Report - 2un1que.xyz/

Report Overview

Visited public
2023-11-28 13:19:09
Tags
URL
2un1que.xyz/
Finishing URL
2un1que.xyz/
IP / ASN
104.21.76.232
#13335 CLOUDFLARENET
Title
Tesla X

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
2un1que.xyz	unknown	2023-07-25	2023-08-03 18:18:49	2023-11-14 03:51:32	15 kB	3.9 MB	172.67.202.18
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2023-11-28 08:26:21	1.2 kB	1.0 MB	104.16.124.175
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-28 07:52:06	938 B	86 kB	142.250.74.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-11-28 05:09:25	469 B	1.6 kB	104.17.24.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-11-28 05:09:10	462 B	54 kB	151.101.1.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed
2023-11-28	medium	2un1que.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	2un1que.xyz/	ScriptElement	408 B	2023-03-12	2024-08-21
Pretty URL 2un1que.xyz/ IP 172.67.202.18 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:42 Last Seen2024-08-21 07:26 Times Seen73 Hash cd149e3f43fbc84b774925a2c658ebe9 9d45e4c90a5b8812ca86d666017f497ee3f8f804 b019fee1722c3697e4f6fb763cc8751d0db8adbc617f8d79dc5952dde4d7435f Loading...

	2un1que.xyz/	ScriptElement	611 B	2023-10-19	2024-08-21
Pretty URL 2un1que.xyz/ IP 172.67.202.18 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-10-19 07:58 Last Seen2024-08-21 04:08 Times Seen17 Hash 8332e0675bf8b74122cc7f9467781f21 1270a5dcdd0fa6b328247fb776c2543e9fb4af16 247fece8d064e43b508221c56f495e770d02085d00b56a088feaeffb4eaba5cd Loading...

	2un1que.xyz/	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL 2un1que.xyz/ IP 172.67.202.18 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:35 Last Seen2024-08-20 17:35 Times Seen1 Hash bd581cbae7c56910e317a609c251d4f1 ff1e7001400c286b159e1805fe094c579ad50422 4cfca6ed82a4605e593a33754ef900ccb76b7580c8bc9c9bcfd1a83ab176229c Loading...

	2un1que.xyz/geo.js	ScriptElement	418 B	2023-11-27	2023-12-07
Pretty URL 2un1que.xyz/geo.js IP 172.67.202.18 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-27 23:53 Last Seen2023-12-07 22:08 Times Seen29 Hash b6c8c214ffd24d4cc9f0442b813c767f 8c01ddfb1bad01b0e8a24f68a0e071a1c719f12a 08d5e0e1ff78c5d92a2b3f58e519ebf149fe4eb1d5de74c427538f98b759dd65 Loading...

	2un1que.xyz/js/psl.min.js	ScriptElement	128 kB	2023-03-07	2024-12-08
Pretty URL 2un1que.xyz/js/psl.min.js IP 172.67.202.18 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:55 Last Seen2024-12-08 09:09 Times Seen33 Hash a4d87fd2000b23f203bdea9a705cc40c f7912d3397db9bcb5c3b36acaaaed1f024318fcb a8796612f4cc8ea76489e6fcafeff6a48050b5e83ea83039daf0e311a6c6e3ec Loading...

	unknown	ScriptElement	247 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:35 Last Seen2024-08-20 17:35 Times Seen1 Hash 49a4f35a89efefd824574cd050ef3e5b 05244b76f22b9f83f34904dad757f36d1c8ef33d f1374e8a04eb625556d1e29cb1a7ce9e0df0922448474ad1b842ee670b58deed Loading...

	2un1que.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	7.3 kB	2023-11-28	2023-11-28
Pretty URL 2un1que.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 172.67.202.18 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 14:19 Last Seen2023-11-28 14:19 Times Seen1 Hash 864aa28a1f8531512f8a5b3c32befe80 fd560c7223c6fbc10292f067b8a989854f08c07c 672faf5460a6df8a576f636aa274639c7ab2cb6dffbefc4eddff6b165c0d2ae2 Loading...

	unknown	ScriptElement	571 B	2023-11-28	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 14:19 Last Seen2024-08-20 17:35 Times Seen3 Hash 5328b52dccdc24bdb1ab2acdfcaf567b 14f1aad61b3151511abc4f039299156cbf4dc1fe 2ffcc9f9ddb09f789eb252b53c709d70063fee3afef3ce963cdd68ad32dad1b7 Loading...

	unpkg.com/vue@2	ScriptElement	434 kB	2023-10-24	2024-08-21
Pretty URL unpkg.com/vue@2 IP 104.16.124.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 08:52 Last Seen2024-08-21 03:38 Times Seen104 Hash 4bc3b2e9a48d45baf37d7a9f25613866 0b91500553414f2a5193033624a2eeed8f3e7ffb 7839e05340b0af281eca6dd53d7a7ac0cd3205b9d2f12b180ee45b89567ebef4 Loading...

	2un1que.xyz/regform/reg-form.min.js	ScriptElement	622 kB	2023-11-24	2024-08-20
Pretty URL 2un1que.xyz/regform/reg-form.min.js IP 172.67.202.18 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-24 05:11 Last Seen2024-08-20 18:05 Times Seen7 Hash 7672165b87e342c9b98c78ee1f0a09b2 2a086f318602e2abb32f36ee2b62cc85697515cd 66e9f35cbca4aea4a6b8dde4c9e4a4f94cc19f31adfa4782d278864bf2423ff3 Loading...

HTTP Transactions (39)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/modern-normalize/1.1.0/modern-normalize.min.css

104.17.24.14

200 OK

591 B

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/modern-normalize/1.1.0/modern-normalize.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1402), with no line terminators
Size
591 B (591 bytes)
Hash
27778638e54c95918c7696ef88661ddf
8952eeeefa592870da2c1dc352c34fc6c5bbcafd
4af061be8a46b0a8a8e8c5a67d57facfda8eab9812d6428a9eacf01ee59836da

HTTP Headers

GET /ajax/libs/modern-normalize/1.1.0/modern-normalize.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://2un1que.xyz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 13:18:51 GMT
content-type: text/css; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60c32d4d-24f"
last-modified: Fri, 11 Jun 2021 09:30:53 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 458947
expires: Sun, 17 Nov 2024 13:18:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8xKyz%2Fn5l9%2FUD%2BOvHAiP8a7qntWps5lCghMzJThLEI6V%2FIt5fASmgThhOwYkQ%2FBg6H0%2FU9Ewd%2FucW0jH%2FWcurqI4kcML%2BZayr10OlvD2vBdNfbftNvLVXRkWCiDwqzYNutjKZoA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d2e635ce7bb523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@mdi/font@6.x/css/materialdesignicons.min.css

151.101.1.229

200 OK

53 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@mdi/font@6.x/css/materialdesignicons.min.css
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://2un1que.xyz/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
53 kB (52730 bytes)
Hash
dc663f2307f9ab02cf06ab357efa7845
d43eb079acc592caee325ab01694641459c82853
29e461b3a66dfb905a602e4c0ea68a1e541100deee2cb8f385f15607f162f914

HTTP Headers

GET /npm/@mdi/font@6.x/css/materialdesignicons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 6.9.96
x-jsd-version-type: version
etag: W/"4f282-1D6weazFksruMlqwFpRkFFnIKFM"
content-encoding: br
accept-ranges: bytes
date: Tue, 28 Nov 2023 13:18:51 GMT
age: 3023
x-served-by: cache-fra-etou8220087-FRA, cache-bma1637-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 52730
X-Firefox-Spdy: h2

2un1que.xyz/images/romania.webp

172.67.202.18

200 OK

400 B

URL GET HTTP/3
2un1que.xyz/images/romania.webp
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
400 B (400 bytes)
Hash
8e25d63c4df3dde833069df2b69dcd1d
e79b38e7d1c0ffffc300b1db45b80855d92bfe51
cb8aaaf385cc39887832cd2294c655cbeb75bb624e787903df8cb05d11321e31

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/romania.webp HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: image/webp
content-length: 400
etag: "8e25d63c4df3dde833069df2b69dcd1d"
last-modified: Sun, 20 Aug 2023 08:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAiEV0ufHNMQr6eMCyVyXCwurt47lpF3tBPeTsWqCQerDX9NMwer3oeJ7voG7v0wHMD7udtl8QOMP9I6i7nlNEXxfddo4R6uzfmsVOlWz4mKWBh%2BUuv2w9ppNr40Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e635aae156c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/images/india.webp

172.67.202.18

200 OK

716 B

URL GET HTTP/3
2un1que.xyz/images/india.webp
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
716 B (716 bytes)
Hash
faabef75210aa9ce85cc37283c6ae949
89111d51234164467eaf6f8a0a1abb94bcbda924
f6157311766f7bf14c9fd94eeee62a9c139d451646759f8753978c0e1bfeab5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/india.webp HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: image/webp
content-length: 716
etag: "faabef75210aa9ce85cc37283c6ae949"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYTZDDCD1tVPuqdctK9ipIIZxAb5UKgG5zObl2s12Le5vlJtK%2FC%2FOZ6%2FE0%2BeiRic3ENDR8gCkv7ko6v0NROpgz%2B44kPWWXpyM1mDkdqPWuRxoIFpmmP4R177%2FEPrJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e6359ade56c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/images/ukraine.webp

172.67.202.18

200 OK

364 B

URL GET HTTP/3
2un1que.xyz/images/ukraine.webp
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
364 B (364 bytes)
Hash
23aa722cc9f33aa69c73b7e791afaa92
3f4c568908a123d542644205e713ccba720f5f4d
834b7718a375061cfea3a0433edc1a1d7b7c94c834a2ab20d592c6e86af4f02c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/ukraine.webp HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: image/webp
content-length: 364
etag: "23aa722cc9f33aa69c73b7e791afaa92"
last-modified: Sun, 20 Aug 2023 08:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBsmqH7mUT1FfWFxOwqwWZbnih6x1%2BzW4%2B1ESccDZNi0JY8jNatchl%2Fdb3m4VxKkX7th6l9p9x7eaEO9bOnaeLsIWOCUIQlTYuKuQHy6EF7W9AB6PMkPE2Z5NNlFOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e6359ae056c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/images/header-bcg.webp

172.67.202.18

200 OK

64 kB

URL GET HTTP/3
2un1que.xyz/images/header-bcg.webp
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1440x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
64 kB (64526 bytes)
Hash
6c9fd6927039b933756c07d30d50ac25
46e858832a95e00d68a560895f4ce22f03373550
f87bb3ad08949f76a3f3d3af4bde48c140d0d3c4f3e73db4a24e514cde79eee6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/header-bcg.webp HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: image/webp
content-length: 64526
etag: "6c9fd6927039b933756c07d30d50ac25"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtrX1g7y2BfttD9V8huJgiXr3qTaD8HOdUY3D7b8BgiubMzrSVJf%2BAKagTwM06tAcO%2FZQZKo9CKwp8I5%2FeJTzY8HFH7xw3jnWGUvl%2BLEOy7vK%2F0ZatXyC6yRlhu7Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e639d8b456c3-OSL
alt-svc: h3=":443"; ma=86400

unpkg.com/vue@2.7.15/dist/vue.js

104.16.124.175

200 OK

138 kB

URL GET HTTP/2
unpkg.com/vue@2.7.15/dist/vue.js
IP
104.16.124.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
138 kB (138151 bytes)
Hash
4bc3b2e9a48d45baf37d7a9f25613866
0b91500553414f2a5193033624a2eeed8f3e7ffb
7839e05340b0af281eca6dd53d7a7ac0cd3205b9d2f12b180ee45b89567ebef4

HTTP Headers

GET /vue@2.7.15/dist/vue.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2un1que.xyz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"69f9b-C5FQBVNBTypRkwM2JKLu7Y8+f/s"
via: 1.1 fly.io
fly-request-id: 01HG9ZEBRNR684GQAF4TRVQ4RR-arn
cf-cache-status: HIT
age: 35516
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d2e6374d860b06-OSL
content-encoding: br
X-Firefox-Spdy: h2

2un1que.xyz/fonts/Gotham-Medium.woff2

172.67.202.18

200 OK

32 kB

URL GET HTTP/3
2un1que.xyz/fonts/Gotham-Medium.woff2
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32312, version 1.0\012- data
Size
32 kB (32312 bytes)
Hash
dbd93dcd9f0aa3e74ccc7e698b653afa
b20c14d97f84aefbd9441ad4c58ecd120c9e3eb4
3aab0e44901361c2b9b1933542202e803e1a56cca8a6177d52d1ce889c856a06

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/Gotham-Medium.woff2 HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/css/style.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: font/woff2
content-length: 32312
etag: "dbd93dcd9f0aa3e74ccc7e698b653afa"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpRJZLDGYoLPvE9ygNFCwXxb5%2Ffbqgp9axpYXpTc%2FaBir0C%2FCfOTK2Cno5mpmih4H%2BBQ2lha276CsNejNWaSaeoBYiX9AGUL9HDipDjpBORMID6L9lJB68JAL8EP7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e63a498156c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7W0Q5n-wU.woff2

172.67.202.18

200 OK

57 kB

URL GET HTTP/3
2un1que.xyz/fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7W0Q5n-wU.woff2
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 57244, version 1.0\012- data
Size
57 kB (57244 bytes)
Hash
2c1fc211bf5cca7ae7e7396dc9e4c824
d0f1d6cce8e6ae12b7a74342094686f23e9ef846
eaeb14a925874adf149217dd904bb7eeadc1eb62087fe3c839227ca0cf06adc7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7W0Q5n-wU.woff2 HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/css/css2.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: font/woff2
content-length: 57244
etag: "2c1fc211bf5cca7ae7e7396dc9e4c824"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oviV1AmTU%2BcPatdayMCjIMAkOXruryZ5bS3DDCBo1FUsbBxVUodIMSUjasGuASBCom5UrSeRnnXlnskR2aD11yTH2AsQzHGmUk6zcXWtoW5RWg%2BvGBHdo2GRO37Kmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e63a69b656c3-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap

142.250.74.106

200 OK

72 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://2un1que.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
72 kB (71517 bytes)
Hash
55b4f3a6c262787331b1080e4ddb68d0
1067cf226b20b31d845fb4805056c9e5245e433e
c8799a69e96360f6446a91fe408d5601eae558588b90ce95b2aa48ae6654f9a2

HTTP Headers

GET /css2?family=Inter:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 13:18:52 GMT
date: Tue, 28 Nov 2023 13:18:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

2un1que.xyz/fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7W0Q5n-wU.woff2

172.67.202.18

200 OK

57 kB

URL GET HTTP/3
2un1que.xyz/fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7W0Q5n-wU.woff2
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 57244, version 1.0\012- data
Size
57 kB (57244 bytes)
Hash
2c1fc211bf5cca7ae7e7396dc9e4c824
d0f1d6cce8e6ae12b7a74342094686f23e9ef846
eaeb14a925874adf149217dd904bb7eeadc1eb62087fe3c839227ca0cf06adc7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7W0Q5n-wU.woff2 HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/css/css2.css
Cookie: tr_uuid=e0f0ce81-2ed6-4e4d-b392-8a3e68be6f38
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: font/woff2
content-length: 57244
etag: "2c1fc211bf5cca7ae7e7396dc9e4c824"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVQjvLp6ruPrtsWuFMwarKcmLuXm03gWHUPwq7qNx%2BBMfrYIuJfeCXKtyx6w3JWe0fSt814ap%2BafZLeD7XjdsnQCDQVUec%2FR6HuKQ0SqAelH6%2FNq1KLmd0ngZNqPFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e63c4c1056c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/css/style.min.css

172.67.202.18

200 OK

61 kB

URL GET HTTP/3
2un1que.xyz/css/style.min.css
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
assembler source, Unicode text, UTF-8 (with BOM) text
Size
61 kB (61074 bytes)
Hash
9b460a69e7f6f1c71a8e248667b98d75
2b86c73ab4751a3868e1c7a9a41de57e723d7a29
7401ce8eab859d528e2f434683b2a92e8012f93052816ee5fd535b8844e52ae7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/style.min.css HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: text/css; charset=utf-8
etag: W/"9b460a69e7f6f1c71a8e248667b98d75"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V3FaXpmj74zer5RNPU%2Ffr%2FS65AlTlNFhInD6whA4qklGndhmpYp6Kh7ha0oiYmfOusiYp07CQw3%2BxqrtJyhLs40cfx3I3%2B%2BaVab8gyBOIvoPBDShMUdxk4OIBk3qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e6358ad156c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

172.67.202.18

200 OK

38 kB

URL GET HTTP/3
2un1que.xyz/fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 37780, version 1.0\012- data
Size
38 kB (37780 bytes)
Hash
e1b9f0ecaaebb12c93064cd3c406f82b
f0e872352fc5af11960d0eb4fd6ed09e9e98f4ab
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/css/css2.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:53 GMT
content-type: font/woff2
content-length: 37780
etag: "e1b9f0ecaaebb12c93064cd3c406f82b"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TX2U3iZQzp0ybKJ35tPB5KFuLT17fPzkM2oh9ismvjKRshKiJF46YcADGuyCxyueImOGVuEgXdQi34ZmR916GPeN0bzQ7i5zvakXyjEgb6Dn%2BaR5sSMwyMj2VfctZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e63a69b356c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/images/phone-bcg.webp

172.67.202.18

200 OK

146 kB

URL GET HTTP/3
2un1que.xyz/images/phone-bcg.webp
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
146 kB (145500 bytes)
Hash
297c90759accc28b175d50c122a65aa9
a466a2b9b9c1235b91e1c8d39ff250488b61d404
204de636267e938ccf3ca022793e7a037a797e3abb8f29090f9a4702f9841b1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/phone-bcg.webp HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:53 GMT
content-type: image/webp
content-length: 145500
etag: "297c90759accc28b175d50c122a65aa9"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ol9p%2F7vDGBPBxyAKLPjOuxqSLYrHZBosJLIQ2ug9RAs9wUGpjYK8Wu1y%2By7lrx4rh6O9F4hUyH4fwM8oZcrLuSqTkf%2F4HkQEX8eVgANC66IstyclBDtTLqFNLgPdRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e639e8c956c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

172.67.202.18

200 OK

38 kB

URL GET HTTP/3
2un1que.xyz/fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 37780, version 1.0\012- data
Size
38 kB (37780 bytes)
Hash
e1b9f0ecaaebb12c93064cd3c406f82b
f0e872352fc5af11960d0eb4fd6ed09e9e98f4ab
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/css/css2.css
Cookie: tr_uuid=e0f0ce81-2ed6-4e4d-b392-8a3e68be6f38
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:53 GMT
content-type: font/woff2
content-length: 37780
etag: "e1b9f0ecaaebb12c93064cd3c406f82b"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pr%2Foyd3SYf6La6DUwjvuSqXl3BYnKecPgtS4g2RIi%2F8M3fcN3gv%2BlmJjLeCrvn5QMXmWn0r%2BkOXoa%2F8ngjbvx%2FBpTwTbwYhKUOMawT%2FdKcpB9KNsOgPCAxgmiY8jPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e63c4c0e56c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/pixel.js

172.67.202.18

200 OK

571 B

URL GET HTTP/3
2un1que.xyz/pixel.js
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
exported SGML document, ASCII text, with very long lines (585), with no line terminators
Size
571 B (571 bytes)
Hash
a173d8b1eb5a1f6c732335fc98b849d0
f0315264f2fb8579d79ae7f64bb417651968803d
ec6ad7b830886a961a16b7c5b54e784e2f6e69167a3eacfddb5e0c936130c9f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel.js HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: text/plain; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYj6YmcdZPpOXq4nAe5MNqDTk5Fi166I9KPrWPc3IVJPgwyfcQR6794wDO6Gr8Tk3Oz5kABuuTwnJjQDvk7ahuNiNw405yNlnXhVkVSfbdmFyWifFW11qYWIj%2BK2yg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e6390f5556c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/images/action-bcg.webp

172.67.202.18

200 OK

55 kB

URL GET HTTP/3
2un1que.xyz/images/action-bcg.webp
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1440x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
55 kB (55436 bytes)
Hash
0535f11aa8188a20a69589b202662efc
b5f4f1801ff5dc8983419914a0a2791c29a5d616
b19794e39e32323d4e8863ee6b776d36da648bfeb44a29b93c4eb7291b586b4b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/action-bcg.webp HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:53 GMT
content-type: image/webp
content-length: 55436
etag: "0535f11aa8188a20a69589b202662efc"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCN09%2Fe1qC5W0vErJMlWsYwXgGy%2Fw%2BCXvWhaEavK8ODODa%2F1XfJjZ4%2BElxAzxHH4YhvLRSOOBC07xSFhzcWFmFz9%2F8dcylchR49Aqkr7TQCvxbe6JDmCgujO%2FMNblQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e639e8d056c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/

172.67.202.18

200 OK

231 kB

URL User Request GET HTTP/2
2un1que.xyz/
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type

Size
231 kB (230739 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 13:18:51 GMT
content-type: text/html; charset=utf-8
last-modified: Sun, 20 Aug 2023 08:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxPiuEGS9Ype4LugvQRv0bz22qICL3%2FfQpwwzmFjqEIbRkhOy4FiCEnxDUd2yZN7dyqRlb4%2F4j0ll11aRuZFmn%2Bt%2FIyRgM7KMTAxls0ZcDzQ8qoqX42r5W8F9o9rqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e62fdde3b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

2un1que.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.202.18

302 Found

7.3 kB

URL GET HTTP/3
2un1que.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type

Size
7.3 kB (7348 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: tr_uuid=e0f0ce81-2ed6-4e4d-b392-8a3e68be6f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Tue, 28 Nov 2023 13:18:53 GMT
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
vary: accept-encoding
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEycSBDUX3c%2F%2FoJYTO%2FMkaU0VcFWhPSIeTv27YX92BQne7BiikdNVBErP16GKE8bRGBqcCEitePVA6wr0cJUC3eHhypA7bHtPP7gzNVqHJZdHJp7rBVgsQ8D5ZzcZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e63d6d5156c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/css/css2.css

172.67.202.18

200 OK

4.4 kB

URL GET HTTP/3
2un1que.xyz/css/css2.css
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
ASCII text, with very long lines (4528), with no line terminators
Size
4.4 kB (4374 bytes)
Hash
c0f10b7100001726b1adf9e83c291736
734c63c8255871d49e4f48048b4b128e2e0ffa46
1f5204166babe62d609224ffa6ddf14c19f88bba4155f9b291229f5e221a9c8b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/css2.css HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: text/css; charset=utf-8
etag: W/"1f4cf748ea79e0de6bfe2bb3c0bdbf6f"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7h8r54pPlx6IM8s6VUxjxnBbraR3B38tUFA92IDaYbc23nEe0UjzVxTvu82X77H9bKiAcWSfel4ZdCLrQ6LsgDr11Kp%2Bqa5wksofkPTpYhd7jIRv4I8%2FTXZM7WJ4mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e6358acf56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/intlTelInput.min.css

172.67.202.18

404 Not Found

139 B

URL GET HTTP/3
2un1que.xyz/intlTelInput.min.css
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
a713c546d7f0516fbe7bec8ea4a60d68
de1a5593e271f8107ff5a2164ebb8214fa8cba62
4c481102f90662039a10678f93f2eec6610a3e5cf4c44b0c12ab33f17a0f9a2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /intlTelInput.min.css HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxSo2Sp0SDmMVq3PhZgRO17L4FiGw5lwPIbqFNPsQxqt5xGfTT1t4FkdXRP%2B70P3pAA2qmKKO2sEU1pqGQs4iEGCKennO3107YJgiYsLwMkb4pzSdO1%2Bq%2F1XmJz%2FCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d2e635aae556c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/intlTelInput.min.css

172.67.202.18

404 Not Found

139 B

URL GET HTTP/3
2un1que.xyz/intlTelInput.min.css
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
a713c546d7f0516fbe7bec8ea4a60d68
de1a5593e271f8107ff5a2164ebb8214fa8cba62
4c481102f90662039a10678f93f2eec6610a3e5cf4c44b0c12ab33f17a0f9a2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /intlTelInput.min.css HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heL75jUTTd9ujwzILQ%2FAQvL2q2LYLu0kebYsQ1FJLMiLupf41Pb1k4k7XvoNoQfU%2BqgzdnQPnj6LRMyaJleeQi2LS%2BDh1ypFhEgTsdGDMIlR2r6olN4YyIvCjKDmVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d2e63a092d56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/fonts/Gotham-Book.woff2

172.67.202.18

200 OK

32 kB

URL GET HTTP/3
2un1que.xyz/fonts/Gotham-Book.woff2
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32284, version 1.0\012- data
Size
32 kB (32284 bytes)
Hash
0e2700e8385f5168dea51cef4c845397
444970e7d62f8e903eb2f3af35b99034297cf2b8
6cfb95f43f56a12f133ef9045eaf536509f0978017480a848cd1f8766a04b5fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/Gotham-Book.woff2 HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/css/style.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: font/woff2
content-length: 32284
etag: "0e2700e8385f5168dea51cef4c845397"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VhQDGtr7GuRi4%2BcSRHhJTq%2BBE3YhrP2FI2ocnBmSRdpz9YuJXmv9Vm%2FYR6fs5ieEAHXTyqEYMa1LqwF0AihDZMSc00jLg9ktD3frocNfvbz8HVBZ8jOck2UI4jPog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e63a497b56c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/favicon.ico

172.67.202.18

404 Not Found

139 B

URL GET HTTP/3
2un1que.xyz/favicon.ico
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
139 B (139 bytes)
Hash
a713c546d7f0516fbe7bec8ea4a60d68
de1a5593e271f8107ff5a2164ebb8214fa8cba62
4c481102f90662039a10678f93f2eec6610a3e5cf4c44b0c12ab33f17a0f9a2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Cookie: tr_uuid=e0f0ce81-2ed6-4e4d-b392-8a3e68be6f38; cf_clearance=AJeEmaiHZt.oyI17WX2wFNEb.UVRCH7NXXXxSfAkgHU-1701177533-0-1-730ca2d2.73a07051.5b213570-0.2.1701177533
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 28 Nov 2023 13:18:53 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDx%2B23Zy3iE752kmzJVtosNpwzmMRA3haYGAC7wTEiENMD0pCaHCa7dcSZlGQfQSdNyeDhpiaD%2B6PbmeBIGjpgRsUubtmyQzwXB2VTDb7%2BsLRCR3LllHwbuw8H130Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d2e63fcfe456c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/images/logo.svg

172.67.202.18

200 OK

2.7 kB

URL GET HTTP/3
2un1que.xyz/images/logo.svg
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2785), with no line terminators
Size
2.7 kB (2723 bytes)
Hash
7faf27f9329795a77ab8841d87ba63df
4ba1f1d8a4961637f6a553e99ceda25c8d4696a6
c303e28f17ded2bec3e442994b382a58c4b651483f3ae4f9d996f91036286ddb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo.svg HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: image/svg+xml
etag: W/"90a8e043d2e138431ea16b0c871661d2"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhQfOxWERroU69V69DDsPYA4ObMKJApfUeXUuLNaaNLAXgUIrpPkcbXUPozEwI%2FJhdhF%2BT1xC10CzqtrpgPe%2Fm%2FMFzSuGLucAl%2Bp%2F%2BsGxCPbOyNRR%2BEPuvD8JokzUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e635aae356c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/images/arrow-prev.svg

172.67.202.18

200 OK

292 B

URL GET HTTP/3
2un1que.xyz/images/arrow-prev.svg
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (304), with no line terminators
Size
292 B (292 bytes)
Hash
8dafb22eaaa8b9e0c547c08e11759624
4cd1e3edb46be61dc5b9da6a5054309b81927c2c
f60fa659b2bc0eda712fc048f81ec97d6d678890dc4f61d40578472018851bc4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/arrow-prev.svg HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: image/svg+xml
etag: W/"60d3ec275b018b9657c109f3d4a896cc"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReOAlr0JSWz8mYGNAQpHpZdTx3xc722BgixY8KmwLOdkxBoQ2b274I7zkvEgZvbb3PVrWrl4XZ9nuNc%2BQHcwdOkInZVdxl2ISMEcjMn%2FBfk89gPk8hWyyOIMuvKHkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e639e8c656c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/regform/img/flags.f73aa829.png

172.67.202.18

200 OK

71 kB

URL GET HTTP/3
2un1que.xyz/regform/img/flags.f73aa829.png
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
PNG image data, 5652 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size
71 kB (70857 bytes)
Hash
416250f60d785a2e02f17e054d2e4e44
21572c9751e5a3dc20395befa0fcb349c32c4811
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /regform/img/flags.f73aa829.png HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Cookie: tr_uuid=e0f0ce81-2ed6-4e4d-b392-8a3e68be6f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: image/png
content-length: 70857
last-modified: Wed, 22 Nov 2023 15:35:11 GMT
etag: "655e1faf-114c9"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZITcHnguqQCNFWJkXjyBdwOaB8DzV7hpyYCzc7509OLCNAPYbFitD%2FZDFL7D21kKIhnatjX8Ppp5E9XJu3IbYX1aogfNoyLCi%2BancPzOc5UNfuL9U%2Fzxe2ke4vJiIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d2e63c4bfe56c3-OSL
alt-svc: h3=":443"; ma=86400

2un1que.xyz/js/psl.min.js

172.67.202.18

200 OK

128 kB

URL GET HTTP/3
2un1que.xyz/js/psl.min.js
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type

Size
128 kB (127526 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/psl.min.js HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: application/javascript; charset=utf-8
etag: W/"a4d87fd2000b23f203bdea9a705cc40c"
last-modified: Sun, 20 Aug 2023 08:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiCOQac1W%2B0E6%2FHRXR5FTNALHWErse8gzAcBJnuJ9rMp7DG9VdRYBnjhgczEi4%2BMBkdDNf4nwJzuSafhQFrH4aB9SJXpSaI4zA6AY08WWmV8yg9dOLerVtrppe4phw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e635baf356c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/images/sprite.svg

172.67.202.18

200 OK

69 kB

URL GET HTTP/3
2un1que.xyz/images/sprite.svg
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2677)
Size
69 kB (69228 bytes)
Hash
2d5a69e2d0d8bde849b4549b883f2f23
d2edef554aaede69b68cc0cbf9857c1132a7dd15
10f49b5b7aa4195385e458d876613f897919af7379a75681e28546714c57ff6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/sprite.svg HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: image/svg+xml
etag: W/"2d5a69e2d0d8bde849b4549b883f2f23"
last-modified: Sun, 20 Aug 2023 08:56:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQBw2brFCLtpK%2Bp1NnGh3MgnFQIKhb9q6dbzgexxNSPbS06WgZ0wm6vxlFPE1%2FVDzC0hil8ZlEwieoj4pGMNPQrl01OeBWPa3PQPD1uCpsN9Oco6jrHJ2C7sR5pCkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e639c88a56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/video/76.mp4

172.67.202.18

206 Partial Content

2.1 MB

URL GET HTTP/3
2un1que.xyz/video/76.mp4
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type

Size
2.1 MB (2111178 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /video/76.mp4 HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 206 Partial Content
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: video/mp4
content-length: 6824858
etag: "abf6ad9ceea48ae9030f473ab6733207"
last-modified: Fri, 14 Jul 2023 08:50:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: 941221daf4c1ffe9564706e8cc4a4e486ea8d70d53b890660df8856294586de4
x-amz-request-id: 179BCBF2C66913E1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache-status: HIT
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-6824857/6824858
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nto44IB5FfdLeHAEhUZGox9GKI0ckDmGPKEPIoKYcf6j6V8z49maoXzA1LrnlWZwHquPwM1CpoL%2F9adLx4x01lsmorpZONNMdzYSAnN6DJrj1STqw6sFkKDXHeU7ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e63a89ed56c3-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

142.250.74.106

200 OK

13 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://2un1que.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
13 kB (12745 bytes)
Hash
cab222f7a352cb95160ade2bbba39be2
e0e5635227481ab966c10c7bc8a015c6132dda53
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee

HTTP Headers

GET /css?family=Roboto:100,300,400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Nov 2023 13:18:51 GMT
date: Tue, 28 Nov 2023 13:18:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

2un1que.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

172.67.202.18

200 OK

7.3 kB

URL GET HTTP/3
2un1que.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
ASCII text, with very long lines (7348), with no line terminators
Size
7.3 kB (7348 bytes)
Hash
864aa28a1f8531512f8a5b3c32befe80
fd560c7223c6fbc10292f067b8a989854f08c07c
672faf5460a6df8a576f636aa274639c7ab2cb6dffbefc4eddff6b165c0d2ae2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: tr_uuid=e0f0ce81-2ed6-4e4d-b392-8a3e68be6f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:53 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
vary: accept-encoding
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzyqYePe0zNFtISDCLFr%2FplFJiagxXY5mx1afTggFixrtZTeQeC5RJKBDIcXjTNrBOPJPX4h9gVnxI0d5wTSeNKXkjVG%2FrxIUnEm9PrQEFcM2XphDRHo2YMrNuIOuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e63dada056c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/82d2e62fdde3b4f7

172.67.202.18

200 OK

0 B

URL POST HTTP/3
2un1que.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/82d2e62fdde3b4f7
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/82d2e62fdde3b4f7 HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12172
Origin: https://2un1que.xyz
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Cookie: tr_uuid=e0f0ce81-2ed6-4e4d-b392-8a3e68be6f38
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:53 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=AJeEmaiHZt.oyI17WX2wFNEb.UVRCH7NXXXxSfAkgHU-1701177533-0-1-730ca2d2.73a07051.5b213570-0.2.1701177533; path=/; expires=Wed, 27-Nov-24 13:18:53 GMT; domain=.2un1que.xyz; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPME2vx4tZVY%2BBRtZ%2FX2ndf4oWIuHCy4eIKkISKjaC3ki9DKWr90PstKoM6LLcVvqcn7vt%2BQAoyl26oSECjuySrblIkWMDIkh35%2BMpRW4xtdZNBEmgB6BoLjGssktA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e63ecebc56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/css/form-style.css

172.67.202.18

200 OK

2.9 kB

URL GET HTTP/3
2un1que.xyz/css/form-style.css
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
ASCII text, with very long lines (3234), with no line terminators
Size
2.9 kB (2949 bytes)
Hash
c32c15a85b0786efe5cd597c2cb6605a
8f4998b8383a29f86074423c91f3e4e6d1dd61f6
0f1fc1f2adb094fa494362afce263a5cb3a845defdcff1c8db3482f49532ce2a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/form-style.css HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: text/css; charset=utf-8
etag: W/"1f350fef601db5da85470e637369c33a"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEUtaWpcVL%2FUv5UyfvL1%2Fa2F8kCnCGzqoXUqU8EbfZLFFOHK8FjzT8ty%2FyHcf%2B8QOK7VgPNPtJA1qlO49UzVHzkacEuD9AkJxhzeHP9Tcxt5oAD1%2FWba3SR5%2BNSbAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e6358ad356c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unpkg.com/vue@2

104.16.124.175

302 Found

434 kB

URL GET HTTP/2
unpkg.com/vue@2
IP
104.16.124.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
434 kB (434075 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /vue@2 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 28 Nov 2023 13:18:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /vue@2.7.15
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01HGB11QFGSE5W691AQXRH3YQ0-arn
cf-cache-status: HIT
age: 277
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d2e6360c6a0b06-OSL
X-Firefox-Spdy: h2

2un1que.xyz/regform/reg-form.min.js

172.67.202.18

200 OK

622 kB

URL GET HTTP/3
2un1que.xyz/regform/reg-form.min.js
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type

Size
622 kB (622378 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /regform/reg-form.min.js HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: application/javascript
last-modified: Wed, 22 Nov 2023 15:35:08 GMT
etag: W/"655e1fac-97f2a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Q2FCSNKgfYDOpLRr0EB9EC4k70u7V7KK%2Be%2ByU%2FDHpTcD4DmzyAV4pTC72ex2os1VTxB9Jd2D4rbmIHzyqyNM3WOLPnBZ49DfuWJDaIcVJaGvpjQqUQ%2Bicy7ePxBIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82d2e635baf256c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unpkg.com/vue@2.7.15

104.16.124.175

302 Found

434 kB

URL GET HTTP/2
unpkg.com/vue@2.7.15
IP
104.16.124.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
434 kB (434075 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /vue@2.7.15 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2un1que.xyz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 28 Nov 2023 13:18:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
location: /vue@2.7.15/dist/vue.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01HFXGNTP0Q9ENWK7MDH7C7SNN-arn
cf-cache-status: HIT
age: 453653
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d2e636cd2f0b06-OSL
X-Firefox-Spdy: h2

2un1que.xyz/images/arrow-next.svg

172.67.202.18

200 OK

293 B

URL GET HTTP/3
2un1que.xyz/images/arrow-next.svg
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (305), with no line terminators
Size
293 B (293 bytes)
Hash
3929ed355069e08d8e564da178b95fc9
5ae7e1582e05e28a3a07d6aae4175feaae632540
c5d98853cc319bb6138cec76914c93ad8dc77d449668899d6da09b414d9c95c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/arrow-next.svg HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/css/style.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:52 GMT
content-type: image/svg+xml
etag: W/"66e03edffcc8d55bf2bac44a7a81f7d3"
last-modified: Sun, 20 Aug 2023 08:56:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdMLTvo7NZKA5Ia0j7Zg7TGkDn6SKiFeXi%2B%2FmKmlXX%2F33pakab3aluKWKZpSPTuscOtZNfqmmt5A8JWIKVCFVDRXWyZy3abvojNmfphbeQrWC%2Fzh0s5dAl2v0hPQZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e639e8c856c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2un1que.xyz/geo.js

172.67.202.18

200 OK

418 B

URL GET HTTP/3
2un1que.xyz/geo.js
IP
172.67.202.18:443
ASN
#13335 CLOUDFLARENET

Requested by
https://2un1que.xyz/
Certificate
IssuerLet's Encrypt
Subject2un1que.xyz
Fingerprint64:C8:56:28:50:AE:2E:67:E4:D6:FE:01:CB:71:0C:3D:36:18:46:09
ValiditySun, 01 Oct 2023 14:39:46 GMT - Sat, 30 Dec 2023 14:39:45 GMT

File type
ASCII text, with very long lines (487), with no line terminators
Size
418 B (418 bytes)
Hash
a5833224a06521d6d9aef9951e2f220d
4175d8db434cde753677d215fb16e7a994a8ee13
9b885d5c69a5af222034a7895d120c4414683988b7440015b1a506db057a6762

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /geo.js HTTP/1.1
Host: 2un1que.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2un1que.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 28 Nov 2023 13:18:51 GMT
content-type: application/javascript
country_code: NO
country_name: Norway
city_name: Lorenskog
region_iso: 30
region_name: Viken
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4naO2lNGVoKpFzCxBt0OHM4hjFjC3JHVcTnMfYzPu3eMLkUotvONjU67qqppnE1ld04viwrh8FenYGlFPu6SMs6TbaftimzD%2B1ZGaF6Qe2HOrId6E9G6tp9HXGG7Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82d2e635aaec56c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (39)

URL GET HTTP/2

IP