123dff0f44afad4e8
4d9907c300d9cbc19390bc76bb489d42a95bab6c8bf34097b3fc60fb4de1674b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_showcase/images/templates/rednews/favicon.png HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:53 GMT
content-type: image/png
content-length: 408
vary: Accept-Encoding
etag: "198-RK2r9b4SjkmP3nsxI9/w9Er61Og"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0I3zeEaLVYuitlF8MbCxZ7PHyMP0dKOaErMU%2BVHW50UXXCydQaqeehpcx78hhcOb1CtgsKL0pZyxzGJRIEwqJyeoTHZyf2JusL960Bacz5rt2ZeOEa%2BDIaLpSa0EmS2cCBr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990974dd4b50c-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3516&min_rtt=1385&rtt_var=2747&sent=920&recv=62&lost=0&retrans=1&sent_bytes=1046410&recv_bytes=15482&delivery_rate=13318&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1114&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/D1lHC0qF.js

188.114.97.1

200 OK

5.6 kB

URL GET HTTP/3
carboxatling.pro/_nuxt/D1lHC0qF.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (5642), with no line terminators
Size
5.6 kB (5561 bytes)
Hash
cc2cdae7b139037be3e28e9b54cdb629
1c5c450382dc5205ed79c658e39613cbe1ac41b2
62680640d6f9842570c78be3179623a8ec26577168e4dd09b3816ca33b325edf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/D1lHC0qF.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"15b9-pJE7YeESXz+6fBgLnZnVxR1NHb4"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YKucnnldOL%2BtIVyBmjOfGHR1Owtratc06D06LHLr4nUWzC%2Bbff86tUnXLhVH92dw417RFRCdojKGU%2FTuiV7AsAB4kTAH60%2FT6usQDjjblbcgQN8H4Z8TSYObfUtdup%2FVtDkv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990996885b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3367&min_rtt=1052&rtt_var=3729&sent=946&recv=82&lost=0&retrans=1&sent_bytes=1059963&recv_bytes=21700&delivery_rate=1222610&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1458&x=1", cfExtPri, cfHdrFlush;dur=0

carboxatling.pro/_nuxt/CNBkLS2w.js

188.114.97.1

200 OK

586 B

URL GET HTTP/3
carboxatling.pro/_nuxt/CNBkLS2w.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://carboxatling.pro/
Certificate
IssuerGoogle Trust Services
Subjectcarboxatling.pro
Fingerprint1D:F6:B9:3E:CB:59:B4:53:AD:61:F1:30:5D:D1:C3:B3:17:C0:40:A5
ValiditySat, 02 Nov 2024 11:01:22 GMT - Fri, 31 Jan 2025 11:01:21 GMT

File type
ASCII text, with very long lines (611), with no line terminators
Size
586 B (586 bytes)
Hash
32049d3ebba927c4ea4bc6956a34944e
2a1fff1459bf6522c5765ae227352a106e52c66c
759ede341f7bb26acb8cef025e92bdda028229ebf3bc87b270713f36d9c9396f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_nuxt/CNBkLS2w.js HTTP/1.1
Host: carboxatling.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://carboxatling.pro/_nuxt/DDfGOg_6.js
DNT: 1
Connection: keep-alive
Cookie: surfer_uuid=ae0310aa-6fe3-4306-bdbb-7d9f1dd3e504; trek_uuid=3dedc837-3666-48f0-9145-4d26190b8e10; visit_uuid=449cbf67-3e59-4466-855d-45102e983222; 1073626138=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 27 Dec 2024 13:12:54 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
access-control-allow-methods: OPTIONS,HEAD,GET
access-control-allow-headers: *
access-control-expose-headers: *
access-control-allow-credentials: true
x-dns-prefetch-control: on
vary: Accept-Encoding
etag: W/"24a-rPG/ACYc/bk/l9qUPVjaOsxHIMs"
last-modified: Thu, 19 Dec 2024 07:20:05 GMT
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l2k2B9KUbbB8XJA26OhZS5F76HV2CKlnim%2B25tkQfFo5uhFrPiui%2B3E823ESL1tJyT1AvwXDKQw%2BVw%2FPgBY1K%2FCe3DmMN%2BE8iAW%2BjiN30RNXRu5l4FkQf9Fx8695fKNUg6CT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f8990997892b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2176&min_rtt=1052&rtt_var=1876&sent=960&recv=88&lost=0&retrans=1&sent_bytes=1073995&recv_bytes=21970&delivery_rate=452928&cwnd=303000&unsent_bytes=0&cid=b038f72fd1fb388b&ts=1474&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML