Report - xtube.chat/film.php?https://youareanidiot.cc/=XDFCAV.exe

Report Overview

Visited public
2025-05-03 19:03:41
Tags
URL
xtube.chat/film.php?https://youareanidiot.cc/=XDFCAV.exe
Finishing URL
youareanidiot.cc/
IP / ASN
52.173.151.229
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Title
You are an Idiot! (dot cc)

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
grabify.link	181878	2015-07-05	2015-07-08	2025-05-01	9.6 kB	227 kB	172.67.68.246
youareanidiot.cc	unknown	2020-05-29	2022-01-18	2025-04-16	6.0 kB	395 kB	104.21.95.69
grabify.world	unknown	2019-04-10	2020-03-11	2025-05-01	527 B	235 B	104.21.16.1
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2025-04-30	980 B	41 kB	104.16.79.73
xtube.chat	unknown	2024-04-05	2021-01-07	2025-05-03	524 B	396 B	52.173.151.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-05-03 19:03:09	medium	Client IP	172.67.68.246	ET INFO Observed IP Tracking Domain (grabify .link in TLS SNI)
2025-05-03 19:03:12	high	Client IP	104.26.8.202	ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016
2025-05-03 19:03:12	low	Client IP	104.26.8.202	ETPRO INFO HTTP Request to a *.link domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	From	Size	First Seen	Last Seen
	grabify.link/js/ads.js	ScriptElement	22 B	2023-03-08	2025-05-08
Pretty URL grabify.link/js/ads.js IP 172.67.68.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:38 Last Seen2025-05-08 18:34 Times Seen373 Hash f6e2186486eb52f45ccbcd7b58e273e7 a1d561c86b8aa5a5747e6acf5950562a8e1012e9 be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac Loading...

	grabify.link/film.php?youareanidiot.cc/=XDFCAV.exe	Function	37 B	2023-04-11	2025-05-09
Pretty URL grabify.link/film.php?youareanidiot.cc/=XDFCAV.exe IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-09 03:26 Times Seen263275 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	grabify.link/sandbox%20eval%20code		128 B	2023-05-06	2025-05-09
Pretty URL grabify.link/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-09 03:18 Times Seen24319 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	grabify.link/film.php?youareanidiot.cc/=XDFCAV.exe	ScriptElement	184 B	2025-03-02	2025-05-08
Pretty URL grabify.link/film.php?youareanidiot.cc/=XDFCAV.exe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 15:59 Last Seen2025-05-08 18:34 Times Seen192 Hash 6cff066ab49fd19e3737aa507fa8325c 6ac9678234ac1915dfdaef33985b949d3ff25b68 3cc47640d9abc57819a012d1a1315711eedfcac206203dafebd46dbd86694772 Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-05-09
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-05-09 03:00 Times Seen49389 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	grabify.link/film.php?youareanidiot.cc/=XDFCAV.exe	Function	37 B	2023-04-11	2025-05-09
Pretty URL grabify.link/film.php?youareanidiot.cc/=XDFCAV.exe IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-09 03:26 Times Seen263275 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	youareanidiot.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-05-09
Pretty URL youareanidiot.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.21.95.69 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 03:15 Times Seen68179 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	youareanidiot.cc/scripts/cleanup.js	ScriptElement	152 B	2023-08-25	2025-05-08
Pretty URL youareanidiot.cc/scripts/cleanup.js IP 104.21.95.69 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 11:27 Last Seen2025-05-08 04:09 Times Seen40 Hash 38da406b9fba351e6b9f8748d2a9a0dc bdf8569886c8ffb6c019bc00387f57348181fee8 8bc383fac73816e61e0c6a0d827e20a4899c9ab7d0f6b03025a93171b6e70602 Loading...

	grabify.link/film.php?youareanidiot.cc/=XDFCAV.exe	Function	79 B	2023-04-11	2025-05-09
Pretty URL grabify.link/film.php?youareanidiot.cc/=XDFCAV.exe IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-09 01:36 Times Seen112364 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	ScriptElement	1.6 kB	2023-05-06	2025-05-09
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-09 03:18 Times Seen24110 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2	ScriptElement	174 kB	2025-04-09	2025-05-03
Pretty URL grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2 IP 172.67.68.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 22:10 Last Seen2025-05-03 23:59 Times Seen55 Hash 906af712399481b21e4df58b63cf67b5 164878008036d2896f1ad1b7037457f84ba03236 ccf5ba52460f36d0323bc4470eba9b04987a74383001196b2717e3117b0781b6 Loading...

	grabify.link/js/jquery-2.5.2.min.js	ScriptElement	12 kB	2025-04-09	2025-05-03
Pretty URL grabify.link/js/jquery-2.5.2.min.js IP 172.67.68.246 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 22:10 Last Seen2025-05-03 23:59 Times Seen56 Hash e1860a6ffe29186099ae6f20bc659745 fa60f1bc9579be4635f180670a05aa610ec44b07 d8c2ca02fcc066486105156dddf1aa9eafbb859370f9e994f0ffe42ff81fc528 Loading...

	youareanidiot.cc/scripts/safe.js	ScriptElement	2.1 kB	2024-11-20	2025-05-08
Pretty URL youareanidiot.cc/scripts/safe.js IP 104.21.95.69 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-20 04:38 Last Seen2025-05-08 04:09 Times Seen19 Hash 6fdb760fb7430f1f69e39eb19047bdfa 5105111bab63b1e7cf6b83c7f6cadf5a73dec297 0bf37a0fd32de739c95f694cae4e377c1ad5ba7dcd5cbb303b618c6c7f79a127 Loading...

	youareanidiot.cc/scripts/math.js	ScriptElement	1.2 kB	2023-12-01	2025-05-08
Pretty URL youareanidiot.cc/scripts/math.js IP 104.21.95.69 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 17:01 Last Seen2025-05-08 04:09 Times Seen40 Hash 91a6ca262b43459c5ffc7d26dd7ec517 65fc0670eb58bbc3697926813712b0edf4c57778 7a68a5e6ad9128312249540e6fff8a369b953fcf8cd668a64b357e659b37b817 Loading...

	youareanidiot.cc/scripts/you.js	ScriptElement	569 B	2023-12-01	2025-05-08
Pretty URL youareanidiot.cc/scripts/you.js IP 104.21.95.69 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-01 17:01 Last Seen2025-05-08 04:09 Times Seen38 Hash c01d28b90726a4591702f393f81f27a0 6901acf39a593d825c5f8a2203f3682c1302848c 2a2c70a955efe6fbda7ee22ce3682eeac4fb7d4459b1c2cba4105f758a791cfb Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-05-09
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-05-09 03:00 Times Seen49389 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	grabify.link/film.php?youareanidiot.cc/=XDFCAV.exe	Function	79 B	2023-04-11	2025-05-09
Pretty URL grabify.link/film.php?youareanidiot.cc/=XDFCAV.exe IP 0.0.0.0 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-09 01:36 Times Seen112364 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

HTTP Transactions (27)

URL IP Response Size

grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe

172.67.68.246

200 OK

4.5 kB

URL User Request GET
grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe
IP
172.67.68.246:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
Fingerprint2C:0D:7D:6A:3E:34:22:B5:45:3F:28:75:49:6E:04:19:27:A1:B2:52
ValiditySun, 27 Apr 2025 04:16:22 GMT - Sat, 26 Jul 2025 05:16:12 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (476)
Size
4.5 kB (4513 bytes)
Hash
eedecc1f44cecede04c337d081c92502
27c4746826e26facf10b03133aa17d0db3d2e0c8
4a490203185f9b635ee0d2e4c3b5637d0c48e7e5f669491c8df22c2e71226cf6

Detections

NIDS	Severity	Alert
suricata	high	ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016
suricata	low	ETPRO INFO HTTP Request to a *.link domain

HTTP Headers

GET /film.php?http://youareanidiot.cc/=XDFCAV.exe HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:13 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
x-ratelimit-limit: 15
x-ratelimit-remaining: 13
set-cookie: XSRF-TOKEN=eyJpdiI6IjJJNVByT2tUck5UNXVmZjlzYnJGQlE9PSIsInZhbHVlIjoibDZvaitSYnA3a0hxZkpXR21mUWVjMWdpaXZJdmVPYjYvZEp0cXNIZ1ZzbjI3cGhLcFk3bEZ6Wk5nblAwMlJvdzFTY2NXdnRMOWthRitpSXlJV0YweTZlcG5rOTFacUMwWnl4bVkzK1NoVXl4WTlPdGxyV01pWFdFSkxzV1JlUXEiLCJtYWMiOiIwMGYxODJhYTBjMzM4NmRkYThlZjIxNTFhZmRkZmJiMmFiZTA1ZTMzYWM3NjgyZmNlOTVjNjYxODk3MDk3NDkxIiwidGFnIjoiIn0%3D; expires=Sun, 04 May 2025 00:03:13 GMT; Max-Age=18000; path=/; secure
g_session=eyJpdiI6Im5JN1Fmb1BKT0p0VFUyemFVQzJyL2c9PSIsInZhbHVlIjoicjMrMG14eWN0bUdQMVgxY1l6dGJnWEtvWTNyMGFYbXR3Vk5sNFB3YmIzdTlUejdQSUw0VjFNekFNanhnNERuUy9GNDZpQ25QdVc4cCtvQmh3M2NvSnVXWDdZcmlIeHhDL2dKaGNXaERlNW5VVjNJVUxQaDhyK0xvV2lDQXAvOG8iLCJtYWMiOiI3OTg1ZjkxNTVmYTFjNTdkNjkwZTgyNWNlODMzYmM1ZTkxYWMxZWY3YWQ5MGNiYTBkNTBhNWI3ZTY5OGZhMGY4IiwidGFnIjoiIn0%3D; expires=Sun, 04 May 2025 00:03:13 GMT; Max-Age=18000; path=/; secure; httponly
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BZ5ql8skiXXT4bcl0rijWdRrG4WmvAqkRaCMDQcEMmxFG%2BEywdPywIs7OScM98BiBwzPENxsImPdPSm3b2v5eehjnWVbMqDjoUu83w3kWVEcEuZGAJnIHwWmM%2FnK4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93a204605ce75693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=559&min_rtt=478&rtt_var=219&sent=10&recv=12&lost=0&retrans=0&sent_bytes=3200&recv_bytes=1292&delivery_rate=7869565&cwnd=254&unsent_bytes=0&cid=65629b236bf8828b&ts=4027&x=0"
X-Firefox-Spdy: h2

grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2

172.67.68.246

200 OK

174 kB

URL GET
grabify.link/js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2
IP
172.67.68.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
Fingerprint2C:0D:7D:6A:3E:34:22:B5:45:3F:28:75:49:6E:04:19:27:A1:B2:52
ValiditySun, 27 Apr 2025 04:16:22 GMT - Sat, 26 Jul 2025 05:16:12 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
174 kB (174371 bytes)
Hash
906af712399481b21e4df58b63cf67b5
164878008036d2896f1ad1b7037457f84ba03236
ccf5ba52460f36d0323bc4470eba9b04987a74383001196b2717e3117b0781b6

HTTP Headers

GET /js/jquery-2.5.1.min.js?id=becdb2801a6652a4af84f6a2d3f8a4f2 HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJJNVByT2tUck5UNXVmZjlzYnJGQlE9PSIsInZhbHVlIjoibDZvaitSYnA3a0hxZkpXR21mUWVjMWdpaXZJdmVPYjYvZEp0cXNIZ1ZzbjI3cGhLcFk3bEZ6Wk5nblAwMlJvdzFTY2NXdnRMOWthRitpSXlJV0YweTZlcG5rOTFacUMwWnl4bVkzK1NoVXl4WTlPdGxyV01pWFdFSkxzV1JlUXEiLCJtYWMiOiIwMGYxODJhYTBjMzM4NmRkYThlZjIxNTFhZmRkZmJiMmFiZTA1ZTMzYWM3NjgyZmNlOTVjNjYxODk3MDk3NDkxIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Im5JN1Fmb1BKT0p0VFUyemFVQzJyL2c9PSIsInZhbHVlIjoicjMrMG14eWN0bUdQMVgxY1l6dGJnWEtvWTNyMGFYbXR3Vk5sNFB3YmIzdTlUejdQSUw0VjFNekFNanhnNERuUy9GNDZpQ25QdVc4cCtvQmh3M2NvSnVXWDdZcmlIeHhDL2dKaGNXaERlNW5VVjNJVUxQaDhyK0xvV2lDQXAvOG8iLCJtYWMiOiI3OTg1ZjkxNTVmYTFjNTdkNjkwZTgyNWNlODMzYmM1ZTkxYWMxZWY3YWQ5MGNiYTBkNTBhNWI3ZTY5OGZhMGY4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 03 May 2025 19:03:14 GMT
content-type: application/javascript
last-modified: Tue, 08 Apr 2025 20:27:36 GMT
etag: "2a923-6324a2ee7a8b3-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ar9MRUUYQsTGxigCJ7nWVYLqqhgTMQN2vMyNu6b63uXBKaZQWMFCmQVV1CZWzUBeKXLrCgiheGtVNuyn%2Bd3yROdf6MixE6TRvnyNlbN4zQqQC1Hq%2BDWDy0ZdF2l%2FUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93a204673b6b7123-TLL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16334&min_rtt=14002&rtt_var=5595&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4834&recv_bytes=2516&delivery_rate=6989&cwnd=12000&unsent_bytes=0&cid=b59909b8e6aa6b0b&ts=987&x=1", cfExtPri, cfHdrFlush;dur=0

youareanidiot.cc/

104.21.95.69

200 OK

58 kB

URL User Request GET
youareanidiot.cc/
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (483)
Size
58 kB (58339 bytes)
Hash
53eef5ed8e74c33683f7d64d5bcc080d
08d9117b0c75cdb686d885f5af799035b67ccbca
8fa1d57d85066d27872bd738f0b9b94957446ca3d298ff0f42796feded02920b

HTTP Headers

GET / HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:17 GMT
content-type: text/html
cf-ray: 93a2047b3cf9ad9f-AMS
server: cloudflare
content-encoding: br
last-modified: Wed, 16 Oct 2024 17:58:04 GMT
vary: Accept-Encoding
cache-control: public, max-age=90, immutable
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpzlXO%2F62D16AOg6IpacC2vKbIcR9Abcf%2BKUIsiolGkySaVvjhXGz61m%2F3qaOOApzikuNPjvN6KMmCpCcw5RXcdgJOjXm2WnpG1xct6qamMHIcip1kqOI%2BCFGFnodQIarCg9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=19727&min_rtt=19696&rtt_var=3163&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3290&recv_bytes=1254&delivery_rate=219139&cwnd=254&unsent_bytes=0&cid=8a3ce2ec3037267c&ts=82&x=0"
X-Firefox-Spdy: h2

youareanidiot.cc/styles/styles.css

104.21.95.69

200 OK

2.6 kB

URL GET
youareanidiot.cc/styles/styles.css
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
assembler source, ASCII text
Size
2.6 kB (2600 bytes)
Hash
7bf93717301afc704d032d7f603da340
4f9f7aaf79801c97b42c35bc337474faa8ce7ead
ced0aca766e62c85da31e9016aa5bff8a0067871bd882684dd79e748f364ecd7

HTTP Headers

GET /styles/styles.css HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:17 GMT
content-type: text/css
server: cloudflare
last-modified: Wed, 16 Oct 2024 17:58:04 GMT
vary: Accept-Encoding
etag: W/"670ffeac-a28"
cache-control: public, max-age=31536000, no-transform, immutable
x-content-type-options: nosniff
content-encoding: gzip
age: 934081
cf-cache-status: HIT
cf-ray: 93a2047cff8dad9f-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

grabify.link/film.php?https://youareanidiot.cc/=XDFCAV.exe

0.0.0.0

0 B

URL User Request GET
grabify.link/film.php?https://youareanidiot.cc/=XDFCAV.exe
IP
0.0.0.0:0
ASN
#0

Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
Fingerprint2C:0D:7D:6A:3E:34:22:B5:45:3F:28:75:49:6E:04:19:27:A1:B2:52
ValiditySun, 27 Apr 2025 04:16:22 GMT - Sat, 26 Jul 2025 05:16:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /film.php?https://youareanidiot.cc/=XDFCAV.exe HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

youareanidiot.cc/images/speakerm.avif

104.21.95.69

200 OK

18 kB

URL GET
youareanidiot.cc/images/speakerm.avif
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
ISO Media, AVIF Image
Size
18 kB (17678 bytes)
Hash
dd60392e26001cedd02019702094124c
fbdb51a7ec62a15d2e499728ee9146066b56ab8a
a314d22cc8646933bddf3fff8b799a11aedef79545dc2032cb0531c9f71e86e5

HTTP Headers

GET /images/speakerm.avif HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:17 GMT
content-type: image/avif
content-length: 17678
server: cloudflare
last-modified: Wed, 16 Oct 2024 17:58:04 GMT
etag: "670ffeac-450e"
accept-ranges: bytes
age: 4710
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 93a2047cff90ad9f-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

youareanidiot.cc/media/youare.mp3

104.21.95.69

206 Partial Content

98 kB

URL GET
youareanidiot.cc/media/youare.mp3
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, Stereo
Size
98 kB (98304 bytes)
Hash
afb2d67f8c52203f8dc83b8bb7d85947
a247365f65e8f4ee5a1872409645e0f93514d963
e74b116136bf3b6844094f53ca7f89c8c5c61e000e7cc2a19722c99dcdafd5c8

HTTP Headers

GET /media/youare.mp3 HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Sat, 03 May 2025 19:03:17 GMT
content-type: audio/mpeg
content-length: 206997
server: cloudflare
last-modified: Wed, 16 Oct 2024 17:58:04 GMT
etag: "670ffeac-32895"
cache-control: public, max-age=31536000, no-transform, immutable
x-content-type-options: nosniff
accept-ranges: bytes
age: 950262
content-range: bytes 0-206996/206997
cf-cache-status: HIT
cf-ray: 93a2047d0facad9f-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

youareanidiot.cc/favicon.ico

104.21.95.69

200 OK

1.0 kB

URL GET
youareanidiot.cc/favicon.ico
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
MS Windows icon resource - 1 icon, 64x64 with PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced, 32 bits/pixel
Size
1.0 kB (1037 bytes)
Hash
0b6dcf9c1429088c7f079d7cc291bb66
d23f9a17c55011a829c1365bcba999b27c4115f4
4b0358b16230208179720a09d205b99a3e9764e63815b09e9f1716a02fccadcb

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 03 May 2025 19:03:17 GMT
content-type: image/x-icon
content-length: 1037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKGnkWIqaFnhf3Mrjod5Fsj47QIw4SkPg4AOPHrlruvRYvBlQ4PqAsqndk7lDxqFdXw3QMOD2unpCM5UYdvDWMzIP2FCvUdnGLYPy%2FjRAfsKm9427%2BF1u49Wm5a%2B1NCQEbVn"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 16 Oct 2024 17:58:04 GMT
etag: "670ffeac-40d"
cache-control: public, max-age=31536000, no-transform, immutable
x-content-type-options: nosniff
accept-ranges: bytes
age: 946165
cf-cache-status: HIT
cf-ray: 93a2047dad482908-AMS
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=26209&min_rtt=24160&rtt_var=13159&sent=23&recv=19&lost=0&retrans=0&sent_bytes=4443&recv_bytes=3285&delivery_rate=13079&cwnd=12000&unsent_bytes=0&cid=13a0fa64d7bdfb96&ts=331&x=16"

youareanidiot.cc/cdn-cgi/rum?

104.21.95.69

204 No Content

0 B

URL POST
youareanidiot.cc/cdn-cgi/rum?
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1310
Origin: https://youareanidiot.cc
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Sat, 03 May 2025 19:03:17 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://youareanidiot.cc
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 93a2047dbd4c2908-AMS
x-frame-options: DENY

grabify.world/film.php?https://youareanidiot.cc/=XDFCAV.exe

104.21.16.1

302 Found

0 B

URL User Request GET
grabify.world/film.php?https://youareanidiot.cc/=XDFCAV.exe
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgrabify.world
Fingerprint69:51:F8:61:43:9B:C5:F0:5D:91:30:4F:7C:6F:26:D1:48:15:0D:78
ValidityTue, 18 Mar 2025 23:07:20 GMT - Tue, 17 Jun 2025 00:05:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /film.php?https://youareanidiot.cc/=XDFCAV.exe HTTP/1.1
Host: grabify.world
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 03 May 2025 19:03:09 GMT
location: https://grabify.link/film.php?https://youareanidiot.cc/=XDFCAV.exe
server: cloudflare
cf-ray: 93a2044d1acdfff8-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

grabify.link/favicon.ico

172.67.68.246

200 OK

22 kB

URL GET
grabify.link/favicon.ico
IP
172.67.68.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
Fingerprint2C:0D:7D:6A:3E:34:22:B5:45:3F:28:75:49:6E:04:19:27:A1:B2:52
ValiditySun, 27 Apr 2025 04:16:22 GMT - Sat, 26 Jul 2025 05:16:12 GMT

File type
MS Windows icon resource - 3 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel
Size
22 kB (22382 bytes)
Hash
2e3ddf160b20974e2bb405b8f6422342
9ec93050ac2b80092dacc65d8b882d7f920e2b16
b00b8cd633d0a635c5840a2ae401724999d670fad974758220521143263b8d21

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJJNVByT2tUck5UNXVmZjlzYnJGQlE9PSIsInZhbHVlIjoibDZvaitSYnA3a0hxZkpXR21mUWVjMWdpaXZJdmVPYjYvZEp0cXNIZ1ZzbjI3cGhLcFk3bEZ6Wk5nblAwMlJvdzFTY2NXdnRMOWthRitpSXlJV0YweTZlcG5rOTFacUMwWnl4bVkzK1NoVXl4WTlPdGxyV01pWFdFSkxzV1JlUXEiLCJtYWMiOiIwMGYxODJhYTBjMzM4NmRkYThlZjIxNTFhZmRkZmJiMmFiZTA1ZTMzYWM3NjgyZmNlOTVjNjYxODk3MDk3NDkxIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Im5JN1Fmb1BKT0p0VFUyemFVQzJyL2c9PSIsInZhbHVlIjoicjMrMG14eWN0bUdQMVgxY1l6dGJnWEtvWTNyMGFYbXR3Vk5sNFB3YmIzdTlUejdQSUw0VjFNekFNanhnNERuUy9GNDZpQ25QdVc4cCtvQmh3M2NvSnVXWDdZcmlIeHhDL2dKaGNXaERlNW5VVjNJVUxQaDhyK0xvV2lDQXAvOG8iLCJtYWMiOiI3OTg1ZjkxNTVmYTFjNTdkNjkwZTgyNWNlODMzYmM1ZTkxYWMxZWY3YWQ5MGNiYTBkNTBhNWI3ZTY5OGZhMGY4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 03 May 2025 19:03:16 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 02 Mar 2023 08:48:42 GMT
etag: W/"576e-5f5e6e55d2ad7"
cf-cache-status: REVALIDATED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6O5USG7OOu7%2FhSv6GJM6L61DZ6W8JZx1tbQ7m%2FlVD0y7zUCQHeCWG9jPqwDK9N%2BFid%2FoJclYsBTSu1wy4JuyH7aiPXfYU62f7qO7gELg%2Fh1zwl%2FSFOcVs%2B6nDcxTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 93a2046f1b4a7123-TLL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16078&min_rtt=13678&rtt_var=3202&sent=69&recv=18&lost=0&retrans=0&sent_bytes=65993&recv_bytes=4522&delivery_rate=16051&cwnd=34800&unsent_bytes=0&cid=b59909b8e6aa6b0b&ts=2480&x=1", cfExtPri, cfHdrFlush;dur=0

youareanidiot.cc/scripts/math.js

104.21.95.69

200 OK

1.2 kB

URL GET
youareanidiot.cc/scripts/math.js
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
ASCII text
Size
1.2 kB (1200 bytes)
Hash
91a6ca262b43459c5ffc7d26dd7ec517
65fc0670eb58bbc3697926813712b0edf4c57778
7a68a5e6ad9128312249540e6fff8a369b953fcf8cd668a64b357e659b37b817

HTTP Headers

GET /scripts/math.js HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:17 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 16 Oct 2024 17:58:04 GMT
vary: Accept-Encoding
etag: W/"670ffeac-4b0"
cache-control: public, max-age=31536000, no-transform, immutable
x-content-type-options: nosniff
content-encoding: gzip
age: 934081
cf-cache-status: HIT
cf-ray: 93a2047cff9cad9f-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

youareanidiot.cc/scripts/you.js

104.21.95.69

200 OK

569 B

URL GET
youareanidiot.cc/scripts/you.js
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
ASCII text
Size
569 B (569 bytes)
Hash
c01d28b90726a4591702f393f81f27a0
6901acf39a593d825c5f8a2203f3682c1302848c
2a2c70a955efe6fbda7ee22ce3682eeac4fb7d4459b1c2cba4105f758a791cfb

HTTP Headers

GET /scripts/you.js HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:17 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 16 Oct 2024 17:58:04 GMT
vary: Accept-Encoding
etag: "670ffeac-239"
cache-control: public, max-age=31536000, no-transform, immutable
x-content-type-options: nosniff
content-encoding: gzip
age: 871441
cf-cache-status: HIT
cf-ray: 93a2047d0fa0ad9f-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

youareanidiot.cc/scripts/safe.js

104.21.95.69

200 OK

2.1 kB

URL GET
youareanidiot.cc/scripts/safe.js
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
Unicode text, UTF-8 text
Size
2.1 kB (2124 bytes)
Hash
6fdb760fb7430f1f69e39eb19047bdfa
5105111bab63b1e7cf6b83c7f6cadf5a73dec297
0bf37a0fd32de739c95f694cae4e377c1ad5ba7dcd5cbb303b618c6c7f79a127

HTTP Headers

GET /scripts/safe.js HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:17 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 16 Oct 2024 17:58:04 GMT
vary: Accept-Encoding
etag: W/"670ffeac-84c"
cache-control: public, max-age=31536000, no-transform, immutable
x-content-type-options: nosniff
content-encoding: gzip
age: 949970
cf-cache-status: HIT
cf-ray: 93a2047cff98ad9f-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

youareanidiot.cc/media/youare.mp3

104.21.95.69

206 Partial Content

188 kB

URL GET
youareanidiot.cc/media/youare.mp3
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, Stereo
Size
188 kB (188380 bytes)
Hash
d939c4cfeb326a14608a4369e4fffb51
41a89482d084ef3d7d15754139936798ccb0acf6
59d26a62d903733577a97347ab07cbfe66413dd5efd82d49638623f716908c7c

HTTP Headers

GET /media/youare.mp3 HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Sat, 03 May 2025 19:03:17 GMT
content-type: audio/mpeg
content-length: 206997
server: cloudflare
last-modified: Wed, 16 Oct 2024 17:58:04 GMT
etag: "670ffeac-32895"
cache-control: public, max-age=31536000, no-transform, immutable
x-content-type-options: nosniff
accept-ranges: bytes
age: 950262
content-range: bytes 0-206996/206997
cf-cache-status: HIT
cf-ray: 93a2047d0faaad9f-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

grabify.link/js/ads.js

172.67.68.246

200 OK

22 B

URL GET
grabify.link/js/ads.js
IP
172.67.68.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
Fingerprint2C:0D:7D:6A:3E:34:22:B5:45:3F:28:75:49:6E:04:19:27:A1:B2:52
ValiditySun, 27 Apr 2025 04:16:22 GMT - Sat, 26 Jul 2025 05:16:12 GMT

File type
ASCII text
Size
22 B (22 bytes)
Hash
f6e2186486eb52f45ccbcd7b58e273e7
a1d561c86b8aa5a5747e6acf5950562a8e1012e9
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

HTTP Headers

GET /js/ads.js HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJJNVByT2tUck5UNXVmZjlzYnJGQlE9PSIsInZhbHVlIjoibDZvaitSYnA3a0hxZkpXR21mUWVjMWdpaXZJdmVPYjYvZEp0cXNIZ1ZzbjI3cGhLcFk3bEZ6Wk5nblAwMlJvdzFTY2NXdnRMOWthRitpSXlJV0YweTZlcG5rOTFacUMwWnl4bVkzK1NoVXl4WTlPdGxyV01pWFdFSkxzV1JlUXEiLCJtYWMiOiIwMGYxODJhYTBjMzM4NmRkYThlZjIxNTFhZmRkZmJiMmFiZTA1ZTMzYWM3NjgyZmNlOTVjNjYxODk3MDk3NDkxIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Im5JN1Fmb1BKT0p0VFUyemFVQzJyL2c9PSIsInZhbHVlIjoicjMrMG14eWN0bUdQMVgxY1l6dGJnWEtvWTNyMGFYbXR3Vk5sNFB3YmIzdTlUejdQSUw0VjFNekFNanhnNERuUy9GNDZpQ25QdVc4cCtvQmh3M2NvSnVXWDdZcmlIeHhDL2dKaGNXaERlNW5VVjNJVUxQaDhyK0xvV2lDQXAvOG8iLCJtYWMiOiI3OTg1ZjkxNTVmYTFjNTdkNjkwZTgyNWNlODMzYmM1ZTkxYWMxZWY3YWQ5MGNiYTBkNTBhNWI3ZTY5OGZhMGY4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 03 May 2025 19:03:13 GMT
content-type: application/javascript
content-length: 22
last-modified: Mon, 22 Jan 2024 08:59:40 GMT
etag: "16-60f850cd8071e"
cf-cache-status: HIT
age: 3257
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6mDAevhd7OgVYat8jp5s4rPC0fmCMiKeNePS%2BiGZ54%2FbMnD4TukgyQo%2BDA0Mlb5EbNJ%2Fzm08nkVnVHIO0MSotaye5CT2txwHwGkI8WrKnLk%2FtfA7EeuzqhRhQhrBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 93a204672b657123-TLL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16495&min_rtt=14002&rtt_var=7031&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4089&recv_bytes=2472&delivery_rate=45849&cwnd=12000&unsent_bytes=0&cid=b59909b8e6aa6b0b&ts=116&x=1", cfExtPri, cfHdrFlush;dur=0

grabify.link/js/jquery-2.5.2.min.js

172.67.68.246

200 OK

12 kB

URL GET
grabify.link/js/jquery-2.5.2.min.js
IP
172.67.68.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
Fingerprint2C:0D:7D:6A:3E:34:22:B5:45:3F:28:75:49:6E:04:19:27:A1:B2:52
ValiditySun, 27 Apr 2025 04:16:22 GMT - Sat, 26 Jul 2025 05:16:12 GMT

File type
JavaScript source, ASCII text, with very long lines (11936), with no line terminators
Size
12 kB (11936 bytes)
Hash
e1860a6ffe29186099ae6f20bc659745
fa60f1bc9579be4635f180670a05aa610ec44b07
d8c2ca02fcc066486105156dddf1aa9eafbb859370f9e994f0ffe42ff81fc528

HTTP Headers

GET /js/jquery-2.5.2.min.js HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJJNVByT2tUck5UNXVmZjlzYnJGQlE9PSIsInZhbHVlIjoibDZvaitSYnA3a0hxZkpXR21mUWVjMWdpaXZJdmVPYjYvZEp0cXNIZ1ZzbjI3cGhLcFk3bEZ6Wk5nblAwMlJvdzFTY2NXdnRMOWthRitpSXlJV0YweTZlcG5rOTFacUMwWnl4bVkzK1NoVXl4WTlPdGxyV01pWFdFSkxzV1JlUXEiLCJtYWMiOiIwMGYxODJhYTBjMzM4NmRkYThlZjIxNTFhZmRkZmJiMmFiZTA1ZTMzYWM3NjgyZmNlOTVjNjYxODk3MDk3NDkxIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Im5JN1Fmb1BKT0p0VFUyemFVQzJyL2c9PSIsInZhbHVlIjoicjMrMG14eWN0bUdQMVgxY1l6dGJnWEtvWTNyMGFYbXR3Vk5sNFB3YmIzdTlUejdQSUw0VjFNekFNanhnNERuUy9GNDZpQ25QdVc4cCtvQmh3M2NvSnVXWDdZcmlIeHhDL2dKaGNXaERlNW5VVjNJVUxQaDhyK0xvV2lDQXAvOG8iLCJtYWMiOiI3OTg1ZjkxNTVmYTFjNTdkNjkwZTgyNWNlODMzYmM1ZTkxYWMxZWY3YWQ5MGNiYTBkNTBhNWI3ZTY5OGZhMGY4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 03 May 2025 19:03:15 GMT
content-type: application/javascript
content-length: 4364
last-modified: Tue, 08 Apr 2025 20:27:36 GMT
etag: "2ea0-6324a2ef32243-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LsJEuq1kobr8zGn3LcCzpsUzJyVrUtfCr6knjiGfD%2BXHACsqYrLYOs10zTSPjF7Dh5sTnjpntLPl2zqrmvDMqk2Bvd12GSC7xS8PibnVh6OYYNHhibRgfHrkT2Wmnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93a20470fd257123-TLL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16410&min_rtt=13678&rtt_var=3382&sent=64&recv=17&lost=0&retrans=0&sent_bytes=60829&recv_bytes=4477&delivery_rate=32103&cwnd=34800&unsent_bytes=0&cid=b59909b8e6aa6b0b&ts=1946&x=1", cfExtPri, cfHdrFlush;dur=0

grabify.link/api/js

172.67.68.246

200 OK

16 B

URL POST
grabify.link/api/js
IP
172.67.68.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
Fingerprint2C:0D:7D:6A:3E:34:22:B5:45:3F:28:75:49:6E:04:19:27:A1:B2:52
ValiditySun, 27 Apr 2025 04:16:22 GMT - Sat, 26 Jul 2025 05:16:12 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
b36bd517e6bd757dea0fe824a0b11d31
7e86838ac0103a610de5fddb426c2f1ebeb01e42
25b030b2192bba7f61f1707c44f5cb875a6cd5bfb4867e548757392c30d693b3

HTTP Headers

POST /api/js HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
User-Agents: YnhoZFg1eXRkQ0NwUXhaN3Azak1rZld3VFAwczNidFpiZjgwdnpJQg==
X-CSRF-TOKEN: bxhdX5ytdCCpQxZ7p3jMkfWwTP0s3btZbf80vzIB
Content-Length: 3466
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJJNVByT2tUck5UNXVmZjlzYnJGQlE9PSIsInZhbHVlIjoibDZvaitSYnA3a0hxZkpXR21mUWVjMWdpaXZJdmVPYjYvZEp0cXNIZ1ZzbjI3cGhLcFk3bEZ6Wk5nblAwMlJvdzFTY2NXdnRMOWthRitpSXlJV0YweTZlcG5rOTFacUMwWnl4bVkzK1NoVXl4WTlPdGxyV01pWFdFSkxzV1JlUXEiLCJtYWMiOiIwMGYxODJhYTBjMzM4NmRkYThlZjIxNTFhZmRkZmJiMmFiZTA1ZTMzYWM3NjgyZmNlOTVjNjYxODk3MDk3NDkxIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Im5JN1Fmb1BKT0p0VFUyemFVQzJyL2c9PSIsInZhbHVlIjoicjMrMG14eWN0bUdQMVgxY1l6dGJnWEtvWTNyMGFYbXR3Vk5sNFB3YmIzdTlUejdQSUw0VjFNekFNanhnNERuUy9GNDZpQ25QdVc4cCtvQmh3M2NvSnVXWDdZcmlIeHhDL2dKaGNXaERlNW5VVjNJVUxQaDhyK0xvV2lDQXAvOG8iLCJtYWMiOiI3OTg1ZjkxNTVmYTFjNTdkNjkwZTgyNWNlODMzYmM1ZTkxYWMxZWY3YWQ5MGNiYTBkNTBhNWI3ZTY5OGZhMGY4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 03 May 2025 19:03:16 GMT
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 10
x-ratelimit-remaining: 7
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6ImtyVnpxOEtGMEszU1FaVXVlRUEraUE9PSIsInZhbHVlIjoiTHFUTTVlVGQ2SWloUUdhNmJzbC9hR20veVdKNGVLVVQ0UU9NenJ1Znh0RUswc204Z0JqTTZJb2tjeXBXTGlxYVZGSFdaVmZFTDk4NzYxSFkxSXVwNVZxYVBPaXozdnFqcVFFV3FRQ3hodFFqeFJTbVhqNC8wdnZpZmswYTkzbU4iLCJtYWMiOiJiYmUwZjRiMTI5ZjNmMzc3N2RjNDU4ODc0NTNlMmFkZjNhOTRlNjlhMTY4OGZhNWEyMmFmMmNmMWRjMTU0NjM2IiwidGFnIjoiIn0%3D; expires=Sun, 04 May 2025 00:03:16 GMT; Max-Age=18000; path=/; secure
g_session=eyJpdiI6ImdBZjZKYWJha2xoWTNoSktpT080RVE9PSIsInZhbHVlIjoiSHdXS2tTb2w2QnhkSnhqOEdiZzAzdlZHNjJnV216ekNaT2JlQjFHUFAwMDh3bkYvVXp5cVI0SkZaUVNpSHoremZWRkpOYWZLSk5RVnRqTlZTQUVDR1ltTGRVV0VtQVJKcUo2YmQ1UEdNWC9EY1ZKRWdqQ3NGUG9IU3dLSUQxblMiLCJtYWMiOiIxNWI5Y2ZkOTViNjVmNDkwYzVhYWY5ODU4MzUwMTRjOWY0ODNjMTUxOGE1ODY0MGVmODkxMGJhZmMwZTNkN2ZlIiwidGFnIjoiIn0%3D; expires=Sun, 04 May 2025 00:03:16 GMT; Max-Age=18000; path=/; secure; httponly
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DfMHGjLyAyhytdVuEWJuaJbulURbaRI1nSgd0F87FZXnOTT7kw8BbSwPOdQuT6uE7zLG0dYmhsvKYUGSV%2FRdGINGdc0QVI6IdO6B85l8u9jxAnD8VULQ7BWOcBlCcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93a204783c867123-TLL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15603&min_rtt=13678&rtt_var=2633&sent=78&recv=26&lost=0&retrans=0&sent_bytes=72007&recv_bytes=11383&delivery_rate=3835&cwnd=34800&unsent_bytes=0&cid=b59909b8e6aa6b0b&ts=3164&x=1", cfExtPri, cfHdrFlush;dur=0

youareanidiot.cc/images/warning.avif

104.21.95.69

200 OK

17 kB

URL GET
youareanidiot.cc/images/warning.avif
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
ISO Media, AVIF Image
Size
17 kB (16623 bytes)
Hash
5b393c0c819d56e5b5f71e2d018325fe
2924564bc2e52218725b0da0cb42eaee1e9cc9c7
37e3622dec56b44d0124f2c93387f5652526b0ef25dcba54a7359a989d7f25f2

HTTP Headers

GET /images/warning.avif HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:17 GMT
content-type: image/avif
content-length: 16623
server: cloudflare
last-modified: Wed, 16 Oct 2024 17:58:04 GMT
etag: "670ffeac-40ef"
accept-ranges: bytes
age: 4710
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 93a2047cff95ad9f-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

20 kB

URL GET
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintEA:C7:0D:68:3A:45:CB:AD:C5:33:41:B6:DF:F1:60:64:E1:0F:52:6A
ValiditySun, 27 Apr 2025 18:18:02 GMT - Sat, 26 Jul 2025 19:17:55 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://youareanidiot.cc
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:17 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 93a2047d18941c16-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe

104.26.8.202

301 Moved Permanently

4.5 kB

URL User Request GET
grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe
IP
104.26.8.202:80
ASN
#13335 CLOUDFLARENET

File type

Size
4.5 kB (4513 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	high	ET HUNTING SUSPICIOUS Firesale gTLD EXE DL with no Referer June 13 2016
suricata	low	ETPRO INFO HTTP Request to a *.link domain

HTTP Headers

GET /film.php?http://youareanidiot.cc/=XDFCAV.exe HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 03 May 2025 19:03:12 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 03 May 2025 20:03:12 GMT
Location: https://grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8EAeiDiEc5fdqIAeNx%2BOEcXR9Ca3Vi%2Bpf5B2zk%2FrSIamimH7aqR3Ierow3N%2F7rLecUMh6Hy8nVm%2FUF501lyuH4YKAPxTKEidw66MJdAyjmJ447KxdKzcJR6VBTJ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 93a20460095fb4f9-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=491&min_rtt=491&rtt_var=245&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=441&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

20 kB

URL GET
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintEA:C7:0D:68:3A:45:CB:AD:C5:33:41:B6:DF:F1:60:64:E1:0F:52:6A
ValiditySun, 27 Apr 2025 18:18:02 GMT - Sat, 26 Jul 2025 19:17:55 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:13 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 93a204674c6556b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

youareanidiot.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.21.95.69

200 OK

1.2 kB

URL GET
youareanidiot.cc/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
JavaScript source, ASCII text, with very long lines (1238)
Size
1.2 kB (1239 bytes)
Hash
9e8f56e8e1806253ba01a95cfc3d392c
a8af90d7482e1e99d03de6bf88fed2315c5dd728
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:17 GMT
content-type: application/javascript
expires: Sat, 03 May 2025 19:51:17 GMT
cache-control: public
vary: accept-encoding
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
cf-ray: 93a2047cff96ad9f-AMS
X-Firefox-Spdy: h2

youareanidiot.cc/scripts/cleanup.js

104.21.95.69

200 OK

152 B

URL GET
youareanidiot.cc/scripts/cleanup.js
IP
104.21.95.69:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youareanidiot.cc/
Certificate
IssuerGoogle Trust Services
Subjectyouareanidiot.cc
FingerprintE6:0F:B1:DE:03:40:AA:0E:91:08:C3:FB:2C:DD:6C:5C:9E:82:6C:1E
ValiditySun, 16 Mar 2025 04:35:42 GMT - Sat, 14 Jun 2025 05:31:49 GMT

File type
ASCII text
Size
152 B (152 bytes)
Hash
38da406b9fba351e6b9f8748d2a9a0dc
bdf8569886c8ffb6c019bc00387f57348181fee8
8bc383fac73816e61e0c6a0d827e20a4899c9ab7d0f6b03025a93171b6e70602

HTTP Headers

GET /scripts/cleanup.js HTTP/1.1
Host: youareanidiot.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youareanidiot.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 03 May 2025 19:03:17 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 16 Oct 2024 17:58:04 GMT
vary: Accept-Encoding
etag: W/"670ffeac-98"
cache-control: public, max-age=31536000, no-transform, immutable
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: HIT
age: 2588866
cf-ray: 93a2047cff9dad9f-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xtube.chat/film.php?https://youareanidiot.cc/=XDFCAV.exe

52.173.151.229

302 Found

0 B

URL User Request GET
xtube.chat/film.php?https://youareanidiot.cc/=XDFCAV.exe
IP
52.173.151.229:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerDigiCert, Inc.
Subjectxtube.chat
Fingerprint6F:E0:16:24:5F:D2:CB:85:1D:E1:ED:ED:F0:9E:FA:B0:12:5C:3F:34
ValidityFri, 10 Jan 2025 00:00:00 GMT - Thu, 10 Jul 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /film.php?https://youareanidiot.cc/=XDFCAV.exe HTTP/1.1
Host: xtube.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sat, 03 May 2025 19:03:09 GMT
Server: Apache
Location: https://grabify.world/film.php?https://youareanidiot.cc/=XDFCAV.exe
Status: 301 Moved Permanently
cf-cache-status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 56137e603e72eeba

grabify.link/cdn-cgi/rum?

172.67.68.246

204 No Content

0 B

URL POST
grabify.link/cdn-cgi/rum?
IP
172.67.68.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
Fingerprint2C:0D:7D:6A:3E:34:22:B5:45:3F:28:75:49:6E:04:19:27:A1:B2:52
ValiditySun, 27 Apr 2025 04:16:22 GMT - Sat, 26 Jul 2025 05:16:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1369
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJJNVByT2tUck5UNXVmZjlzYnJGQlE9PSIsInZhbHVlIjoibDZvaitSYnA3a0hxZkpXR21mUWVjMWdpaXZJdmVPYjYvZEp0cXNIZ1ZzbjI3cGhLcFk3bEZ6Wk5nblAwMlJvdzFTY2NXdnRMOWthRitpSXlJV0YweTZlcG5rOTFacUMwWnl4bVkzK1NoVXl4WTlPdGxyV01pWFdFSkxzV1JlUXEiLCJtYWMiOiIwMGYxODJhYTBjMzM4NmRkYThlZjIxNTFhZmRkZmJiMmFiZTA1ZTMzYWM3NjgyZmNlOTVjNjYxODk3MDk3NDkxIiwidGFnIjoiIn0%3D; g_session=eyJpdiI6Im5JN1Fmb1BKT0p0VFUyemFVQzJyL2c9PSIsInZhbHVlIjoicjMrMG14eWN0bUdQMVgxY1l6dGJnWEtvWTNyMGFYbXR3Vk5sNFB3YmIzdTlUejdQSUw0VjFNekFNanhnNERuUy9GNDZpQ25QdVc4cCtvQmh3M2NvSnVXWDdZcmlIeHhDL2dKaGNXaERlNW5VVjNJVUxQaDhyK0xvV2lDQXAvOG8iLCJtYWMiOiI3OTg1ZjkxNTVmYTFjNTdkNjkwZTgyNWNlODMzYmM1ZTkxYWMxZWY3YWQ5MGNiYTBkNTBhNWI3ZTY5OGZhMGY4IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Sat, 03 May 2025 19:03:16 GMT
access-control-allow-origin: https://grabify.link
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 93a20476eaf77123-TLL
x-frame-options: DENY
x-content-type-options: nosniff

grabify.link/cdn-cgi/rum?

172.67.68.246

204 No Content

0 B

URL POST
grabify.link/cdn-cgi/rum?
IP
172.67.68.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grabify.link/film.php?http://youareanidiot.cc/=XDFCAV.exe
Certificate
IssuerGoogle Trust Services
Subjectgrabify.link
Fingerprint2C:0D:7D:6A:3E:34:22:B5:45:3F:28:75:49:6E:04:19:27:A1:B2:52
ValiditySun, 27 Apr 2025 04:16:22 GMT - Sat, 26 Jul 2025 05:16:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: grabify.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 827
Origin: https://grabify.link
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImtyVnpxOEtGMEszU1FaVXVlRUEraUE9PSIsInZhbHVlIjoiTHFUTTVlVGQ2SWloUUdhNmJzbC9hR20veVdKNGVLVVQ0UU9NenJ1Znh0RUswc204Z0JqTTZJb2tjeXBXTGlxYVZGSFdaVmZFTDk4NzYxSFkxSXVwNVZxYVBPaXozdnFqcVFFV3FRQ3hodFFqeFJTbVhqNC8wdnZpZmswYTkzbU4iLCJtYWMiOiJiYmUwZjRiMTI5ZjNmMzc3N2RjNDU4ODc0NTNlMmFkZjNhOTRlNjlhMTY4OGZhNWEyMmFmMmNmMWRjMTU0NjM2IiwidGFnIjoiIn0%3D; g_session=eyJpdiI6ImdBZjZKYWJha2xoWTNoSktpT080RVE9PSIsInZhbHVlIjoiSHdXS2tTb2w2QnhkSnhqOEdiZzAzdlZHNjJnV216ekNaT2JlQjFHUFAwMDh3bkYvVXp5cVI0SkZaUVNpSHoremZWRkpOYWZLSk5RVnRqTlZTQUVDR1ltTGRVV0VtQVJKcUo2YmQ1UEdNWC9EY1ZKRWdqQ3NGUG9IU3dLSUQxblMiLCJtYWMiOiIxNWI5Y2ZkOTViNjVmNDkwYzVhYWY5ODU4MzUwMTRjOWY0ODNjMTUxOGE1ODY0MGVmODkxMGJhZmMwZTNkN2ZlIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/3 204 No Content
date: Sat, 03 May 2025 19:03:17 GMT
access-control-allow-origin: https://grabify.link
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 93a2047c08cf7123-TLL
x-frame-options: DENY
x-content-type-options: nosniff

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML