| r10.o.lencr.org/ |  23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5c35a3180482afadf4e89f4cc249fa7b 8a088c184606fe3e4e0da8cd90b6eb5e6d30fb97 146fe131cf8436e3de4832a23b351400b4819dbd9b9716302248d3ab447f000c
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "146FE131CF8436E3DE4832A23B351400B4819DBD9B9716302248D3AB447F000C"
Last-Modified: Sat, 15 Jun 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5748
Expires: Sun, 16 Jun 2024 22:54:01 GMT
Date: Sun, 16 Jun 2024 21:18:13 GMT
Connection: keep-alive
|
|
| listeamed.net/assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c |  188.114.96.1 | 200 OK | 8.1 kB |
URL GET HTTP/3listeamed.net/assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c IP188.114.96.1:443
Requested byhttps://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typegzip compressed data, max compression, from Unix Hash2c391341a7cdf4bb15a56966cad3b9b1 622d1fdb6db1a39ce3aa19d471fe319cd9475c41 f268219c8d06beaaf98f565ef805cd71785c0e63da29817189afb249d1fc146f
GET /assets/css/main.css?id=5fd3d01499b08b69f2032a864a46f45c HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 16 Jun 2024 21:18:14 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 29 Jan 2024 14:24:15 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 3582
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tkLsQvk63KL7m0f3y8ISHEgN%2FO4%2FOQhHsrcFLMwPSVy5A9XqTObSl1SdauHOnUvk2jimDTKUreomszuXgtQlv7EH3EZK%2FvWeIQBAFLvISVOVpdssQsn9BNHbLl3EDDEs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894dd4c9cf900b41-OSL
alt-svc: h3=":443"; ma=86400
|
|
| listeamed.net/assets/css/icons/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf | 188.114.96.1 | 200 OK | 112 kB |
URL GET HTTP/3listeamed.net/assets/css/icons/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf IP188.114.96.1:443
Requested byhttps://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 112440, version 1.0 Size112 kB (112440 bytes) Hash31e1300d419245fd27614630601dc74d 3a284b0618771f29da8eb6be900e99439253dce0 c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764
GET /assets/css/icons/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 16 Jun 2024 21:18:14 GMT
content-type: font/woff2
content-length: 112440
last-modified: Fri, 26 Jan 2024 07:27:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFDjkOLXuukw63d7is14n92E6e5cjgPaJ3rDTxNSXhAws8Fm4F4zEnot8LcEdvB96a%2BZGjbI8YnNLUCcNElH8M9YwmpGfwBcB28aWpgSomm2jDuCiPC6jCjc1jv%2FtPLS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894dd4cb995e0b41-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2 |  216.58.207.227 | 200 OK | 30 kB |
URL GET HTTP/2fonts.gstatic.com/s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2 IP216.58.207.227:443
Requested byhttps://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintAF:F4:F6:EB:DF:C2:EE:A0:DE:57:2C:A6:2A:38:0A:B9:6B:0A:4C:D4 ValidityMon, 27 May 2024 07:29:09 GMT - Mon, 19 Aug 2024 07:29:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 30240, version 1.0 Hash2a51724cb1aefe32e3183a8e138189cc c8f36c7eee7c868b5cba392e353d47180643f5f1 964dfe7c512a6166c71c6c9791d84a9ce38c192f66e596dbc507114024a5c431
GET /s/heebo/v26/NGS6v5_NC0k9P9H2TbE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://listeamed.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30240
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Jun 2024 04:48:21 GMT
expires: Sat, 14 Jun 2025 04:48:21 GMT
cache-control: public, max-age=31536000
age: 232193
last-modified: Wed, 31 Jan 2024 23:13:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ | 188.114.96.1 | 200 OK | 32 kB |
URL User Request GET HTTP/2listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeHTML document, Unicode text, UTF-8 text Hash962f2b6a5825fc7da2ac2970c74c8431 d04af513cbd4d99482300acdd3c8cc7515c2c94d 6e4958413c1dd3d3adb78857b65baf89b7255fd281d5849d8b0f3e4b5d390789
GET /d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 16 Jun 2024 21:18:13 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yl%2FdoGhPsoU%2Fsu56fM9LoDst88W2hc0jIZYyLJcyH2snafgbj6uDTs5dVQE8AZqqqIvx4nSArRPoto611Vkf8bMVULZMNL8VjL76xx%2FLGURIhsFfZihUa4ujKi1L0uJx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894dd4c62b390b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| listeamed.net/assets/js/captcha.js?id=36fa16859e54f7f19c7f5130212da67a | 188.114.96.1 | 200 OK | 23 kB |
URL GET HTTP/3listeamed.net/assets/js/captcha.js?id=36fa16859e54f7f19c7f5130212da67a IP188.114.96.1:443
Requested byhttps://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typegzip compressed data, max compression, from Unix Hash86d06ee48d51afdac3c48c4014f7cfdf 608036f33bfab505570faca08c776bb0ef524fe0 bca3de9f09592ad384c10c4d90f20e65f59ade3063570a49bd89449ef412dfd3
GET /assets/js/captcha.js?id=36fa16859e54f7f19c7f5130212da67a HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 16 Jun 2024 21:18:14 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 24 May 2024 00:26:52 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDJRc3pCSGiIE2f4mAN1UGaeFlcSW4olIl73rdNfs4PwRulWimzfCqSDEU1GDhySQGQ32AW%2FaXdNa6Ed1yo%2F8lqy7udkrOTbbIi5nWQnQL2xjlA5i7LReYETzxOvneUW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894dd4c9df910b41-OSL
alt-svc: h3=":443"; ma=86400
|
|
| oaphoace.net/401/6424058 |  139.45.197.239 | 200 OK | 40 kB |
IP139.45.197.239:443
Requested byhttps://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ CertificateIssuerLet's Encrypt Subjectoaphoace.net Fingerprint5A:77:51:1A:03:0F:F3:58:DD:3F:3C:DA:AA:4A:F9:55:B5:FD:E6:C4 ValidityTue, 09 Apr 2024 21:43:25 GMT - Mon, 08 Jul 2024 21:43:24 GMT
File typegzip compressed data, max speed, from Unix Hashc6a2908b25084d57eeadc71cc42f1195 40dd3fdbaa6f01aaa169fe8746db20cfb1e63d36 05a19c1f65136620aae91f6501bc9fad8fe8a2ae49bee9cf579539c222e9056b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /401/6424058 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 16 Jun 2024 21:18:14 GMT
content-type: application/javascript
x-trace-id: f2d704ab9336e15acc0ea9bf35c007ab
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=03007d3e69ac4b71e0f2531699b0b984; expires=Mon, 16 Jun 2025 21:18:14 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| listeamed.net/assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85 | 188.114.96.1 | 200 OK | 89 kB |
URL GET HTTP/3listeamed.net/assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85 IP188.114.96.1:443
Requested byhttps://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
Hash91f7cf4a3d3f0660b4e3914e5ac9298a 6e12e1ebcd983f848e5c280ab77649eeb44e74bc f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638
GET /assets/css/icons/bootstrap-icons.css?id=4ae28873f5f5353c4c8d8aa129590f85 HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 16 Jun 2024 21:18:14 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 3583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IbsthuNtFmA4gz5SeVy1fNd8iW2PejfARFQb4J%2FhZWEgRk2ibobjWOQiSDwa0Ll1vu6ym07zV089bRHV3GCSJ9y%2BX8mYUykyMSaLNzIQAemzJqeaJyu970e8P06DqbL2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894dd4c9cf8f0b41-OSL
alt-svc: h3=":443"; ma=86400
|
|
| listeamed.net/assets/js/download.js?id=dfdfbd13d065f705584068443d56ccfe | 188.114.96.1 | 200 OK | 10 kB |
URL GET HTTP/3listeamed.net/assets/js/download.js?id=dfdfbd13d065f705584068443d56ccfe IP188.114.96.1:443
Requested byhttps://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeJavaScript source, ASCII text, with very long lines (9963), with no line terminators Hashf878b21aed165b31c6c916e07c8c2a75 0f811605469ddb24d176041ba9d312deaad47ad9 cd8d96ba48a2cdd24f969b3b0341953d7f3ab75074c25f3a4e35becc92efe662
GET /assets/js/download.js?id=dfdfbd13d065f705584068443d56ccfe HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 16 Jun 2024 21:18:14 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 24 May 2024 00:26:55 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JsT%2F8ePVOn61wsmsmU%2BOFK%2FIDcDejGmIRpCoMXlhNB7bZHETs5vz%2BjjIPZt8q%2BxtVAGf0%2Bhd2Jef9JUVq1o8iYIE4a2Ne%2BvkpmzPtrS8KNOFNX7TmJH2AK4v3%2Bu2cvLu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894dd4c9df940b41-OSL
alt-svc: h3=":443"; ma=86400
|
|
| heardaccumulatebeans.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js | 192.243.59.20 | 200 OK | 84 kB |
URL GET HTTP/1.1heardaccumulatebeans.com/51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ CertificateIssuerLet's Encrypt Subjectheardaccumulatebeans.com FingerprintEA:CF:FA:DC:D7:02:67:CB:90:0D:7E:97:A5:4F:5A:F3:1E:33:3A:8E ValidityFri, 24 May 2024 09:02:21 GMT - Thu, 22 Aug 2024 09:02:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash4b7a950789d548284cbaa4991d744727 96d307d42a8a52622ca0eef2c30e6cf494416e2a d541e97bc4230335448671ff1c06c4e8ea44d4b1072029e44a0d5d3ac53e4036
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /51/1a/5b/511a5b14f9f9525cf33f9e93d660853b.js HTTP/1.1
Host: heardaccumulatebeans.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Jun 2024 21:18:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 178a1d0363f2a2da9eb1903bb07d5946
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fonts.googleapis.com/css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap | 142.250.74.106 | 200 OK | 43 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap IP142.250.74.106:443
Requested byhttps://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com FingerprintF2:70:F4:02:94:58:08:9B:B8:DA:5D:47:F4:4D:59:66:71:5E:34:8E ValidityMon, 27 May 2024 07:29:09 GMT - Mon, 19 Aug 2024 07:29:08 GMT
File typeASCII text, with very long lines (1572) Hash3e32afaeab15a05db2c05ffbc64301d4 16263be6088f307dacc812b4db01f4e5be4cf122 659fcc80b9999153ced6cbc81530b538d814fb0a4a4029f3d0576744dc445184
GET /css2?family=Fira+Sans:wght@300;400;500;600;700;800;900&family=Heebo:wght@300;400;500;600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 16 Jun 2024 21:18:14 GMT
date: Sun, 16 Jun 2024 21:18:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| listeamed.net/assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a | 188.114.96.1 | 200 OK | 195 kB |
URL GET HTTP/3listeamed.net/assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a IP188.114.96.1:443
Requested byhttps://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
Size195 kB (194901 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/css/bootstrap.min.css?id=cb4551534d3284d048285a8c45fa269a HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 16 Jun 2024 21:18:14 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 26 Jan 2024 07:31:58 GMT
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 3582
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fl0527tPlg3wbv0HxpUSAl5EwtGLqTdHhARt5yKE8fHjDcpWzmdOPv6hLK2dtQUSshZBIkFUOSBj1g1Cr8epJrzjmVWxURZdBOdB0ZFSNJZrNF0klcwso4tsl0k2u%2BQr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894dd4c9cf8d0b41-OSL
alt-svc: h3=":443"; ma=86400
|
|
| listeamed.net/assets/img/favicon.ico | 188.114.96.1 | 200 OK | 15 kB |
URL GET HTTP/3listeamed.net/assets/img/favicon.ico IP188.114.96.1:443
Requested byhttps://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ CertificateIssuerGoogle Trust Services LLC Subjectlisteamed.net FingerprintD5:AE:F2:D1:CC:8E:63:47:EC:73:FF:C6:6B:32:FA:C9:0F:27:8E:C1 ValidityMon, 22 Apr 2024 08:48:48 GMT - Sun, 21 Jul 2024 08:48:47 GMT
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash7d9d17baaa54ab2b59859173c38f1a57 f383ac7a911d949ea75ebd07d8d95d5b231e9ea6 86fc3c09c4aec36ca788eabfda604e48d1ee61feb43a16371afab31f0cd2b48f
GET /assets/img/favicon.ico HTTP/1.1
Host: listeamed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://listeamed.net/d/edVqE4WMM8xYWmQ?referer=https://listeamed.net/e/edVqE4WMM8xYWmQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 16 Jun 2024 21:18:15 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 26 Jan 2024 07:33:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TvRnIkJfIUe%2FvV0OnfawKU7EEf2t17zNkh86sgIrzmFeWUZpzNlGDwkQ%2FT927D%2F9osiBfynk6SdgeOzHWGtkkmwazfk2USXEr6EI5Ogr%2BKzEk6ZpMDUFxE8OHOw4KqtT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894dd4d218190b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|