| fonts.googleapis.com/css?family=Capriola |  142.250.178.42 | 200 OK | 841 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Capriola IP142.250.178.42:443
CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint91:3E:F9:90:4B:40:4C:8E:D9:11:EA:64:14:86:3D:AD:DB:41:93:5C ValidityMon, 20 Jan 2025 08:37:08 GMT - Mon, 14 Apr 2025 08:37:07 GMT
File typegzip compressed data, max compression Hash8aaad3755ae69f2ecebc16f84b976548 db7bf653562b60b05d97d361b6e0ce9e10f11105 8ff86b0a256aa1ac3424b2d3448a7f64d7a4fc8ee90d41d854ee350c701c59c1
GET /css?family=Capriola HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://check.ooyu.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Feb 2025 11:55:16 GMT
date: Fri, 07 Feb 2025 11:55:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
| fonts.gstatic.com/s/capriola/v14/wXKoE3YSppcvo1PDlk_7JeE.woff2 | 142.250.74.35 | 200 OK | 21 kB |
URL GET HTTP/2fonts.gstatic.com/s/capriola/v14/wXKoE3YSppcvo1PDlk_7JeE.woff2 IP142.250.74.35:443
CertificateIssuerGoogle Trust Services Subject*.gstatic.com Fingerprint62:57:FE:D4:36:DB:03:15:19:B1:2C:50:42:64:6E:D7:C2:32:4F:B6 ValidityMon, 20 Jan 2025 08:37:07 GMT - Mon, 14 Apr 2025 08:37:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20876, version 1.0 Hashde58282a1ce2c94c8d03a2fef04bade2 9c8bac0b423f92b154d3d8f1cd40222654ee160e 3a699a96b93301126fa93a9e52306a65149c4bb3b686eda38da3895941edaa4f
GET /s/capriola/v14/wXKoE3YSppcvo1PDlk_7JeE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://check.ooyu.site
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20876
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 07 Feb 2025 11:50:37 GMT
expires: Sat, 07 Feb 2026 11:50:37 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 16:53:57 GMT
content-type: font/woff2
age: 280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
URL User Request GET HTTP/2IP 104.21.19.134:443
CertificateIssuerGoogle Trust Services Subjectooyu.site FingerprintE5:49:78:C4:07:12:89:BC:98:83:35:8D:B6:CB:7A:90:8D:31:E2:AF ValidityThu, 06 Feb 2025 22:40:25 GMT - Wed, 07 May 2025 23:39:08 GMT
File typeHTML document, ASCII text, with very long lines (2724), with no line terminators Hash4bbbc9a35d4b4e13c8768037bd0ff4bf 0d3f583363927f0c8f8773f609a51246d2a2a57b 4fddaec8b47812e0c21bf038659945a0885f4013f19db872c661b2969cfbb95d
| Analyzer | Verdict | Alert |
|---|
| ThreatFox | malicious | ClearFake |
GET / HTTP/1.1
Host: check.ooyu.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 07 Feb 2025 11:55:16 GMT
content-type: text/html; charset=UTF-8
last-modified: Tue, 10 Dec 2024 19:21:35 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BghSs5n9jf8d7uc7D30eyhEr7SU9290vKT%2FMl%2FExR%2BM4J7ZbyZBEOC5jbMNRzQByS%2F1WiHaHO8SEUVj5%2BSj05wMoCj5cmNaLUvJSb0ld4Ci75Vf7ro%2BJs3i%2Fyb6CU3t5K%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90e330a3df095693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5677&min_rtt=482&rtt_var=10415&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3269&recv_bytes=1253&delivery_rate=7203980&cwnd=248&unsent_bytes=0&cid=0edfb2d47ab5a620&ts=106&x=0"
X-Firefox-Spdy: h2
|
| check.ooyu.site/favicon.ico | 104.21.19.134 | 404 Not Found | 277 B |
URL GET HTTP/3check.ooyu.site/favicon.ico IP104.21.19.134:443
CertificateIssuerGoogle Trust Services Subjectooyu.site FingerprintE5:49:78:C4:07:12:89:BC:98:83:35:8D:B6:CB:7A:90:8D:31:E2:AF ValidityThu, 06 Feb 2025 22:40:25 GMT - Wed, 07 May 2025 23:39:08 GMT
File typeHTML document, ASCII text, with no line terminators Hashd1130fd7a856ed327f751c3eb6544f94 2ebdc4eeb32acd8de8e9c7b8bd1a439d239f88e3 011138064c038a333f7424b07073dca269c7f03e1c2daf06f88cb85b22f2e7e7
| Analyzer | Verdict | Alert |
|---|
| ThreatFox | malicious | ClearFake |
GET /favicon.ico HTTP/1.1
Host: check.ooyu.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://check.ooyu.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 07 Feb 2025 11:55:17 GMT
content-type: text/html; charset=iso-8859-1
cf-cache-status: DYNAMIC
vary: accept-encoding
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjRJedNomjNXp8BL3vcFRe1tXkXx5TJ9QfQFmjy2WsMl1BAizW67hpulPqOrrgilWQqr%2FJjxSE0vn3v3qZPg3t4wbHkTexWB6dnSnFXg%2F01UrZFq0qG3bfzOimSbcHmsEh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90e330a70ce7b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5891&min_rtt=2513&rtt_var=3355&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4147&recv_bytes=1203&delivery_rate=236285&cwnd=12000&unsent_bytes=0&cid=2225c92ebdd8e296&ts=439&x=1", cfExtPri, cfHdrFlush;dur=0
|