Report - sandboxclaim.web.app/

Report Overview

Visited public
2023-11-28 15:48:59
Tags
URL
sandboxclaim.web.app/
Finishing URL
sandboxclaim.web.app/
IP / ASN
199.36.158.100
#54113 FASTLY
Title
The Sandbox Land Sale - The Galleria

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2023-11-28 08:26:21	891 B	1.5 MB	104.16.126.175
bat.bing.com	387	1996-01-29	2014-04-08 11:23:16	2023-11-28 05:11:27	412 B	47 kB	204.79.197.200
sandboxclaim.web.app	unknown	unknown	No data	No data	14 kB	1.8 MB	199.36.158.100
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-11-28 05:09:25	447 B	127 kB	104.17.25.14
s3-eu-west-1.amazonaws.com	unknown	2005-08-18	2017-03-24 17:39:01	2023-11-20 04:59:43	957 B	65 kB	52.218.37.51
ucarecdn.com	76504	2012-08-01	2018-06-24 07:35:33	2023-11-28 02:35:54	443 B	3.8 kB	95.101.10.43
tagmanager.landingi.io	unknown	2020-01-29	2022-08-31 03:07:53	2023-11-24 15:30:26	492 B	622 B	54.230.111.100
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-11-28 05:10:06	457 B	85 kB	151.101.194.137
t.sandbox.game	unknown	2018-02-28	2022-04-05 13:33:05	2023-11-18 22:57:54	425 B	131 kB	216.58.207.211

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed
2023-11-28	medium	sandboxclaim.web.app	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.0.js	ScriptElement	289 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-3.6.0.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-05-11 07:50 Times Seen3577 Hash 2849239b95f5a9a2aea3f6ed9420bb88 af32f706407ab08f800c5e697cce92466e735847 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Loading...

	unknown	Function	37 B	2023-04-11	2025-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-11 17:07 Times Seen263702 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	unknown	Function	79 B	2023-04-11	2025-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38 Last Seen2025-05-11 16:00 Times Seen112485 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	sandboxclaim.web.app/webpack.js	ScriptElement	1.9 MB	2023-05-15	2023-11-28
Pretty URL sandboxclaim.web.app/webpack.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-15 01:06 Last Seen2023-11-28 16:49 Times Seen2 Hash d3957122c69d973fc5500b59915ac6f2 d6da872695cb86b2e14e4e99b9325f7dabbe7892 0c0baa09a03412bf32dd5acaf0c62c332078efd942a307c751d6809e50507543 Loading...

	cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js	ScriptElement	736 kB	2023-03-07	2025-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58 Last Seen2025-05-10 22:11 Times Seen857 Hash 268d19762594655239a29d058a7e8b44 f06da2f7a68114b8dda38a0d782d65ddacc9c0e8 95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618 Loading...

	sandboxclaim.web.app/sandbox_files/t.js	ScriptElement	322 kB	2023-11-28	2023-11-28
Pretty URL sandboxclaim.web.app/sandbox_files/t.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 16:49 Last Seen2023-11-28 16:49 Times Seen1 Hash e5fd00de2b1d2d2fd4dabd8cb7974f66 59c578233ed27584730cd53087fc081240a5a6d0 97a1de5eb0706d021433ca7515b48ae1425c0cf089813ed13530588e5bceb2b9 Loading...

	sandboxclaim.web.app/sandbox_files/blinkloader.min.js	ScriptElement	7.7 kB	2023-03-07	2025-04-08
Pretty URL sandboxclaim.web.app/sandbox_files/blinkloader.min.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27 Last Seen2025-04-08 07:42 Times Seen175 Hash 810637653b8b6681622cbbfa20307826 40d3c471af908bbfe4a9c7ed43a287df8ba9fb9c 46ef20c3bf16f3011c2c15cfd31558eedc534b0969264691d6ab0ca887f5303f Loading...

	sandboxclaim.web.app/sandbox_files/analytics.js	ScriptElement	50 kB	2023-03-08	2025-05-04
Pretty URL sandboxclaim.web.app/sandbox_files/analytics.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22 Last Seen2025-05-04 12:41 Times Seen557 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	sandboxclaim.web.app/	ScriptElement	370 B	2024-08-20	2024-08-20
Pretty URL sandboxclaim.web.app/ IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:34 Last Seen2024-08-20 17:34 Times Seen1 Hash c3967663d4554d804bd8b5b5d882b400 4d0c38aaa36e0adde0476c37a4b0b5991e2feed8 9a85275e3618f971c73f1f4aaf726633ee70b2da48055487c67b7ccc80e84048 Loading...

	unknown	Function	34 B	2023-04-11	2025-05-11
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:16 Last Seen2025-05-11 16:14 Times Seen67036 Hash 572cb94037fffc2a0a53b465972e15f1 0d679b041a7c1ca45cc99e2d229fc2b86762838d 6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35 Loading...

	sandboxclaim.web.app/	ScriptElement	1.1 kB	2024-08-20	2024-08-20
Pretty URL sandboxclaim.web.app/ IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:34 Last Seen2024-08-20 17:34 Times Seen1 Hash 128772c158fc6904ca3150d71d754616 151a880f25c02fbaa1d5e55789ecbc3cfa4fa922 27096257d8f676bd2f6121f4329bb540ff29b5928ccf80bb0957997c76d56a92 Loading...

	sandboxclaim.web.app/	ScriptElement	329 B	2024-08-20	2024-08-20
Pretty URL sandboxclaim.web.app/ IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 17:34 Last Seen2024-08-20 17:34 Times Seen1 Hash 356a97ea16edbad67a163453993e3cb1 15005229e8ed8207560d4801d2adff74e2895216 e0b2de02bb3a9df64f4edb7c6fe9b2079076c3f7b8b9f7b1e22d412447afc5de Loading...

	sandboxclaim.web.app/	ScriptElement	734 B	2023-03-07	2024-08-20
Pretty URL sandboxclaim.web.app/ IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:27 Last Seen2024-08-20 17:34 Times Seen2 Hash 863534d377619ac2a3b9598d9ebe36cc f63a6af25409c1e0485d2de54d314847280e9eda 3b258e93db79e75db9c6de93ca308275f66f4c29694bb78e59230fa690e0ea3a Loading...

	sandboxclaim.web.app/common.js	ScriptElement	3.0 MB	2023-11-28	2023-11-28
Pretty URL sandboxclaim.web.app/common.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 16:49 Last Seen2023-11-28 16:49 Times Seen1 Hash 70ca07e58613d65827cc86ff92168ff6 9e237484033a922a3c3f0d384e9c800b033b20f0 17ecfc3954581b5d75b425d3b8e11cf8d85d0da339a1cf3942cf3a6d9fde0f85 Loading...

	t.sandbox.game/t.js?id=GTM-K5P9HVW	ScriptElement	340 kB	2024-08-20	2024-08-20
Pretty URL t.sandbox.game/t.js?id=GTM-K5P9HVW IP 216.58.207.211 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:34 Last Seen2024-08-20 17:34 Times Seen1 Hash bfbc954d829b5781159fd5f6b291cd44 c62a34889a3f48cd3b77a4547a59ee198295136b 64681354228633a4ae37404f7e18fbe29dd94a1e26700e3199ff5abdffea9a95 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ecf3ef9c4215ec6e773d5a5df12d44a2	250 B	2024-08-20 17:34	2024-08-20 17:34
Pretty Observations First Seen2024-08-20 17:34 Last Seen2024-08-20 17:34 Times Seen1 Hash ecf3ef9c4215ec6e773d5a5df12d44a2 4652d624b2d63ac679e51ef1194ef9e2656d3647 ae08bf1a09f0a35f3046ee241ad7e049719676bc062818a207b6fc4cf762846f Loading...

	#2 Eval - 242aa9547795c1241303313a0a8af479	248 B	2024-08-20 17:34	2024-08-20 17:34
Pretty Observations First Seen2024-08-20 17:34 Last Seen2024-08-20 17:34 Times Seen1 Hash 242aa9547795c1241303313a0a8af479 4e2c31edee38d01fa2e6ab64e1f583fca45cf827 6b57ab4cdf62d68c0806c9e1738b5f6be4276345e35b4d43361fa4df142f0527 Loading...

	#3 Eval - eb216f5490f9759a497bdbe827fe2eec	36 B	2023-05-09 16:02	2024-08-21 09:31
Pretty Observations First Seen2023-05-09 16:02 Last Seen2024-08-21 09:31 Times Seen8 Hash eb216f5490f9759a497bdbe827fe2eec ecd1fe6a3246a615961d148d853abc1a6b5b2dee 8d52da65615432e9c3ad8bda43d042b7430c53771989d43e63e1b5b5cd856d61 Loading...

	#4 Eval - 625d7958e6b270a2b8c28f0038c093cb	253 B	2024-08-20 17:34	2024-08-20 17:34
Pretty Observations First Seen2024-08-20 17:34 Last Seen2024-08-20 17:34 Times Seen1 Hash 625d7958e6b270a2b8c28f0038c093cb 4a65c24448f1bf2a47368233dd47888dc11e1252 12387912c420bd808ad476cda4ba0d115816c413e42344d5c7af2b9ab830926e Loading...

HTTP Transactions (40)

URL IP Response Size

sandboxclaim.web.app/

199.36.158.100

200 OK

11 kB

URL User Request GET HTTP/2
sandboxclaim.web.app/
IP
199.36.158.100:443
ASN
#54113 FASTLY

Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3553)
Size
11 kB (10737 bytes)
Hash
c99254df31ba96cd597a37b65ced7baf
6b54f61075a52c98d4b18e36d0305861d0f49b9f
06f5a9ceeb82eb2e0e0bc4543eea03b61aed31eafe45f4844a3875a3b78b2732

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "8b267dcbc8391dc1e5d52bf52f710237ff5b7722158b354da67bf477fa223d25-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:38 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.571579,VS0,VE134
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10737
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js

104.17.25.14

200 OK

126 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
126 kB (125841 bytes)
Hash
268d19762594655239a29d058a7e8b44
f06da2f7a68114b8dda38a0d782d65ddacc9c0e8
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618

HTTP Headers

GET /ajax/libs/ethers/5.6.9/ethers.umd.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sandboxclaim.web.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 15:48:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 125841
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62ad87d5-1eb91"
last-modified: Sat, 18 Jun 2022 08:07:49 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 477119
expires: Sun, 17 Nov 2024 15:48:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBN54XkSY2c%2BCllSiNBIF2XPL2%2F0y2WDZVWc31TVSuQMmNN1ONw1rUyP0CxGLdwfZq5mt%2F461FhRoH3yll3DEx4p9sbvMRTdvmQg4OqCvus%2FFNmafhLG3635L55Nyf7dzESUOVAA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82d3c1a0797e712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sandboxclaim.web.app/sandbox_files/lazysizes.min.js

199.36.158.100

200 OK

3.2 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/lazysizes.min.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (7862)
Size
3.2 kB (3152 bytes)
Hash
45bacd312d5098b4b59f563d8756c15d
fa55e2cff078381e5365d95782a95a787d0b7192
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/lazysizes.min.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 3152
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "e37f13fe488d0a14d7dcd7541e65760f9b45b176e73ebad307b8d636d8f0f2e4-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.074010,VS0,VE48
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

code.jquery.com/jquery-3.6.0.js

151.101.194.137

200 OK

85 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
85 kB (84714 bytes)
Hash
2849239b95f5a9a2aea3f6ed9420bb88
af32f706407ab08f800c5e697cce92466e735847
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

HTTP Headers

GET /jquery-3.6.0.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sandboxclaim.web.app
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-46744"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
age: 6385903
x-served-by: cache-lga21935-LGA, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 117, 25529
x-timer: S1701186519.137163,VS0,VE0
vary: Accept-Encoding
content-length: 84714
X-Firefox-Spdy: h2

sandboxclaim.web.app/sandbox_files/bootstrap-datepicker.standalone.min.css

199.36.158.100

200 OK

1.8 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/bootstrap-datepicker.standalone.min.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (16088)
Size
1.8 kB (1842 bytes)
Hash
84c1ffd4a627956197d3757fb94c3eed
1504460356c567aa016003d905fd640115dda245
64888b36e7f774ca0ac03146104351b6e99670b7d5ee5b01b15de6fbde1b1dd8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/bootstrap-datepicker.standalone.min.css HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1842
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "65217e772987be728083eafcde325b4a0c0e369120c197951b9d8ae499f336df-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.061617,VS0,VE108
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/2.14-landend-base.css

199.36.158.100

200 OK

12 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/2.14-landend-base.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (44747)
Size
12 kB (11759 bytes)
Hash
598830b2b24067dd816773546ee2990c
b2979c8328ab50bcdc25e93f60ef030b214b7918
1a9478dc265e8889151ba37d3fa17b14d6bc5921d37c4b084179d0ede6ce9fee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/2.14-landend-base.css HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 11759
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "3fc767d25c10ac427e97c1ee3291ff7a74d74f5180242ea940783ddd5fc7448e-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.064423,VS0,VE108
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/css

199.36.158.100

200 OK

532 B

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text
Size
532 B (532 bytes)
Hash
6abc52b5c9f165ebafcbec1652ea266b
e0376c85528ffe1d9a36876c59b3351523bf3ead
d3ecb2e0d8c4a0a79cf06c09a5b9c5fba506713d5f267c9073bd318c4ce0512a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/css HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 532
cache-control: max-age=3600
content-encoding: br
etag: "d5eadabe0dcc82c08c7d5540f2102ac51877b436cbaa2f28eeb986d6c8710cf1-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: text/html; charset=UTF-8
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.062203,VS0,VE142
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/bootstrap-datepicker.en.min.js

199.36.158.100

200 OK

227 B

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/bootstrap-datepicker.en.min.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (497), with no line terminators
Size
227 B (227 bytes)
Hash
011a9b7c2ec2a6824e542dd74ac45694
ad87efd2879cd55581d8389ce4233646a6f5ae85
fb4b4b282db9c7841db44b614a95a41c12b0b8692d2b0c268308f8906c8bd82e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/bootstrap-datepicker.en.min.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 227
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "f4eb248c174d6f118dc7714bc972411cb6b5a11a6272df80907ac68325a18ab1-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.120038,VS0,VE87
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/install-code

199.36.158.100

200 OK

0 B

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/install-code
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/install-code HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 0
cache-control: max-age=3600
etag: "46b50c321b39e89a491b6727a01628c34245605a30beb3e7414c5e01cff90e6e"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: text/html; charset=UTF-8
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.074829,VS0,VE134
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/wow.min.js

199.36.158.100

200 OK

2.1 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/wow.min.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (7052)
Size
2.1 kB (2116 bytes)
Hash
5fa2e4b6acb5db11843b66b812040de3
13895175fe8fc3bb341af017a197ce8599e59451
36a88df037dc6c940450a9e251a34c9321d76d894d3d1734ee8cede45028d84c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/wow.min.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2116
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "85ffb24b18d791581dc216f2b78d60fbeaa2b5a06dcfbb2e0374fe2010123aaf-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.098700,VS0,VE124
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/jquery-1-9-1.min.js

199.36.158.100

200 OK

29 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/jquery-1-9-1.min.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (32089)
Size
29 kB (29403 bytes)
Hash
397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/jquery-1-9-1.min.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 29403
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "e6c52f309e3eb9d74564fa159a6eaeb339e303e092fe1631037200b90090da58-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.115273,VS0,VE124
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/partner-map-lands.webp

199.36.158.100

200 OK

37 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/partner-map-lands.webp
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
37 kB (37119 bytes)
Hash
2079bb0456470423c0e6e9036d25e0fc
280f69700194af411a616375287ea2ae035581e5
357e2d121fe88d47670547cefacd1258468ac20f6a98247a1e8974c06b94e567

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/partner-map-lands.webp HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 37119
cache-control: max-age=3600
content-encoding: br
content-type: image/webp
etag: "ca91ce0c3c5692bfacc7448b4f047ef832f8532a89992d7fa06143aec9e1b837-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.115295,VS0,VE129
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/iframe.js

199.36.158.100

200 OK

328 B

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/iframe.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text
Size
328 B (328 bytes)
Hash
08e7dba52efac01db56cdad46873950e
1f3aced06b904893f3c309fba03ef59cd48be993
5fe71fc75f373e0fd8bd01bd38d62c5d2f645cfa0c47e52349b78c93c451ebd5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/iframe.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 328
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "8b95e0c10ff8403c925b87c4251c8356f0d55cc37117fbb94e23fefa810e5f83-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.120037,VS0,VE126
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/bootstrap-datepicker.min.js

199.36.158.100

200 OK

8.0 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/bootstrap-datepicker.min.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (29442)
Size
8.0 kB (8017 bytes)
Hash
56af4a1070c0bf5925f71c115c1138bc
d38e875cd7f79c752ca84407c35787a23045740d
6f39f3d788c70831d45519da1c119524a729001443d627ae292d750bf0d44c99

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/bootstrap-datepicker.min.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 8017
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "de5531330ce49ad4ccf1bc386483e9b374cd0f996183639e2a5626c0d405dd7f-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.120045,VS0,VE129
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/webview.1.0.2.js

199.36.158.100

200 OK

619 B

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/webview.1.0.2.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (818)
Size
619 B (619 bytes)
Hash
1bc11b91f3b1e13804be25d2fd8c601d
22966b0c4dce0cfb3c09713df7a2263b1f8851af
82e87a7fa8439196d6a256c7108740bd6821f5c1e7adfe662cdcb15affee1508

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/webview.1.0.2.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 619
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "e42416d242780237f116a657f9a93457e9ad25e4ad2a29df1e6031ffe1e96d10-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.115253,VS0,VE136
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/landend.bootstrap.min.js

199.36.158.100

200 OK

1.5 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/landend.bootstrap.min.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (4762)
Size
1.5 kB (1481 bytes)
Hash
caae3dfb363221461dc59ab8dca8497b
1f548f8e59a16f9493a1b858af53b910800210af
4583cd757370087234ad06c45153007d939ab1da7032cc329b5b4b55681d61c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/landend.bootstrap.min.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1481
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "b0dcb6659128f238369506196a131bcdba275c04c7bae73ba4870d0ae0705266-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.115267,VS0,VE138
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/files.js

199.36.158.100

200 OK

330 B

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/files.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (784), with no line terminators
Size
330 B (330 bytes)
Hash
e48522cea4e18d818a7222d782aa9932
97c502a3d845ac1a1ca829bd8d898c4eb297e429
46bad547480f9d36f1fae5c9e78baa33c70341dbe827afca68a5202c2cb2f7f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/files.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 330
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "691048ca4f6c973f171f20deb66d595220c8dca56dca7d7961ce8c9aa967a2bc-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.115239,VS0,VE141
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/t.js

199.36.158.100

200 OK

84 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/t.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (52447)
Size
84 kB (83658 bytes)
Hash
e5fd00de2b1d2d2fd4dabd8cb7974f66
59c578233ed27584730cd53087fc081240a5a6d0
97a1de5eb0706d021433ca7515b48ae1425c0cf089813ed13530588e5bceb2b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/t.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 83658
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "3d7651cd99985b2f2a6d35c975f80a4b622478fbdfdc1afd6c25b7335049d048-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.073121,VS0,VE188
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/g.js

199.36.158.100

200 OK

62 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/g.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (15071)
Size
62 kB (62217 bytes)
Hash
85937a435c8196ca4a045d4d1e0a64f4
5e2e34b6628cb3285901fae607b44fc87d9ba9ad
e8b6c82d5ebc6615385fec868f6a4dc5a64ab20591543bbe198090463fc1e577

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/g.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 62217
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "9c60ecd71f58986c1b1fbd6f39bff5ef7bdf5c0fcb58308883b0f309986fe080-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.120783,VS0,VE150
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/base.css

199.36.158.100

200 OK

13 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/base.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
13 kB (12575 bytes)
Hash
fda4d0fe8ecdee07d9d8f6f7b449f30f
587aa70776535e24e98c49309b4bdf3448a61ae0
6a91b045b61a56c65db23ab12090cc60c43ad35eb0579eb28a0d5a3a52b43596

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/base.css HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 12575
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "4815f67a0dca2a8fe4fb3de90f7222928353e285790389467481fc742c1b828e-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.066075,VS0,VE221
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/js

199.36.158.100

200 OK

11 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3553)
Size
11 kB (10737 bytes)
Hash
c99254df31ba96cd597a37b65ced7baf
6b54f61075a52c98d4b18e36d0305861d0f49b9f
06f5a9ceeb82eb2e0e0bc4543eea03b61aed31eafe45f4844a3875a3b78b2732

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 10737
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "8b267dcbc8391dc1e5d52bf52f710237ff5b7722158b354da67bf477fa223d25-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.069970,VS0,VE227
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/analytics.js

199.36.158.100

200 OK

18 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/analytics.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (1325)
Size
18 kB (17975 bytes)
Hash
fda30e8a22c9bcd954fd8d0fadd0e77c
ae47cd34cbde081a48d7f92fc80aaf06a1381193
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/analytics.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 17975
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "cf4cb1035391c8fe37dcc3c32f5b9f73f6159a77f68ae2306fecc49e6aa377b3-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.070727,VS0,VE211
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/saved_resource

199.36.158.100

200 OK

17 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/saved_resource
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
PNG image data, 700 x 394, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16812 bytes)
Hash
d9fbed0106979c8b4b40f0b6ffb771bc
5ed5ee732332383269d578ffcf4a7cc3d6e1d117
38b66b800d1a15f52a06eb9aaa7d25293ed910af860b14a10dd59189688188d3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/saved_resource HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 16812
cache-control: max-age=3600
content-encoding: br
etag: "4859dbe76eb7c63d550e4783a8ee142a99e363b382b1a55bc496ac4849800dee-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: text/html; charset=UTF-8
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.107359,VS0,VE178
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/jquery.form.min.js

199.36.158.100

200 OK

5.7 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/jquery.form.min.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (16246)
Size
5.7 kB (5722 bytes)
Hash
9e3333ab37cbd7849dc647669aa0ca12
6f676b2df2717b03559df71c149ac55b9ddd74ad
d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/jquery.form.min.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 5722
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "1af19928500e31e40f103c9856fb9db7ad7035b31c0291517f28e61b8f50cd6d-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.115660,VS0,VE204
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/blinkloader.min.js

199.36.158.100

200 OK

3.0 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/blinkloader.min.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (539)
Size
3.0 kB (2999 bytes)
Hash
810637653b8b6681622cbbfa20307826
40d3c471af908bbfe4a9c7ed43a287df8ba9fb9c
46ef20c3bf16f3011c2c15cfd31558eedc534b0969264691d6ab0ca887f5303f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/blinkloader.min.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2999
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "c3aacf38bedf80a701553f75d8954cc0ebcfa357121d8ec8758a96ad6e448f1b-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.075629,VS0,VE246
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/landend.min.js

199.36.158.100

200 OK

3.2 kB

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/landend.min.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (9393)
Size
3.2 kB (3208 bytes)
Hash
0247ac78ea1c88c321a4ad5b87ef70cd
bb61b23bef594927c7f4ed78dbcd935ddefdbd9e
960495014a6c7da1a533d57936ac92069271df616a84fe37c7f015b86f2c8087

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/landend.min.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 3208
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "479cd2d7ab85be95dd31c26b522c4344c077cf509c4bf9abea965563abedf5b1-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.115626,VS0,VE226
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/polyfills.js

199.36.158.100

200 OK

214 kB

URL GET HTTP/3
sandboxclaim.web.app/polyfills.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
data
Size
214 kB (214355 bytes)
Hash
28d9b898a17e79c233c229cf44b0dc49
27d0904eb207055e32a0724befde625d47e326db
50e89d19f3645eac80878150e9fcb997e99bc7c296b330ebe87b46eae993b00a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /polyfills.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 214355
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "4b7d5e70bce02f8ea2476fbc38da2639152e8868158c93f74fd3e129612f66d0-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.098704,VS0,VE245
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/The_Sandbox_Logotype_white.svg

199.36.158.100

200 OK

794 B

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/The_Sandbox_Logotype_white.svg
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (2505), with no line terminators
Size
794 B (794 bytes)
Hash
43380ae9bb626b80a410fb26fd308f72
9c00804c235baaa5c306029f39bf3f1b9503334d
b871bbdd383cbd7d274d41d269728db7e0d7e9a1ea551a8a4956b3d7b408a859

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/The_Sandbox_Logotype_white.svg HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 794
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "0cea6bae81ff050ffd7899118343deeb67662b6a07c4b27bbd11bfc5d507d65b-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.098656,VS0,VE252
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

s3-eu-west-1.amazonaws.com/landingi-ftp/script/wow/v2/animate.min.css

52.218.37.51

200 OK

63 kB

URL GET HTTP/1.1
s3-eu-west-1.amazonaws.com/landingi-ftp/script/wow/v2/animate.min.css
IP
52.218.37.51:443
ASN
#16509 AMAZON-02

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
FingerprintC9:E3:6A:76:8E:ED:67:6D:A1:F8:D3:4A:06:A4:67:99:6D:65:49:2E
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 12 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (61877)
Size
63 kB (63333 bytes)
Hash
413e85bb0fdc3d5983ac1d2f6e4c7d58
4bcdbd471f253d8d74855957a695abcd443e58c6
e189c08fb2fabd1f50882a2a6b7dd52da80c65a3a345ba34ebb42552dbc297e8

HTTP Headers

GET /landingi-ftp/script/wow/v2/animate.min.css HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 5AJ+1le8gm7Zjw7U9hwOz9WKpqPAuWWBau8GDQsWKNB9YixSk9KbexI50GcAJY+11kqXH2uQOvM=
x-amz-request-id: 973T97X99JW58K7J
Date: Tue, 28 Nov 2023 15:48:40 GMT
Last-Modified: Wed, 22 Jul 2020 09:24:52 GMT
ETag: "413e85bb0fdc3d5983ac1d2f6e4c7d58"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 63333

sandboxclaim.web.app/sandbox_files/Montserrat_Extra_Weights.css

199.36.158.100

200 OK

164 B

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/Montserrat_Extra_Weights.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (580), with no line terminators
Size
164 B (164 bytes)
Hash
cd6cb12bf630fd8b25bfab85653f7afd
a217945629b32500b75622dbdb6e29805f9ada9c
a4763752dbb1cbd20ce73b743fa8d60fc2d30cfb6eded55c3b33c902584fbe83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/Montserrat_Extra_Weights.css HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 164
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "a78fc9a35ebadea23848fd9c46084bddf968cdae67c53fc006e9eb0b39fa6f0f-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.062791,VS0,VE299
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/sandbox_files/validation.js

199.36.158.100

200 OK

801 B

URL GET HTTP/3
sandboxclaim.web.app/sandbox_files/validation.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (2583), with no line terminators
Size
801 B (801 bytes)
Hash
04525baaa773e84bc814af97fe0a0798
6cfefd41a3d89af5307505878f13870ff2dcbc4c
222b64d1120f080670366757751a6e01b1a06c4e3b2f04c6fc21b0fd37b8007b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sandbox_files/validation.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 801
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "cc689a40b9c452bc89a69c80b1c467f9a3fa137796c24ff51e986017c8de608d-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.115627,VS0,VE265
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/webpack.js

199.36.158.100

200 OK

261 kB

URL GET HTTP/3
sandboxclaim.web.app/webpack.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (26309), with escape sequences
Size
261 kB (261285 bytes)
Hash
d3957122c69d973fc5500b59915ac6f2
d6da872695cb86b2e14e4e99b9325f7dabbe7892
0c0baa09a03412bf32dd5acaf0c62c332078efd942a307c751d6809e50507543

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /webpack.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 261285
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "45d82e91119e25cf1f5989f3c049de61ea895898d0715d1f67d5c7eedaf0c809-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.090489,VS0,VE295
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sandboxclaim.web.app/common.js

199.36.158.100

200 OK

1.0 MB

URL GET HTTP/3
sandboxclaim.web.app/common.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint91:91:14:02:FC:83:4D:86:C4:39:E9:2F:0A:4D:72:FC:05:07:86:F3
ValidityMon, 13 Nov 2023 20:32:12 GMT - Sun, 11 Feb 2024 20:32:11 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
1.0 MB (1008960 bytes)
Hash
70ca07e58613d65827cc86ff92168ff6
9e237484033a922a3c3f0d384e9c800b033b20f0
17ecfc3954581b5d75b425d3b8e11cf8d85d0da339a1cf3942cf3a6d9fde0f85

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /common.js HTTP/1.1
Host: sandboxclaim.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1008960
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "208a31b5e31f29da301ccb8adbe8c84160c93292be43a2eaa774652c6820e74d-br"
last-modified: Tue, 06 Dec 2022 14:33:02 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 28 Nov 2023 15:48:39 GMT
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701186519.090540,VS0,VE329
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ucarecdn.com/libs/blinkloader/3.x/blinkloader.min.js

95.101.10.43

200 OK

3.4 kB

URL GET HTTP/2
ucarecdn.com/libs/blinkloader/3.x/blinkloader.min.js
IP
95.101.10.43:443
ASN
#20940 Akamai International B.V.

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerLet's Encrypt
Subjectcps3.ucarecdn.com
Fingerprint7A:34:28:F8:32:49:96:26:85:46:A8:B5:F4:76:95:81:37:8C:46:C5
ValidityMon, 13 Nov 2023 09:12:11 GMT - Sun, 11 Feb 2024 09:12:10 GMT

File type
ASCII text, with very long lines (539)
Size
3.4 kB (3371 bytes)
Hash
810637653b8b6681622cbbfa20307826
40d3c471af908bbfe4a9c7ed43a287df8ba9fb9c
46ef20c3bf16f3011c2c15cfd31558eedc534b0969264691d6ab0ca887f5303f

HTTP Headers

GET /libs/blinkloader/3.x/blinkloader.min.js HTTP/1.1
Host: ucarecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 3371
access-control-allow-methods: HEAD, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 14:31:31 GMT
server: Uploadcare
etag: W/"810637653b8b6681622cbbfa20307826"
cache-control: public, max-age=3285
date: Tue, 28 Nov 2023 15:48:39 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

tagmanager.landingi.io/account/f6252696-d5df-11e8-af02-02cbf204825c

54.230.111.100

200 OK

2 B

URL GET HTTP/2
tagmanager.landingi.io/account/f6252696-d5df-11e8-af02-02cbf204825c
IP
54.230.111.100:443
ASN
#16509 AMAZON-02

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerAmazon
Subjecttagmanager.landingi.io
Fingerprint5B:9F:64:DD:48:E3:78:C9:0E:C6:BE:33:49:0B:BC:92:13:A2:FA:2A
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
9d4568c009d203ab10e33ea9953a0264
dd29ecf524b030a65261e3059c48ab9e1ecb2585
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

HTTP Headers

GET /account/f6252696-d5df-11e8-af02-02cbf204825c HTTP/1.1
Host: tagmanager.landingi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sandboxclaim.web.app/
Origin: https://sandboxclaim.web.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
content-length: 2
date: Tue, 28 Nov 2023 13:50:26 GMT
x-amzn-requestid: 26d84038-9cc4-4512-9eb3-0210861e0692
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: PHJ1VHbEDoEEneA=
access-control-allow-methods: GET
x-amzn-trace-id: Root=1-6565f021-00ec5804348f292211d202ed
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: e2nSIeb6Eno7BZjgbGAynOsg_AQ_dQcQIOt-940zBOeUWiK4KCVdyg==
age: 7093
X-Firefox-Spdy: h2

t.sandbox.game/t.js?id=GTM-K5P9HVW

216.58.207.211

200 OK

130 kB

URL GET HTTP/2
t.sandbox.game/t.js?id=GTM-K5P9HVW
IP
216.58.207.211:443
ASN
#15169 GOOGLE

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectt.sandbox.game
FingerprintB9:BE:FD:13:13:57:49:C9:00:FC:8D:DF:74:73:97:E0:3E:A2:0A:EB
ValidityFri, 13 Oct 2023 05:08:29 GMT - Thu, 11 Jan 2024 05:56:39 GMT

File type
ASCII text, with very long lines (56183)
Size
130 kB (130306 bytes)
Hash
b0dec3709919957bde96dceb6d970110
7c7a4d6aa83934a5e730a9c8935c7e7fb0fc7aec
6e9e1a695f87fbe9c7a6f8c244e86c77230ad192a078ffd5e15eabadc1adb9f7

HTTP Headers

GET /t.js?id=GTM-K5P9HVW HTTP/1.1
Host: t.sandbox.game
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 15:48:39 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
last-modified: Tue, 28 Nov 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
x-xss-protection: 0
content-encoding: gzip
via: 1.1 google
X-Firefox-Spdy: h2

s3-eu-west-1.amazonaws.com/landingi-editor-uploads/jJt57h9G/favicon.ico

52.218.37.51

200 OK

1.2 kB

URL GET HTTP/1.1
s3-eu-west-1.amazonaws.com/landingi-editor-uploads/jJt57h9G/favicon.ico
IP
52.218.37.51:443
ASN
#16509 AMAZON-02

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerAmazon
Subject*.s3-eu-west-1.amazonaws.com
FingerprintC9:E3:6A:76:8E:ED:67:6D:A1:F8:D3:4A:06:A4:67:99:6D:65:49:2E
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 12 Sep 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
930b8fcb8a41ba979aaa41236fd4636e
dbc87fa6593a9081b9fa1b2a04ed5861f2ef39c3
fef5a43514a3e447e3a1014c328dfba2392b326c854f70d29bf83b2a7fb8c748

HTTP Headers

GET /landingi-editor-uploads/jJt57h9G/favicon.ico HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: brBH+BAXssYKb/lzpIotQO0HDaxEpGjoOnLc3iR0klmLIkLejeYlKt0UK/lLAbptbB5NjgAz/CM=
x-amz-request-id: T17A737MENVNWB4Q
Date: Tue, 28 Nov 2023 15:48:41 GMT
Last-Modified: Fri, 22 Apr 2022 18:41:18 GMT
ETag: "930b8fcb8a41ba979aaa41236fd4636e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 1150

unpkg.com/web3modal@1.9.0/dist/index.js

104.16.126.175

200 OK

428 kB

URL GET HTTP/2
unpkg.com/web3modal@1.9.0/dist/index.js
IP
104.16.126.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (42390)
Size
428 kB (428153 bytes)
Hash
e0c60891548d18f595484a212aac9bd7
b66eefc0f6f622aac0da81034d8ca596d3b4339e
67ad2454feca6eb213f4a70cc588137e6bd21ad95c0eda2709faa2317ff90359

HTTP Headers

GET /web3modal@1.9.0/dist/index.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 15:48:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"68879-tm7vwPb2IqrA2oEDTYylltO0M54"
via: 1.1 fly.io
fly-request-id: 01HFZW6SXTHBYD5040J8D4G3NP-arn
cf-cache-status: HIT
age: 383441
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d3c1a09e125689-OSL
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/index.min.js

104.16.126.175

200 OK

1.1 MB

URL GET HTTP/2
unpkg.com/@walletconnect/web3-provider@1.2.1/dist/umd/index.min.js
IP
104.16.126.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
1.1 MB (1062220 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /@walletconnect/web3-provider@1.2.1/dist/umd/index.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 28 Nov 2023 15:48:39 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"10354c-SQkpH4nf0Fs213c6eRJ65TZA0Lo"
via: 1.1 fly.io
fly-request-id: 01HFTQQV529Q03VN6BX5MQ4S99-arn
cf-cache-status: HIT
age: 555897
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82d3c1a09e165689-OSL
content-encoding: br
X-Firefox-Spdy: h2

bat.bing.com/bat.js

204.79.197.200

200 OK

46 kB

URL GET HTTP/2
bat.bing.com/bat.js
IP
204.79.197.200:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://sandboxclaim.web.app/
Certificate
IssuerMicrosoft Corporation
Subjectwww.bing.com
FingerprintA5:EC:34:1F:AB:B3:69:71:54:88:69:BA:64:CC:E2:9B:32:B6:65:CD
ValidityTue, 24 Oct 2023 07:42:22 GMT - Sun, 21 Apr 2024 07:42:22 GMT

File type

Size
46 kB (46104 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sandboxclaim.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13175
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ranges: bytes
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7EFE5262A0374D7095785E080026E67A Ref B: OSL30EDGE0514 Ref C: 2023-11-28T15:48:40Z
date: Tue, 28 Nov 2023 15:48:40 GMT
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations