Report - www.google.ae/url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ==

Report Overview

Visited public
2024-10-29 17:59:07
Tags
Submit Tags
URL
www.google.ae/url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ==
Finishing URL
astronomy.radjobsoc.com/E5nT/#Dyuna.martin@checkmarx.com
IP / ASN
142.250.74.163
#15169 GOOGLE
Title

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.ae	23447	unknown	2012-05-22	2024-10-28	1.7 kB	2.5 kB	142.250.74.99
unclecosmosattic.com	unknown	2016-11-19	2024-10-29	2024-10-29	447 B	291 B	143.95.237.27
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-10-23	445 B	15 kB	104.17.24.14
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2024-10-23	5.1 kB	226 kB	104.18.94.41
code.jquery.com	634	2005-12-10	2012-05-21	2024-10-23	417 B	32 kB	151.101.2.137
astronomy.radjobsoc.com	unknown	2024-09-20	2024-10-15	2024-10-29	1.7 kB	22 kB	104.21.8.164

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-29	medium	radjobsoc.com	Sinkholed
2024-10-29	medium	radjobsoc.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (49)

	URL	From	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8da50e2f09c06a69&lang=auto	ScriptElement	122 kB	2024-10-29	2024-10-29
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8da50e2f09c06a69&lang=auto IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash ccdb3bd9cd9fe1b978afa5e2083efb9c ff53b008d420f8310a1c33d7a02c3d79931e68ce 8e19c6fcebbecac34c76594259539d6550d4289aacd7467c28ad6a530e3ace6c Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/	ScriptElement	3.5 kB	2024-10-29	2024-10-29
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash e2deac8ad7155af26e2fbe9bea0fb212 5bc9c987940af22a6b9e5a6bde1505f0366d347e 1164a6b65d91e1fa614dfede41d9af7120c7786bfb0e79ecd745c2521dd358b3 Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	ScriptElement	48 kB	2023-03-07	2025-07-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31 Last Seen2025-07-16 07:18 Times Seen117237 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?render=explicit	ScriptElement	48 kB	2024-10-21	2024-10-30
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?render=explicit IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-21 11:26 Last Seen2024-10-30 13:36 Times Seen2700 Hash 808a57cae0b6fee71f46efdded44b348 dd570a24c8bda1b391aa1ddea6004125818e579a 5b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f Loading...

	code.jquery.com/jquery-3.6.0.min.js	ScriptElement	90 kB	2023-03-07	2025-07-16
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 07:18 Times Seen244718 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	unknown	ScriptElement	1.4 kB	2024-10-29	2024-10-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash a37ebbafde73a166054944fdc9d4a79a c02861365341ab1c220f7eaa165a456d60c22178 e00fad27d006bbdfdd6408a163385deececdec424e6eb03031c9e0fdd60b1ddb Loading...

	astronomy.radjobsoc.com/E5nT/#Dyuna.martin@checkmarx.com	ScriptElement	18 kB	2024-10-29	2024-10-29
Pretty URL astronomy.radjobsoc.com/E5nT/#Dyuna.martin@checkmarx.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash c81363b81475d59cf089aa9e48e9932d 35c3b1a89d9ff1b160c9b3c245eb3922b29ff7cf 08564e08adbf73eb31c2a789df5e15f25db5fde85e886752eee25e06c0b2b9c2 Loading...

	unknown	ScriptElement	190 B	2024-10-04	2024-11-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-04 00:30 Last Seen2024-11-17 07:30 Times Seen1374 Hash 996895bb9e2f1fbaa2b6f7fcaa42606f 9490d23d3608eaad635e7fc6c37d47bdbe703edb 1cde1f1ca57dabf8053813d2d9ce9ead9ab7d0182feae260d57fd491d2cfe556 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8e1a2627c1f75090cbad70c0fb11bfd6	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 8e1a2627c1f75090cbad70c0fb11bfd6 35a181d26e936bad2252f0828cb1b1f3da1f6a43 d6bae1b743d5b25f4c8f2df18cc03a6ab9858b1d157ba107454d5ab0844319a1 Loading...

	#2 Eval - 6cf05f3f656bdec2374280c79e2be903	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 6cf05f3f656bdec2374280c79e2be903 9667ae49e419816736ff762bdd4d4ed6bc30197f 197722652da6ce557b581e15b2b82d65fdff8af5b07d724b6c8386780bfec73c Loading...

	#3 Eval - f01eb46aef963f068dc59bc05dc0f87a	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash f01eb46aef963f068dc59bc05dc0f87a 11236ef088229527ae4cc9c41a7f156026fbea4b a8a268d3fb344fcf958e5a6391501b1e87bd5e64da1c1246b9b63f44529e9f9e Loading...

	#4 Eval - 035a494c4ffa836d312f18b072610c63	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 035a494c4ffa836d312f18b072610c63 980c38d9ce9b380f33b3583ae38a23a64b4780b7 95dd82932777bef723b21260938cf082466b7af4a27fd7910c3d6a443ff147fb Loading...

	#5 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-07-16 07:23
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 07:23 Times Seen417289 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#6 Eval - 90abb72089cdbfe769d56da09fe212a2	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 90abb72089cdbfe769d56da09fe212a2 934b020dc9aaf0c6daf7411a4755ea73cdf8fb3f 1967e978ea7a1ec8c8169852863bfc1d5c865c0ee43b046790d11eb277480555 Loading...

	#7 Eval - 10b23b1ec07be061978f6ad148ef14eb	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 10b23b1ec07be061978f6ad148ef14eb 6f71a9c4241189c4c59be0e55179e0f735fe8737 ae2912d3dea10d928b78dabbb5ad6a57dbd0ce88da2f602db863f34a5a1bfdbb Loading...

	#8 Eval - 06e04e17f4f17101ec0f4a6c5569a81b	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 06e04e17f4f17101ec0f4a6c5569a81b b53756239f1e6a086f8775775affda9570aeaacc e93541e16b2ad53c94947d43e55301723643aa3688bf5a14b29b7d360e2d58c6 Loading...

	#9 Eval - 5548589c12a03d0cce744ef54eda05cc	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 5548589c12a03d0cce744ef54eda05cc 24c0667d924ff2acdaa4337c9f23724bc89e6c8b d59a4ffc83dcc8858a17e3f31539d579cd2bfc41cd6f6eb26c1875da02769afa Loading...

	#10 Eval - e269aa744417226a6ca912d1c76e4553	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash e269aa744417226a6ca912d1c76e4553 328cd5ec7f5f9d1ca68c338dfc0a3853a772c2bc e1a41bbcbf7d4f8fe23b2a78f40995e14ffa26a39bdf87fc3c3d2927fe1b9258 Loading...

	#11 Eval - f6e29dbc45e94c3221da5fa99b61f466	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash f6e29dbc45e94c3221da5fa99b61f466 82e21eb87adc8f9c46ff0d719c4e795da64e7b1d db3f0b63de3f0dbc0ba86e6c661d62b29844596fe5d89cfc1dfe69326f3ca6a4 Loading...

	#12 Eval - 6bf714dc3372b76e25a9e8d1b0cfd967	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 6bf714dc3372b76e25a9e8d1b0cfd967 c2c363b7a8ead7d25b308bf46b8787222a17840b f2ed3e67ee995694e589a66533dd00c56c174d7ed10ddc2abcdf35c361f56da4 Loading...

	#13 Eval - 9f6d2861f4050aed7e96d425a2c2b8d4	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 9f6d2861f4050aed7e96d425a2c2b8d4 fe29c445cd5cd155264c554bde45be796b4da89c e7e054e71d3bbefcd9671e256c012b90211a575a514b14fc3a000619b5d351f3 Loading...

	#14 Eval - bc459999934f1d205de725bc2520632d	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash bc459999934f1d205de725bc2520632d b4a120d0b67256f4d00762637ed8a17967c17804 338a86c8fec40fe418cb1a52eb69ad57720c3a5ed208199d62d831500054a268 Loading...

	#15 Eval - f6438a0d96b2403fb8ceb2c3bf537cca	60 B	2024-10-21 12:11	2024-10-30 13:36
Pretty Observations First Seen2024-10-21 12:11 Last Seen2024-10-30 13:36 Times Seen2602 Hash f6438a0d96b2403fb8ceb2c3bf537cca 6b3b8ae9fbdea3035dffbe255620feb49840d79e 562d5b52e7b08b28e5cc4ad458b20b40eccead6b484e5d640899e2fcae32083a Loading...

	#16 Eval - 51c74527df42e9239b75c053ac094905	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 51c74527df42e9239b75c053ac094905 4f194d5825c3fe4b5f7c98f56901abc5dbd79242 9cea0530290313cb1b9d0ac3e059336f335a37b55fa0f4929b4415f2a9151f55 Loading...

	#17 Eval - 39eb98ce60491f7afddf301c11a5a7aa	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 39eb98ce60491f7afddf301c11a5a7aa 4fb75378c789be092bf56cfa94e21a636b0df596 4467e44399b51a2549cc90dc5c48105b4c9f1d1f3a1baa784cb7499a1d1f27a5 Loading...

	#18 Eval - f0c7a57107842f23e0ccbdcc137c1979	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash f0c7a57107842f23e0ccbdcc137c1979 e57929007c545960bf0c4e28f2f5c7bed06d54a1 5740c71e3a43999a3afea992ed51371b7eda58563db0dd28d35bebcbeccfb3db Loading...

	#19 Eval - dc224770da5fe11fa1727903f1ce7d9d	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash dc224770da5fe11fa1727903f1ce7d9d 93964631483207d2b4dc02653ae2074887c00c2d 894900029a51335326fc878b7bdfcba6b1c80de062407e203322944c01ec5e4b Loading...

	#20 Eval - 197361dd70cbdeab98054a2fbe694522	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 197361dd70cbdeab98054a2fbe694522 5f3569dc187347c29b70b5dff89206fb50d2eb2d 6c4adcf097e8dce1568df45e0e345ad0d21dc0de6d9486ee71a089897a71c88d Loading...

	#21 Eval - 75b2e9bb4d8db27bc018c27126f88998	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 75b2e9bb4d8db27bc018c27126f88998 aa9046745f14d5deae93a578ca9a7ddec55edaaa a7d8cc0bed737ecccec092a3d30960329f3e823e49aa88b6c1baa83d6a2e669f Loading...

	#22 Eval - a35e0e6bcfbe6174690328a0f790c0ab	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash a35e0e6bcfbe6174690328a0f790c0ab bde30eb41ee8d2487e424df9fff6176ef628b133 89ab68e55d89dccd555d3cc9b34234de11eea417dfabbdf335bf328eebbc49a3 Loading...

	#23 Eval - c6c8c734b200af60669bb5101dfcdf83	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash c6c8c734b200af60669bb5101dfcdf83 a0166af68e9e7b0e1c66ea665985b1569af05885 7c1163ecf102579e210a5efc6447ea8c4751c0de9f4235fe4e18799c89fd4bc5 Loading...

	#24 Eval - ba3d2d656094ed2f7c88a0351fd6e621	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash ba3d2d656094ed2f7c88a0351fd6e621 7ce7d76ecdae309c01c00adf482a3db7ef41ead7 8eb9e69dec10b324112ed2702523822a68d564f2da32044e94a0e7f9eadcd9d3 Loading...

	#25 Eval - 77b8aba4a67a5655b955f4a2ddc33f17	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 77b8aba4a67a5655b955f4a2ddc33f17 6e5712ea21e2248dd1a76b6fcbe8b7dc8801ae72 08bb934b3d9bf2a5679f4f98510d3df0619ff2c2cb38dac55420a3102d8d83dc Loading...

	#26 Eval - c11e6c4f097fb58185865f4ab901fa7b	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash c11e6c4f097fb58185865f4ab901fa7b 1610551d19ff2565ad1943444624ddfebe2667f8 0be2471212ab6f857cedb119dded69b1c662a71c64bc13896bdc37d93f207975 Loading...

	#27 Eval - 9839edb9335e8958d378638f853e1e5a	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 9839edb9335e8958d378638f853e1e5a edfb8481263db1d0a13b286cbde0c4c1f3db42dc 29e0245a77eb34847ef0eff74689ca06d8508892f2a6c195560bd1fcaec214e6 Loading...

	#28 Eval - f07d87f0861ffeb809d24afec6e53982	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash f07d87f0861ffeb809d24afec6e53982 1f3583b845f801b4935b88be9dae7df4f18a66a7 fb489afa23b8fe821170e7da2cbfd463a14eb42ba5b27b113304e76559c9bde1 Loading...

	#29 Eval - 165a818a1b298f8a1571750d886b0618	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 165a818a1b298f8a1571750d886b0618 e65d2334b4db111e3496605ec911f79c6abf2e4e 56003b21380aeba13309d33adf5f38ee0d4a71012ab510e54f8934ce11f87a7e Loading...

	#30 Eval - f1b32b527b7ef0cc66d8d7299fd19290	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash f1b32b527b7ef0cc66d8d7299fd19290 a5cf0b200a0613a7635c54ecae4d64c6779fd7a5 be54007c0c79f280de9022610fe2c2d9a68c9461151632bfc42600adae0cb856 Loading...

	#31 Eval - 977d4ddfef9a71c9b976c347c9315aa9	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 977d4ddfef9a71c9b976c347c9315aa9 99acb93e6582ac46090084316d17a5683da3ce86 011510bcedc50fbeb19e00ef0aedc11c17fcfa8d74a0b3929a82f179df50a2cd Loading...

	#32 Eval - 22e578157a1024639739b859f5501c9b	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 22e578157a1024639739b859f5501c9b 5c13fd6ae245c52dae632033f6cf6e9633d7341d 7427415e955af4b9114cda33daafd1d1b6eced7380ae6c0c9ddd988297555195 Loading...

	#33 Eval - 91f643a24414aebf3c0241d5f0cefd9a	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 91f643a24414aebf3c0241d5f0cefd9a 169365a1b1ae52fca139516e6b66d431b42833b4 e21274159e39c939aa25e94d6ca4436160d249fcdb11c246b9285f7db7b01e0c Loading...

	#34 Eval - 0ec3f2ce35978ea4632ced3491cda32a	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 0ec3f2ce35978ea4632ced3491cda32a b771a722cbec334ace939835825752911356e10f 62d7859aa7a9f9a3335ace710f8d42529615527f1beff413b915cc8db206b6f9 Loading...

	#35 Eval - df1c1f811722feba0198d1298ed5c52b	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash df1c1f811722feba0198d1298ed5c52b 3581e88084bfc00b21912017853755cf95b1171b 12d7bdbb2bebd79cecd3c4ad632b6648f7e05b24ed6d8b3bd4030112f1c2e2db Loading...

	#36 Eval - 544a43cef39cdc3fde789ec4a8f1bf82	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 544a43cef39cdc3fde789ec4a8f1bf82 9d242e303c8f4f2ae0028c872b3d2c379d849e01 ba6b7ce921fe5fb02d28c3b303be059aca1ae00a56d02354e0cb42943fb5392d Loading...

	#37 Eval - c7306b37e8bf40afda983302c0e550e0	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash c7306b37e8bf40afda983302c0e550e0 b6de618dbaafc4b9550ded115e070fbc41b08763 82ef28f3eaa96d43300a0f9d7ea994e4f768215ab543c2e37453d9d38f5714b7 Loading...

	#38 Eval - ebe02a4fbaa7efd129667fe6614a6d0c	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash ebe02a4fbaa7efd129667fe6614a6d0c d0de77296e056041064911dfcdff52ce3f739558 633f4b04af593d1416fc48ce7424c47a1e235e347f5201cbbee5794814570476 Loading...

	#39 Eval - fc44070f3f68a788f1eba15aa7ccb388	28 B	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash fc44070f3f68a788f1eba15aa7ccb388 794e8a02dd92b925ec5f0fb970a9c0dfaaa06432 df343966a24e2d9451a7d0d1ef39a12ce0d3335ed7ab227eb773ed1008ddfd15 Loading...

	#40 Eval - 61fa153f2827c887a48a351ae3c6cfd3	8 B	2023-03-07 01:03	2025-07-16 00:36
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-07-16 00:36 Times Seen17500 Hash 61fa153f2827c887a48a351ae3c6cfd3 5fbd02245cf700ea94d638c8d76924ecca52d330 4c44d7c28ec0f6ca3e2624c6af1d3be324576d01ef6f6c2dc0af7e61664b8c2c Loading...

		Size	First Seen	Last Seen
	#1 Write - 83f9d9c0d8e385803075403686d7aac0	5.1 kB	2024-10-29 17:59	2024-10-29 17:59
Pretty Observations First Seen2024-10-29 17:59 Last Seen2024-10-29 17:59 Times Seen1 Hash 83f9d9c0d8e385803075403686d7aac0 c9da5063100d90afcd5e882763899fd8ef6fc070 eb4ce04c9db0474984dcc8f2c94559a606744bad0a1ec474f0ac87e35dee35e9 Loading...

HTTP Transactions (15)

URL IP Response Size

www.google.ae/url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ==

142.250.74.99

302 Found

300 B

URL
www.google.ae/url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ==
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
300 B (300 bytes)
Hash
220b6598aaa9e62d31a7951baf0f78c1
79274259d78da9b63fa5879de5c4ad225c691eb9
d5377d7392d5bda783af6202d19cd6535a644c576301855d92ceb1c6b56de66b

HTTP Headers

GET /url?q=38pQvvq6xRyj7Y00xDjnlx9kIHOSozurMOiaAkImPuQJnOIWtJjqJLi6stjtDz3yh&rct=tTPSrMOiaAkImPuQJnOIWtJjqJLi6stjtFX08pQvvq6xRyj7Y00xDjnlx9kIjusucT&sa=t&url=amp/unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ== HTTP/1.1
Host: www.google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://www.google.ae/amp/unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ==
cache-control: private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-eg9FolFr3FfamZhr6Qc90w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Tue, 29 Oct 2024 17:58:42 GMT
server: gws
content-length: 300
x-xss-protection: 0
set-cookie: __Secure-ENID=23.SE=eSxTTZBNM_A2KyJAmwraGBwxbXkhZHR8MsXW5VYng1g8ZP0uCt-zXlvv-KYFqOB5EWR7wsZJACmQQgTlyLTZFgzzDoRTMRt0cHJQ1BbB0JpfEWnbZY8Lc1kU2PJpvRx40uk1nXwrWtQFx8hLG8APm1XEBYDijOkoOCl7VrOtE5KxaX0_Hf3mvV9s_txKqu5nOxmDr2B1oFy173VmfppjB8dSOu8uRplUT7LeR9M; expires=Sat, 29-Nov-2025 10:16:59 GMT; path=/; domain=.google.ae; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.ae/amp/unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ==

142.250.74.99

302 Found

281 B

URL
www.google.ae/amp/unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ==
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
281 B (281 bytes)
Hash
71f83732d506bc8a6db6b1eaef051fd7
1384dfa2a6e7776311b0b76aedcb8f666cb341c1
41b1cb544e2692bb1b4537343b87c9dfc5e27a30f4bf84e738d26ddd97d89c09

HTTP Headers

GET /amp/unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ== HTTP/1.1
Host: www.google.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg; __Secure-ENID=23.SE=eSxTTZBNM_A2KyJAmwraGBwxbXkhZHR8MsXW5VYng1g8ZP0uCt-zXlvv-KYFqOB5EWR7wsZJACmQQgTlyLTZFgzzDoRTMRt0cHJQ1BbB0JpfEWnbZY8Lc1kU2PJpvRx40uk1nXwrWtQFx8hLG8APm1XEBYDijOkoOCl7VrOtE5KxaX0_Hf3mvV9s_txKqu5nOxmDr2B1oFy173VmfppjB8dSOu8uRplUT7LeR9M
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
location: http://unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ==
cache-control: private
x-robots-tag: noindex
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-TlNoD-sHaK9I1NnEfUshEw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
date: Tue, 29 Oct 2024 17:58:42 GMT
server: gws
content-length: 281
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ==

143.95.237.27

200 OK

0 B

URL
unclecosmosattic.com/4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ==
IP
143.95.237.27:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /4d2e848d/3710351157/eXVuYS5tYXJ0aW5AY2hlY2ttYXJ4LmNvbQ== HTTP/1.1
Host: unclecosmosattic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Oct 2024 17:58:42 GMT
Server: Apache
refresh: 0;url=https://astronomy.radjobsoc.com/E5nT/#Dyuna.martin@checkmarx.com
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

GET cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.24.14

200 OK

14 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://astronomy.radjobsoc.com/E5nT/#Dyuna.martin@checkmarx.com
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
FingerprintE6:47:BB:06:9C:32:48:7E:A6:0A:4B:62:53:7B:F0:35:5D:A9:A3:8A
ValiditySat, 28 Sep 2024 05:35:05 GMT - Fri, 27 Dec 2024 05:35:04 GMT

File type
JavaScript source, ASCII text, with very long lines (48316), with no line terminators
Size
14 kB (13972 bytes)
Hash
2ca03ad87885ab983541092b87adb299
1a17f60bf776a8c468a185c1e8e985c41a50dc27
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://astronomy.radjobsoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Oct 2024 17:58:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 426796
expires: Sun, 19 Oct 2025 17:58:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kigKAAFAmG5JQqEQDtTtEPNBFx1a6SS%2FX2OaWBIMJzvsUTX5o7E1SjPLfvoOupRAr3%2BeeUopuX5qfsb8%2BULJRLwQA2242oga9AV2FdqVy78%2BYvk0qo9yUrlZgyvdHBKFmz0bVM0J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8da50e2d3c0aca5c-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

104.18.94.41

302 Found

0 B

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://astronomy.radjobsoc.com/E5nT/#Dyuna.martin@checkmarx.com
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://astronomy.radjobsoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 29 Oct 2024 17:58:44 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
location: /turnstile/v0/g/f2bbd6738e15/api.js
vary: Accept-Encoding
server: cloudflare
cf-ray: 8da50e2d4ca46a61-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.6.0.min.js

151.101.2.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://astronomy.radjobsoc.com/E5nT/#Dyuna.martin@checkmarx.com
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://astronomy.radjobsoc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Oct 2024 17:58:44 GMT
age: 1241610
x-served-by: cache-lga21931-LGA, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 71, 386335
x-timer: S1730224724.065455,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1

104.18.94.41

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 29 Oct 2024 17:58:44 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 8da50e2fca386a69-HAM
alt-svc: h3=":443"; ma=86400

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8da50e2f09c06a69/1730224724740/8eaf165c480d566e8ea2c97af601d21350fde0d07272e975661590af352aed6f/wTHG_NYuw9tv_cn

104.18.94.41

401 Unauthorized

1 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/8da50e2f09c06a69/1730224724740/8eaf165c480d566e8ea2c97af601d21350fde0d07272e975661590af352aed6f/wTHG_NYuw9tv_cn
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
ff44570aca8241914870afbc310cdb85
58668e7669fd564d99db5d581fcdb6a5618440b5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/8da50e2f09c06a69/1730224724740/8eaf165c480d566e8ea2c97af601d21350fde0d07272e975661590af352aed6f/wTHG_NYuw9tv_cn HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 401 Unauthorized
date: Tue, 29 Oct 2024 17:58:46 GMT
content-type: text/plain; charset=UTF-8
content-length: 1
www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gjq8WXEgNVm6Oosl69gHSE1D94NBycul1ZhWQrzUq7W8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAscjm_UO_k901rNdCKgLw5bvI4i6M_jDNCIXpfs2LRbtxwLOrUyplqVvML_hVlB5tIDMuj0ihhaOFHose-Y0_UjQnNUGE_vol46VvGgscTMtTjU4xINriap8AMTIygvljEBt6my-nBwkUGhY3U9v5iKC-eWR5bTfvrqFsuIVxafkSfhHqDXB4KLGNjvOOV71GGJ9x4yxA-C2OcULZ1uDDKuvAaMhuiWdF6OzSTXruP9yPg1vmuteavOW1re0YDbCbtK16PhHdSzWym7v_FrvId-2zf26j50FlTd_vl_DcKNDVCgWDoU0uX3cU6V3rSQoVXREEqPr-2ywSGru8ZuXRoQIDAQAB", max-age=20, PrivateToken challenge="AAIAHXNhdC5wYXQtaXNzdWVyLmNsb3VkZmxhcmUuY29tII6vFlxIDVZujqLJevYB0hNQ_eDQcnLpdWYVkK81Ku1vABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsLS4HBnLGydwK-bLQGRCaoyMsrXBRrDgQVmxS06j3UF0nYSd6GdTGCKIu1WV60eg-tJtTttfEVq7wHVQf4vzjYBidmCh88ebzxKv2GB6PESSodf5MsEup9xd5dxpkYScgL1CCJq89kRrOQ_CS61bvkL_oGyZf4ffqG5THgaOsopqj8dFLH6_SMy9yf8EgMYqpyjxfKsD-1_qb1m1DRjJEKPWKIGwmHXIKQJUqsxZFm4_Inwkxx7QMpVP4GyqlTxFVz7stWwJRSkMLHjEM_IWLUYfPhuwIUVqmRjGsY1n8flA1bRfxaWHNDxoi25-M2BKTP9NkNNJBbTKErhrZ9LGywIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tII6vFlxIDVZujqLJevYB0hNQ_eDQcnLpdWYVkK81Ku1vABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwOXxuf_YfH60WXLdHNNMi668yTzkAIuksAL2v5Hmho3odFuawAT0cyief1oGo8EaTM_mzmbWK1XdowTDWz2k8-mVmWsgyW3NdrIQwZo-pqOoSiMOVVjpDsnwZmGR_SeoYczHldSUjidO3m4djRGeWR4Iv7sZ131HRg8MZGc0BLoTAJ8WLryDVz1Kp_D_qSxsI1b5cap8Y1yGShRIAZ1O6b3zuooeDoLh9q098fsCdlZbnGh28gTNXgdkiFt_yjyaf5upGTHXcizT4TWTDdmvgSNE19n7ahXuj-_GH_XzP42QLUomcuqNEhu5wSj7XNnyRFURH19l6_sLROivytIY2wIDAQAB", max-age=20
server: cloudflare
cf-ray: 8da50e3e4d606a69-HAM
alt-svc: h3=":443"; ma=86400

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8da50e2f09c06a69/1730224724741/Oy2MMQk_qu_0XmN

104.18.94.41

200 OK

61 B

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/8da50e2f09c06a69/1730224724741/Oy2MMQk_qu_0XmN
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
PNG image data, 98 x 85, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
f5e916339163d60e1ed658e517794f00
67527c18dbfa3e5ab7389f30acc813c6f799e08c
fbf844f131147029a117415dacdb312aa1a48027380dbcf6e36a146a939cc193

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/8da50e2f09c06a69/1730224724741/Oy2MMQk_qu_0XmN HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 29 Oct 2024 17:58:46 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 8da50e3e8d8d6a69-HAM
alt-svc: h3=":443"; ma=86400

POST challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/765729660:1730223466:wnwA9Op_y0e06RJ3EjugvUEf66-A9bkbXvEiDCFBs4Y/8da50e2f09c06a69/9kneg.VlCG3If2T8Qjhi.ifP5d1aoT72WOYTYzJzzP0-1730224724-1.1.1.1-o9Z85h9hktCl4_pbBRz6HXbBTy9K2AgtPkefXTtwz7ny0qTtK8gCdz2Wpvz3VnNa

104.18.94.41

200 OK

26 kB

URL POST HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/765729660:1730223466:wnwA9Op_y0e06RJ3EjugvUEf66-A9bkbXvEiDCFBs4Y/8da50e2f09c06a69/9kneg.VlCG3If2T8Qjhi.ifP5d1aoT72WOYTYzJzzP0-1730224724-1.1.1.1-o9Z85h9hktCl4_pbBRz6HXbBTy9K2AgtPkefXTtwz7ny0qTtK8gCdz2Wpvz3VnNa
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
ASCII text, with very long lines (26336), with no line terminators
Size
26 kB (25611 bytes)
Hash
cfe7357f3519eb8c81c643e8328b2428
e60de6cd1710cc20bfce8509dcb70fb9aa173f23
a7e0d3d6fec04a55c86105a9ccb086c928b8e395faaa84ca7a45ee8c001ca92f

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/765729660:1730223466:wnwA9Op_y0e06RJ3EjugvUEf66-A9bkbXvEiDCFBs4Y/8da50e2f09c06a69/9kneg.VlCG3If2T8Qjhi.ifP5d1aoT72WOYTYzJzzP0-1730224724-1.1.1.1-o9Z85h9hktCl4_pbBRz6HXbBTy9K2AgtPkefXTtwz7ny0qTtK8gCdz2Wpvz3VnNa HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/
Content-type: application/x-www-form-urlencoded
CF-Challenge: 9kneg.VlCG3If2T8Qjhi.ifP5d1aoT72WOYTYzJzzP0-1730224724-1.1.1.1-o9Z85h9hktCl4_pbBRz6HXbBTy9K2AgtPkefXTtwz7ny0qTtK8gCdz2Wpvz3VnNa
Content-Length: 28011
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 29 Oct 2024 17:58:47 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: QqHL/RQ3rgyHaN7TH6VigJG2lhRwRF4ezCT4Sym0PLyg50X/B8xHa4N5qcqDDMIx9/52rWckt/aQtE9i$zlDUPF5WptnioKGu
server: cloudflare
cf-ray: 8da50e3f7e186a69-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/

104.18.94.41

200 OK

26 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://astronomy.radjobsoc.com/E5nT/#Dyuna.martin@checkmarx.com
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
HTML document, ASCII text, with very long lines (22049)
Size
26 kB (26324 bytes)
Hash
3777a12eabe7657b2e18b53ddc9c99a7
0a5777a7aec5fa069acfb97beb0123619615b0e6
fe06fe9763c99fe101a0ebe1a368da67050e480e113f1d4a068c9d73613d72e4

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://astronomy.radjobsoc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 29 Oct 2024 17:58:44 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
origin-agent-cluster: ?1
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
cross-origin-opener-policy: same-origin
referrer-policy: same-origin
cross-origin-embedder-policy: require-corp
document-policy: js-profiling
cross-origin-resource-policy: cross-origin
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server: cloudflare
cf-ray: 8da50e2f09c06a69-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET astronomy.radjobsoc.com/favicon.ico

104.21.8.164

404 Not Found

0 B

URL GET HTTP/3
astronomy.radjobsoc.com/favicon.ico
IP
104.21.8.164:443
ASN
#13335 CLOUDFLARENET

Requested by
https://astronomy.radjobsoc.com/E5nT/#Dyuna.martin@checkmarx.com
Certificate
IssuerGoogle Trust Services
Subjectradjobsoc.com
FingerprintD0:0E:32:CD:3D:88:0E:A8:CF:C7:0E:8E:7A:F4:BE:C5:D0:D0:AE:61
ValiditySat, 21 Sep 2024 21:10:02 GMT - Fri, 20 Dec 2024 21:10:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: astronomy.radjobsoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://astronomy.radjobsoc.com/E5nT/
Cookie: XSRF-TOKEN=eyJpdiI6Inh6OEtRZFlLdXkwYVpZNWVvWmRBc2c9PSIsInZhbHVlIjoiQ3I5QUY0NFNUcjBkaUd2VkVyRXFTdjVTZDZWd2loZW5RRk9wZjFuTUJveFRWaVgwamJ4RVFiaVpORTd6Zy9WYnlNcitRNHl5eGdJSlZhYlVaTGRFRk1PS2xFVWxURm9FY21IbWR6YmwvTm9DbGFpMEFpcDJqSTRUbmpHbm5ZMUoiLCJtYWMiOiI3MzU3ZmY1NTJjMjhjZTc3N2UxOWY1NmM2ZDRmYTc1OGFiZjFjOWExMTBlMjJmMmExMjJlYWY4NGRhZGI4ZjRkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImVUOUZOMTlrZnNScWRaQ1JZbGF4RWc9PSIsInZhbHVlIjoiV1l5NjFVN2VSWDZIaDFLZHlreFdLWlIrSUlRRkQvM0FZREtRekgxN2R6RUh2U3BLai9paWhmOFE3WnQxYU9hRnAxOGlydDlPVDNaeU1uaDMyajFVZlBmTE50UThUNXhFQWY5ZERvOXpoSkw2dHNCVjhCdXM3RTdjanVaR3lXcGIiLCJtYWMiOiI0YmIwNGNkYWZmZjFiM2E4ZjdiNDNhMGI2ZjNlZjdmOWIxYzVmOTA2YjdjOWVkMThjOGY4OGY0NWJhZTRmYWFmIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 29 Oct 2024 17:58:44 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bN4Sl43kcWGMFqiW6HIKQaiyKkBOzRry5%2FZNSvMOD2HDX%2F9GleRwkOxlBpTtbcAPa9dqU0Wzyx0QzfL8MwtBnYG6J4JoX77nsKFKOi4HUfxGDsKzN%2F6J5ZVBu3UX%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 12297
priority: u=6,i=?0
server: cloudflare
cf-ray: 8da50e2f29935c41-AMS
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=22689&sent=4&recv=7&lost=0&retrans=0&sent_bytes=2825&recv_bytes=2245&delivery_rate=125407&cwnd=252&unsent_bytes=0&cid=339fa2a864b951d1&ts=331&x=0", cfL4;desc="?proto=QUIC&rtt=23774&sent=11&recv=6&lost=0&retrans=0&sent_bytes=4043&recv_bytes=1690&delivery_rate=20339&cwnd=12000&unsent_bytes=0&cid=2dca5ae0451858bd&ts=508&x=1", cfExtPri, cfHdrFlush;dur=0

GET challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js

104.18.94.41

200 OK

48 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://astronomy.radjobsoc.com/E5nT/#Dyuna.martin@checkmarx.com
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
JavaScript source, ASCII text, with very long lines (47531)
Size
48 kB (47532 bytes)
Hash
808a57cae0b6fee71f46efdded44b348
dd570a24c8bda1b391aa1ddea6004125818e579a
5b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f

HTTP Headers

GET /turnstile/v0/g/f2bbd6738e15/api.js HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://astronomy.radjobsoc.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 29 Oct 2024 17:58:44 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 18 Oct 2024 17:38:58 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8da50e2e39426a69-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET astronomy.radjobsoc.com/E5nT/

104.21.8.164

200 OK

19 kB

URL User Request GET HTTP/2
astronomy.radjobsoc.com/E5nT/
IP
104.21.8.164:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectradjobsoc.com
FingerprintD0:0E:32:CD:3D:88:0E:A8:CF:C7:0E:8E:7A:F4:BE:C5:D0:D0:AE:61
ValiditySat, 21 Sep 2024 21:10:02 GMT - Fri, 20 Dec 2024 21:10:01 GMT

File type
HTML document, ASCII text, with very long lines (6893), with CRLF line terminators
Size
19 kB (18661 bytes)
Hash
d5c09b41f1a0602bbadc7a98f985f9c4
76bcd498de7224bc07c31494115ad0ce46da5ee5
de895f5a392cadbc1d819ba600f47219dea995ce0a3f18de7a4adf70c3beac43

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /E5nT/ HTTP/1.1
Host: astronomy.radjobsoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Oct 2024 17:58:43 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pndgVa6IhBxgNi74N%2BYm0bAF5VYhIDgtzNCqGj1%2BryRm3j27uM2nsYGHigWQ9cP7H4jjyU8kxnR7xQ3ir3vySSU8MMjO4TrHPwds%2Fa1KaC0jjrix6pbbMfiLa1dO0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
set-cookie: XSRF-TOKEN=eyJpdiI6Inh6OEtRZFlLdXkwYVpZNWVvWmRBc2c9PSIsInZhbHVlIjoiQ3I5QUY0NFNUcjBkaUd2VkVyRXFTdjVTZDZWd2loZW5RRk9wZjFuTUJveFRWaVgwamJ4RVFiaVpORTd6Zy9WYnlNcitRNHl5eGdJSlZhYlVaTGRFRk1PS2xFVWxURm9FY21IbWR6YmwvTm9DbGFpMEFpcDJqSTRUbmpHbm5ZMUoiLCJtYWMiOiI3MzU3ZmY1NTJjMjhjZTc3N2UxOWY1NmM2ZDRmYTc1OGFiZjFjOWExMTBlMjJmMmExMjJlYWY4NGRhZGI4ZjRkIiwidGFnIjoiIn0%3D; expires=Tue, 29-Oct-2024 19:58:43 GMT; Max-Age=7200; path=/; secure; samesite=none
laravel_session=eyJpdiI6ImVUOUZOMTlrZnNScWRaQ1JZbGF4RWc9PSIsInZhbHVlIjoiV1l5NjFVN2VSWDZIaDFLZHlreFdLWlIrSUlRRkQvM0FZREtRekgxN2R6RUh2U3BLai9paWhmOFE3WnQxYU9hRnAxOGlydDlPVDNaeU1uaDMyajFVZlBmTE50UThUNXhFQWY5ZERvOXpoSkw2dHNCVjhCdXM3RTdjanVaR3lXcGIiLCJtYWMiOiI0YmIwNGNkYWZmZjFiM2E4ZjdiNDNhMGI2ZjNlZjdmOWIxYzVmOTA2YjdjOWVkMThjOGY4OGY0NWJhZTRmYWFmIiwidGFnIjoiIn0%3D; expires=Tue, 29-Oct-2024 19:58:43 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
server: cloudflare
cf-ray: 8da50e28a93ad5b8-CDG
content-encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=22695&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2825&recv_bytes=1391&delivery_rate=126129&cwnd=252&unsent_bytes=0&cid=6eb3c5ff77544f01&ts=216&x=0", cfL4;desc="?proto=TCP&rtt=76241&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3276&recv_bytes=1262&delivery_rate=67351&cwnd=35&unsent_bytes=0&cid=3e36457627638edc&ts=540&x=0"
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8da50e2f09c06a69&lang=auto

104.18.94.41

200 OK

122 kB

URL GET HTTP/3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8da50e2f09c06a69&lang=auto
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint65:75:A9:DF:EC:98:9B:14:E5:F1:43:E6:B9:E2:E3:9C:50:C4:E8:A4
ValidityThu, 05 Sep 2024 16:26:55 GMT - Wed, 04 Dec 2024 17:26:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
122 kB (121479 bytes)
Hash
ccdb3bd9cd9fe1b978afa5e2083efb9c
ff53b008d420f8310a1c33d7a02c3d79931e68ce
8e19c6fcebbecac34c76594259539d6550d4289aacd7467c28ad6a530e3ace6c

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8da50e2f09c06a69&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vynit/0x4AAAAAAAktVIf1mhdRw6LA/auto/fbE/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 29 Oct 2024 17:58:44 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: cloudflare
cf-ray: 8da50e2fca3c6a69-HAM
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (49)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations