Report - wxjw7.tk/

Report Overview

Visited public
2023-12-03 23:35:56
Tags
URL
wxjw7.tk/
Finishing URL
www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
IP / ASN
195.20.42.219
#31624 Verotel International B.V.
Title
Page not found

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
register.freenom.com	unknown	2007-06-17	2014-10-06 20:18:42	2023-03-28 12:30:01	417 B	1.2 kB	104.155.8.167
wxjw7.tk	unknown	unknown	2023-03-01 11:15:22	2023-06-02 18:07:58	662 B	1.9 kB	195.20.42.219
domain.dot.tk	166571	unknown	2012-05-22 19:00:16	2023-07-30 02:54:22	489 B	253 B	109.235.49.197
www.freenom.com	unknown	2007-06-17	2014-05-27 04:45:17	2023-05-27 13:08:56	5.0 kB	520 kB	35.186.227.193
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-03 07:59:58	442 B	30 kB	142.250.74.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-03 23:35:44	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-12-03 23:35:44	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-12-03 23:35:44	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-12-03 23:35:44	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-12-03 23:35:47	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-12-03 23:35:47	medium	Client IP	195.20.42.219	ET POLICY HTTP Request to a *.tk domain
2023-12-03 23:35:47	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-12-03 23:35:47	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-12-03 23:35:47	medium	Client IP	195.20.42.219	ET POLICY HTTP Request to a *.tk domain
2023-12-03 23:35:47	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-12-03 23:35:47	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-12-03 23:35:48	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-12-03 23:35:48	medium	Client IP	Internal IP	ET DNS Query to a .tk domain - Likely Hostile
2023-12-03 23:35:48	medium	Client IP	109.235.49.197	ET POLICY HTTP Request to a *.tk domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	www.freenom.com/js/jquery.easing.min.js	ScriptElement	7.0 kB	2023-03-07	2025-04-17
Pretty URL www.freenom.com/js/jquery.easing.min.js IP 35.186.227.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-04-17 13:37 Times Seen75 Hash 8599ea95257039f0aedac109203c80f5 bfe173de1d873bc06273c4d1444e17be45c48b7e 7e1315d9de485eb5251249e86483786d892d4b5336fc16a052b57921f22feef8 Loading...

	www.freenom.com/en/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL www.freenom.com/en/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 04:45 Times Seen341347 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-08
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16 Last Seen2025-05-08 12:28 Times Seen1871 Hash ccd0edd113b78697e04fb5c1b519a5cd a6eedf84389e1bc9f757bc2d19538f8c8d1cae9d a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25 Loading...

	register.freenom.com/js/login.js	ScriptElement	948 B	2023-03-09	2023-12-04
Pretty URL register.freenom.com/js/login.js IP 104.155.8.167 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:19 Last Seen2023-12-04 00:36 Times Seen1 Hash 98236fa777091f2ca39919f59bc0b637 e212fc0877d911b499d1937d2d4e4c47898d1884 1de89c9d7f8cfadcf197686751cbe5ee65c4d75762447f9999b1b003a45e8b6d Loading...

	www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918 IP 35.186.227.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 04:47 Times Seen4633999 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.freenom.com/js/jquery.rotating.backgrounds.js	ScriptElement	979 B	2023-03-09	2023-12-04
Pretty URL www.freenom.com/js/jquery.rotating.backgrounds.js IP 35.186.227.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:19 Last Seen2023-12-04 00:36 Times Seen1 Hash 8d685417c25ae3822c63b489b79575ab dbfd3c26dc80d96c96c0b8fd97c176cf839631e3 b057931915715d603c8d72986402da1ff6e77c669b46326400cc32de8a6f1a28 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 04:45 Times Seen340547 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

HTTP Transactions (15)

URL IP Response Size

wxjw7.tk/

195.20.42.219

630 B

URL
wxjw7.tk/
IP
195.20.42.219:0
ASN
#31624 Verotel International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
630 B (630 bytes)
Hash
4d560c8baac2235bff4c73544cce8f10
d2ae5cdd6be681f151dc95fe22362158c3eb41ff
6b14e66a068b7e04544986818d82a0181b9cdcf84534746bc15d0101116648b6

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to a *.tk domain
suricata	medium	ET POLICY HTTP Request to a *.tk domain

HTTP Headers

GET / HTTP/1.1
Host: wxjw7.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 203 
Server: nginx
Date: Sun, 03 Dec 2023 23:35:45 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 630
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Server: ip-172-31-14-50
Set-Cookie: JSESSIONID=DCEC46261692227D699A4651CDEF6B91; Path=/; HttpOnly

wxjw7.tk/

195.20.42.219

630 B

URL
wxjw7.tk/
IP
195.20.42.219:0
ASN
#31624 Verotel International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
630 B (630 bytes)
Hash
a5f4fb798c1137afc89bd0d1990179db
97efea83ad3fd88068453d23db746242cd46d042
36eac8ae8f22e8ff157ae03b51458da32d6a217c9415aeb90d97543d05704f36

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to a *.tk domain
suricata	medium	ET POLICY HTTP Request to a *.tk domain

HTTP Headers

GET / HTTP/1.1
Host: wxjw7.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 203 
Server: nginx
Date: Sun, 03 Dec 2023 23:35:45 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 630
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Server: ip-172-31-12-141
Set-Cookie: JSESSIONID=1276BCB755F133ADB7DF7048914A2C99; Path=/; HttpOnly

domain.dot.tk/p/?d=WXJW7.TK&i=91.90.42.154&c=47&ro=0&ref=unknown&_=1701646542109

109.235.49.197

301 Moved Permanently

0 B

URL User Request GET HTTP/1.0
domain.dot.tk/p/?d=WXJW7.TK&i=91.90.42.154&c=47&ro=0&ref=unknown&_=1701646542109
IP
109.235.49.197:80
ASN
#47869 Netrouting

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to a *.tk domain

HTTP Headers

GET /p/?d=WXJW7.TK&i=91.90.42.154&c=47&ro=0&ref=unknown&_=1701646542109 HTTP/1.1
Host: domain.dot.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://wxjw7.tk/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 301 Moved Permanently
Date: Sun, 03 Dec 2023 23:32:06 GMT
Server: nginx/1.18.0
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 0
Location: https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Connection: close

www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918

35.186.227.193

200 OK

2.9 kB

URL User Request GET HTTP/2
www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
IP
35.186.227.193:443
ASN
#15169 GOOGLE

Certificate
IssuerSectigo Limited
Subjectfreenom.com
Fingerprint7C:DD:F2:18:37:3E:A3:1D:C8:87:21:D6:AA:58:46:F4:C0:D2:9A:C5
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.9 kB (2928 bytes)
Hash
7f2a2d857762c4124e2220d7702056e6
6cb83718fea1ccc8ed46cae7d90285de58734033
1678ca6933c124b44fe8e816ffb134a299cf551412c46732e0f9994c2de9652e

HTTP Headers

GET /en/pagenotfound.html?_urlfwd=1&_=1701645918 HTTP/1.1
Host: www.freenom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wxjw7.tk/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.17.8
date: Sun, 03 Dec 2023 23:35:42 GMT
content-type: text/html
content-length: 2928
x-guploader-uploadid: ABPtcPrvxx6t6IjVZaOnzBr29UYuDeFfacHttWSA6F6H-P-y2F7tNZziy8u2fwPu0vI-qHGq9BMoJyJQ0w
cache-control: private, max-age=0, no-transform
expires: Sun, 03 Dec 2023 23:35:42 GMT
last-modified: Tue, 07 Aug 2018 08:18:30 GMT
etag: "7f2a2d857762c4124e2220d7702056e6"
x-goog-generation: 1533629910554398
x-goog-metageneration: 43
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2928
x-goog-meta-goog-reserved-file-mtime: 1533629651
content-language: en
x-goog-hash: crc32c=L9bXEQ==, md5=fyothXdixBJOIiDXcCBW5g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

142.250.74.42

200 OK

29 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32023)
Size
29 kB (29440 bytes)
Hash
ccd0edd113b78697e04fb5c1b519a5cd
a6eedf84389e1bc9f757bc2d19538f8c8d1cae9d
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

HTTP Headers

GET /ajax/libs/jquery/2.0.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freenom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29440
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:50:46 GMT
expires: Fri, 29 Nov 2024 04:50:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 326697
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.freenom.com/css/font-awesome.min.css

35.186.227.193

200 OK

27 kB

URL GET HTTP/3
www.freenom.com/css/font-awesome.min.css
IP
35.186.227.193:443
ASN
#15169 GOOGLE

Requested by
https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Certificate
IssuerSectigo Limited
Subjectfreenom.com
Fingerprint7C:DD:F2:18:37:3E:A3:1D:C8:87:21:D6:AA:58:46:F4:C0:D2:9A:C5
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (26524), with CRLF line terminators
Size
27 kB (26689 bytes)
Hash
895edde9f15b1bb00acd7f3e7a6e25ee
8407f9aa4d39f3edda9f54b0e30225385d2f8b20
8ce35e7c8f6fb1f1a1cd07dbe5a7edc19d858ebfe8dbe6a04013236d5176c58a

HTTP Headers

GET /css/font-awesome.min.css HTTP/1.1
Host: www.freenom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.17.8
date: Sun, 03 Dec 2023 23:35:43 GMT
content-type: text/css
content-length: 26689
x-guploader-uploadid: ABPtcPqZdp-9wVH73os-CJZuT99gEbjF-u0Epy5u2GHHLtYIREJ9Mfq26b0A9Pzv2oR9aBIvHSkhqt4QEQ
cache-control: private, max-age=0, no-transform
expires: Sun, 03 Dec 2023 23:35:43 GMT
last-modified: Thu, 24 Mar 2016 21:03:51 GMT
etag: "895edde9f15b1bb00acd7f3e7a6e25ee"
x-goog-generation: 1458853431597000
x-goog-metageneration: 68
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26689
x-goog-meta-goog-reserved-file-mtime: 1467283521
x-goog-hash: crc32c=KEIgNw==, md5=iV7d6fFbG7AKzX8+em4l7g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.freenom.com/css/reset.css

35.186.227.193

200 OK

795 B

URL GET HTTP/3
www.freenom.com/css/reset.css
IP
35.186.227.193:443
ASN
#15169 GOOGLE

Requested by
https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Certificate
IssuerSectigo Limited
Subjectfreenom.com
Fingerprint7C:DD:F2:18:37:3E:A3:1D:C8:87:21:D6:AA:58:46:F4:C0:D2:9A:C5
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (738), with CRLF line terminators
Size
795 B (795 bytes)
Hash
182a9e59cb2d502fa68a9bb9e30e5ad8
f6a54c21086d495f2687e4a5fff3f1f59a8be8ad
ec34f5f4278bcc95f8e963777380ce5a20697dc357ae00c7f4f4c77468b5dba5

HTTP Headers

GET /css/reset.css HTTP/1.1
Host: www.freenom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.17.8
date: Sun, 03 Dec 2023 23:35:43 GMT
content-type: text/css
content-length: 795
x-guploader-uploadid: ABPtcPpc84EBJUsjBPEI7NUDCw535x-dIsBB3dr32sIp2CNuOgGmmiym5UnVgxXy_ppuq98L6ZY
cache-control: private, max-age=0, no-transform
expires: Sun, 03 Dec 2023 23:35:43 GMT
last-modified: Thu, 22 Sep 2016 11:56:14 GMT
etag: "182a9e59cb2d502fa68a9bb9e30e5ad8"
x-goog-generation: 1474545374458000
x-goog-metageneration: 58
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 795
x-goog-meta-goog-reserved-file-mtime: 1474545367
content-language: en
x-goog-hash: crc32c=n0/UNQ==, md5=GCqeWcstUC+mipu54w5a2A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.freenom.com/js/jquery.rotating.backgrounds.js

35.186.227.193

200 OK

979 B

URL GET HTTP/3
www.freenom.com/js/jquery.rotating.backgrounds.js
IP
35.186.227.193:443
ASN
#15169 GOOGLE

Requested by
https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Certificate
IssuerSectigo Limited
Subjectfreenom.com
Fingerprint7C:DD:F2:18:37:3E:A3:1D:C8:87:21:D6:AA:58:46:F4:C0:D2:9A:C5
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
979 B (979 bytes)
Hash
8d685417c25ae3822c63b489b79575ab
dbfd3c26dc80d96c96c0b8fd97c176cf839631e3
b057931915715d603c8d72986402da1ff6e77c669b46326400cc32de8a6f1a28

HTTP Headers

GET /js/jquery.rotating.backgrounds.js HTTP/1.1
Host: www.freenom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.17.8
date: Sun, 03 Dec 2023 23:35:43 GMT
content-type: application/javascript
content-length: 979
x-guploader-uploadid: ABPtcPrW0Vq1qObtJcmLVv7tgQmWhQg6Oa9sUdDpKBXzQzZ0mIBaXvtbIYEp2wrWSzFP-eLsx6xLEQ5QCA
cache-control: private, max-age=0, no-transform
expires: Sun, 03 Dec 2023 23:35:43 GMT
last-modified: Thu, 22 Sep 2016 11:56:18 GMT
etag: "8d685417c25ae3822c63b489b79575ab"
x-goog-generation: 1474545378683000
x-goog-metageneration: 66
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 979
x-goog-meta-goog-reserved-file-mtime: 1474545366
content-language: en
x-goog-hash: crc32c=r2XZGA==, md5=jWhUF8Ja44IsY7SJt5V1qw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.freenom.com/js/jquery.easing.min.js

35.186.227.193

200 OK

7.0 kB

URL GET HTTP/3
www.freenom.com/js/jquery.easing.min.js
IP
35.186.227.193:443
ASN
#15169 GOOGLE

Requested by
https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Certificate
IssuerSectigo Limited
Subjectfreenom.com
Fingerprint7C:DD:F2:18:37:3E:A3:1D:C8:87:21:D6:AA:58:46:F4:C0:D2:9A:C5
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type
ISO-8859 text, with very long lines (3601)
Size
7.0 kB (7046 bytes)
Hash
ec64dc8377266f617caf00ebc5067a14
fb6ebf42d2da04eee38b8fabc0c09dd9e433a9e4
a7c016be6c9693535e2a8abce5814c71290f76bb8259e907dfa092f3c3633447

HTTP Headers

GET /js/jquery.easing.min.js HTTP/1.1
Host: www.freenom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.17.8
date: Sun, 03 Dec 2023 23:35:43 GMT
content-type: application/javascript
content-length: 7046
x-guploader-uploadid: ABPtcPqcbaVjFLsihsyjfjq5rGK_8eOqiXOm8aXohBLXFGzdg01YOVtnklLWbQ5QBaTgZkuWqfut5ch5pQ
cache-control: private, max-age=0, no-transform
expires: Sun, 03 Dec 2023 23:35:43 GMT
last-modified: Thu, 24 Mar 2016 21:04:33 GMT
etag: "ec64dc8377266f617caf00ebc5067a14"
x-goog-generation: 1458853473712000
x-goog-metageneration: 76
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7046
x-goog-meta-goog-reserved-file-mtime: 1467283509
x-goog-hash: crc32c=924SHw==, md5=7GTcg3cmb2F8rwDrxQZ6FA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.freenom.com/images.v2/logo.png

35.186.227.193

200 OK

12 kB

URL GET HTTP/3
www.freenom.com/images.v2/logo.png
IP
35.186.227.193:443
ASN
#15169 GOOGLE

Requested by
https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Certificate
IssuerSectigo Limited
Subjectfreenom.com
Fingerprint7C:DD:F2:18:37:3E:A3:1D:C8:87:21:D6:AA:58:46:F4:C0:D2:9A:C5
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type
PNG image data, 344 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12407 bytes)
Hash
0d15ea0d66606463554b67000d2bf00b
1a2982d69bf466bf506cf6e3958aeb116c5380e8
8f5f28a19f79671426814c76e3b17cbc3d1b1e6346dbdf7905b1a516d314d5ad

HTTP Headers

GET /images.v2/logo.png HTTP/1.1
Host: www.freenom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.17.8
date: Sun, 03 Dec 2023 23:35:43 GMT
content-type: image/png
content-length: 12407
x-guploader-uploadid: ABPtcPqxNK3Qjobj48IAqcSnjqSms2b3R0mJ5qfxmRgKebXiVuyeIrLdhuQkOmt9jvnpAc3TM_Cm7D-eIw
cache-control: private, max-age=0, no-transform
expires: Sun, 03 Dec 2023 23:35:43 GMT
last-modified: Thu, 24 Mar 2016 21:04:18 GMT
etag: "0d15ea0d66606463554b67000d2bf00b"
x-goog-generation: 1458853458625000
x-goog-metageneration: 68
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 12407
x-goog-meta-goog-reserved-file-mtime: 1467283538
x-goog-hash: crc32c=qci8jQ==, md5=DRXqDWZgZGNVS2cADSvwCw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.freenom.com/css/freenom.min.css

35.186.227.193

200 OK

53 kB

URL GET HTTP/3
www.freenom.com/css/freenom.min.css
IP
35.186.227.193:443
ASN
#15169 GOOGLE

Requested by
https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Certificate
IssuerSectigo Limited
Subjectfreenom.com
Fingerprint7C:DD:F2:18:37:3E:A3:1D:C8:87:21:D6:AA:58:46:F4:C0:D2:9A:C5
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (396), with CRLF line terminators
Size
53 kB (52912 bytes)
Hash
12e8524e0e1cd523b89348f06dc07b09
ce46989028dd0a2759ad511229d470664cccd264
c390bac6e59b3fb9cb4b9ac6141fb422c5c31a0afcf04fc0185d22be344aa4b8

HTTP Headers

GET /css/freenom.min.css HTTP/1.1
Host: www.freenom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.17.8
date: Sun, 03 Dec 2023 23:35:43 GMT
content-type: text/css
content-length: 52912
x-guploader-uploadid: ABPtcPoFbijmEfZ37LgJ9GfmWK1aaohsl7jETivkkA43bcdBfoOY1Yp38AnVpi71J1NIRlXrYQdJy21YaQ
cache-control: private, max-age=0, no-transform
expires: Sun, 03 Dec 2023 23:35:43 GMT
last-modified: Thu, 22 Sep 2016 11:56:14 GMT
etag: "12e8524e0e1cd523b89348f06dc07b09"
x-goog-generation: 1474545375012000
x-goog-metageneration: 58
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 52912
x-goog-meta-goog-reserved-file-mtime: 1474545367
content-language: en
x-goog-hash: crc32c=CfVXUA==, md5=EuhSTg4c1SO4k0jwbcB7CQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.freenom.com/css/style-2015.css

35.186.227.193

200 OK

37 kB

URL GET HTTP/3
www.freenom.com/css/style-2015.css
IP
35.186.227.193:443
ASN
#15169 GOOGLE

Requested by
https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Certificate
IssuerSectigo Limited
Subjectfreenom.com
Fingerprint7C:DD:F2:18:37:3E:A3:1D:C8:87:21:D6:AA:58:46:F4:C0:D2:9A:C5
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
37 kB (36772 bytes)
Hash
7f167f69f709956a16a4dbde38036b9b
d1a60a8bd0f3a005ad9d616cc3a2d5fb064a8eec
b96fdf74eddef1994a12a884d6aaa2a80d7f0f2111e30aa6d303681463bd8cad

HTTP Headers

GET /css/style-2015.css HTTP/1.1
Host: www.freenom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.17.8
date: Sun, 03 Dec 2023 23:35:43 GMT
content-type: text/css
content-length: 36772
x-guploader-uploadid: ABPtcPo5wGjV5IkIrvm2zBzDhTjKSgAXDhfLnixHZky9TPbpPNPUlvLGA_1cAh5cqbP1rXlbgop1D3zf6A
cache-control: private, max-age=0, no-transform
expires: Sun, 03 Dec 2023 23:35:43 GMT
last-modified: Thu, 01 Sep 2016 13:39:19 GMT
etag: "7f167f69f709956a16a4dbde38036b9b"
x-goog-generation: 1472737159446000
x-goog-metageneration: 67
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 36772
x-goog-meta-goog-reserved-file-mtime: 1472737150
content-language: en
x-goog-hash: crc32c=zyW2Rg==, md5=fxZ/afcJlWoWpNveOANrmw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

104.155.8.167

200 OK

948 B

URL GET HTTP/1.1
register.freenom.com/js/login.js
IP
104.155.8.167:443
ASN
#15169 GOOGLE

Requested by
https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Certificate
IssuerSectigo Limited
Subjectregister.freenom.com
Fingerprint40:92:83:1D:82:14:9E:35:E5:9E:12:F3:70:79:58:1A:8B:8D:EF:1B
ValidityTue, 26 Sep 2023 00:00:00 GMT - Thu, 26 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (948), with no line terminators
Size
948 B (948 bytes)
Hash
98236fa777091f2ca39919f59bc0b637
e212fc0877d911b499d1937d2d4e4c47898d1884
1de89c9d7f8cfadcf197686751cbe5ee65c4d75762447f9999b1b003a45e8b6d

HTTP Headers

GET /js/login.js HTTP/1.1
Host: register.freenom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freenom.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Sun, 03 Dec 2023 23:35:43 GMT
Content-Type: application/x-javascript
Content-Length: 948
Connection: keep-alive
Last-Modified: Tue, 02 Sep 2014 09:21:44 GMT
ETag: "b8c158-3b4-54058c28"
Accept-Ranges: bytes

www.freenom.com/images.v2/bg_image_12.jpg

35.186.227.193

200 OK

370 kB

URL GET HTTP/3
www.freenom.com/images.v2/bg_image_12.jpg
IP
35.186.227.193:443
ASN
#15169 GOOGLE

Requested by
https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Certificate
IssuerSectigo Limited
Subjectfreenom.com
Fingerprint7C:DD:F2:18:37:3E:A3:1D:C8:87:21:D6:AA:58:46:F4:C0:D2:9A:C5
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x1022, components 3\012- data
Size
370 kB (369982 bytes)
Hash
e2cca23c787b101964eccfe70e6c5bac
7baca58c750e4b14f81e415dde907723dc64fb37
69589c0edd2caa14f02a3602ca149c0d733608b15dc108a7717a84cd03c9c046

HTTP Headers

GET /images.v2/bg_image_12.jpg HTTP/1.1
Host: www.freenom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.17.8
date: Sun, 03 Dec 2023 23:35:43 GMT
content-type: image/jpeg
content-length: 369982
x-guploader-uploadid: ABPtcPoQLAyBBd9gahCT2I1dgb9DTn19UvWVVN357drMHfAkF4qQF_evrx_JU-l4ulmeF8c5HBJQHL1xJA
cache-control: private, max-age=0, no-transform
expires: Sun, 03 Dec 2023 23:35:43 GMT
last-modified: Fri, 15 Apr 2016 07:22:10 GMT
etag: "e2cca23c787b101964eccfe70e6c5bac"
x-goog-generation: 1460704930570000
x-goog-metageneration: 68
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 369982
x-goog-meta-goog-reserved-file-mtime: 1467283538
content-language: en
x-goog-hash: crc32c=ZZ5QNA==, md5=4syiPHh7EBlk7M/nDmxbrA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.freenom.com/favicon.ico

35.186.227.193

200 OK

1.2 kB

URL GET HTTP/3
www.freenom.com/favicon.ico
IP
35.186.227.193:443
ASN
#15169 GOOGLE

Requested by
https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Certificate
IssuerSectigo Limited
Subjectfreenom.com
Fingerprint7C:DD:F2:18:37:3E:A3:1D:C8:87:21:D6:AA:58:46:F4:C0:D2:9A:C5
ValidityMon, 20 Feb 2023 00:00:00 GMT - Tue, 20 Feb 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16\012- data
Size
1.2 kB (1150 bytes)
Hash
7f10605c307dd1ae92e6ba4f4e7e46bf
d4f232ae2f53327c9fe2dcc968e657d929b92726
165f4345c59ca09b4d0e7e4de0e820fc02a33d1b7880859b333c51e0d0d93eac

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.freenom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.freenom.com/en/pagenotfound.html?_urlfwd=1&_=1701645918
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
server: nginx/1.17.8
date: Sun, 03 Dec 2023 23:35:43 GMT
content-type: image/x-icon
content-length: 1150
x-guploader-uploadid: ABPtcPon9XG8178M_2sGkK7k900034kuCm3fDK68IMRViE1RPgQAcLifIbm25xUzOW5zJP5hPeE
cache-control: private, max-age=0, no-transform
expires: Sun, 03 Dec 2023 23:35:43 GMT
last-modified: Thu, 24 Mar 2016 21:03:46 GMT
etag: "7f10605c307dd1ae92e6ba4f4e7e46bf"
x-goog-generation: 1458853426795000
x-goog-metageneration: 46
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1150
x-goog-meta-goog-reserved-file-mtime: 1467283502
x-goog-hash: crc32c=XFkFng==, md5=fxBgXDB90a6S5rpPTn5Gvw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/1.0