![](/screenshots/3cfb3f81-83e2-4953-8aac-1acbbd392b2d.png)
249.liecashmeat.live
Open in
urlscan Pro
141.95.100.100
Public Scan
Effective URL: https://249.liecashmeat.live/jmmdycoi/?u=pe7k605&o=3u0gcu2&f=1&sid=t1~ig1p3i52bdoefkk0bfikv3ib&fp=RrYpH3CAs0iqhjMap3eXQoc6nYc...
Submission Tags: phishingrod
Submission: On December 24 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by R3 on December 23rd 2022. Valid for: 3 months.
This is the only time 249.liecashmeat.live was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 2a06:98c1:312... 2a06:98c1:3121::c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 88.212.201.198 88.212.201.198 | 39134 (UNITEDNET) (UNITEDNET) | |
1 5 | 5.75.133.219 5.75.133.219 | 24940 (HETZNER-AS) (HETZNER-AS) | |
12 | 116.202.184.109 116.202.184.109 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 46.148.125.182 46.148.125.182 | 35277 (LLHOST-IN...) (LLHOST-INC-SRL) | |
4 | 2a00:1450:400... 2a00:1450:4001:82b::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 195.201.93.6 195.201.93.6 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 141.95.100.100 141.95.100.100 | () () | |
29 | 10 |
ASN24940 (HETZNER-AS, DE)
PTR: static.219.133.75.5.clients.your-server.de
a.psh-new.top | |
js.pushssp.top | |
feed.cdnpsh.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.109.184.202.116.clients.your-server.de
open.flintguard.top |
ASN35277 (LLHOST-INC-SRL, RO)
PTR: har57.srv.llhost-inc.com
js.nextpsh.top |
ASN24940 (HETZNER-AS, DE)
PTR: static.6.93.201.195.clients.your-server.de
mostwinhere.life |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
flintguard.top
open.flintguard.top — Cisco Umbrella Rank: 311827 |
59 KB |
4 |
gstatic.com
www.gstatic.com |
35 KB |
3 |
nitrositezero.net
1 redirects
nitrositezero.net |
4 KB |
2 |
mostwinhere.life
mostwinhere.life |
40 KB |
2 |
cdnpsh.com
feed.cdnpsh.com |
874 B |
2 |
nextpsh.top
js.nextpsh.top — Cisco Umbrella Rank: 195498 |
43 KB |
2 |
pushssp.top
js.pushssp.top |
2 KB |
2 |
yadro.ru
1 redirects
counter.yadro.ru — Cisco Umbrella Rank: 9559 |
1 KB |
1 |
liecashmeat.live
249.liecashmeat.live |
|
1 |
psh-new.top
1 redirects
a.psh-new.top — Cisco Umbrella Rank: 628190 |
337 B |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2384 |
25 KB |
29 | 11 |
Domain | Requested by | |
---|---|---|
12 | open.flintguard.top |
nitrositezero.net
open.flintguard.top js.nextpsh.top |
4 | www.gstatic.com |
js.nextpsh.top
|
3 | nitrositezero.net |
1 redirects
nitrositezero.net
|
2 | mostwinhere.life |
js.nextpsh.top
mostwinhere.life |
2 | feed.cdnpsh.com |
js.nextpsh.top
|
2 | js.nextpsh.top |
js.pushssp.top
|
2 | js.pushssp.top |
open.flintguard.top
|
2 | counter.yadro.ru | 1 redirects |
1 | 249.liecashmeat.live |
mostwinhere.life
|
1 | a.psh-new.top | 1 redirects |
1 | stackpath.bootstrapcdn.com |
nitrositezero.net
|
29 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.nitrositezero.net GTS CA 1P5 |
2022-12-24 - 2023-03-24 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
flintguard.top R3 |
2022-12-05 - 2023-03-05 |
3 months | crt.sh |
pushssp.top R3 |
2022-12-02 - 2023-03-02 |
3 months | crt.sh |
js.nextpsh.top R3 |
2022-12-09 - 2023-03-09 |
3 months | crt.sh |
cdnpsh.com R3 |
2022-12-21 - 2023-03-21 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
mostwinhere.life R3 |
2022-12-19 - 2023-03-19 |
3 months | crt.sh |
*.liecashmeat.live R3 |
2022-12-23 - 2023-03-23 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://249.liecashmeat.live/jmmdycoi/?u=pe7k605&o=3u0gcu2&f=1&sid=t1~ig1p3i52bdoefkk0bfikv3ib&fp=RrYpH3CAs0iqhjMap3eXQoc6nYc%2Fl9zLnK7L7JO1SwdsmbutNxbOoLmhKUz3EYeX46Nx53hV9ZOGeYgX7SAkFNdxVrwhFfvv4Ttfy9dM3sToy54Wm1QR03Hw5NpuvPQPekz9WjkvCEQb0UeJGBpheOyfhfnWLGRnDHZiPiUEHtpBhUp0CGn7%2BTjB1rNB%2BlkFizKCvWxo07RAPh1o1gzKOoyV8X%2B%2B%2Bu3gxw6VYFEnMk6ftyl2JJHqtp7AG91HHYCFX7iJyIJIzUDqyAuKdLxU0nzRfwRAm2EaNWT%2BAR6om%2FFJSN2lUfiQVYvkfr4mkn3N%2BM8sn0%2FNabtIzLHcs6XMzxjJx9ad%2BjWN8TY7pUQCwWGCEf0iRiGFyTGI5Ry30exUx8UbVTtO%2BtN7jFlmQtxtRomk1v0fCAqwWc7KdD0pBOcFvCQN97btrn99H2btykVSvQttqKGo8TPl2NX0237h4JYoQlda20UCyTW%2B8NyJEZdBwmgsyWViF%2FNVIbbAYgwH1cqOylldV3r2u3YxFxV%2BaWZpTrHrYp%2B35HEUkCM%2BNF20l2fkI5NLZC7l7%2BjDir6gJ5UCsNg9kiI8sEwVh4hPoCp8tWOdsr8vnz84pBY%2BXyQjTrFV5%2BP810tpQHDppXWF0vT19proMcnGgHEeGS1dph05O39gS1bw7XLVXO%2BxtTqWRwKFA1ywYSiJ5zy6BkimZlmKiiL8ro2SJ%2FmjGTFHwcKlx2TH1JpkFg%2Fywu8eDrMOastOsGFhl7yN%2B2saj86wuvbIxgJZDSfusyfLmtzxZsF72A7ah6DY96tZeiD2lGbOt5UJvTjl7%2FzIYdGT%2Fn2YCCQ7hijKYzqc4TcFCIl%2FheZRdv3YcXEWMG27OWgLcQsc2%2FPUj5vg%2B2%2FreFeTorBg5I2FyE5HxM3vZMU2jlDjIK%2FnMMJtBSzjGs1Nce3k%2FwWkc7INYXUM17%2BhAjWOcsAhbeIZ2VK5%2BFGMQrt6yu0kzEKMjcTCrTbqhvzS83kQliqF6KDd%2Fd6l7m8m8Z6jBTiP3O8d3rw0uT%2BdXCUQEuRlvktRhTsoDZUfXg1360G4jsynR6JBGM9gVHfK%2B4Y5TQenr%2BbCniyN9xDEbUKkicH2UnxUnb9Tg%2FQQRnlY5kA2oFK08O44g5U53ohjjmcbEWzITlVFmGUZExDznU%2FaoUJdu%2FwvteXjQ%2BDLhH5xRDeAKZMVjdFBImxYTFRDDwkYBEDhs%2Fpi7E9zH4f8GxFjq%2BJcNfSusVzTil4noB4N83aUxrztZ2Lrwuslpnq7R1KnisdPjZpyjehroTMPTqFLPRD8seMWQKNiuAvi9Iyn3jSX8nSbaMJPCMA7KZdIW4YYG12NTV%2BlHnTv5mHoKOEllvqU3b1uT3uh5tgCqLfbpA6tH35sVx3ksIvf0wSTbAaZqA1LzwizGdmQocH2xqQYqalugOv9BJgKUGESxb%2BWXxknLdEUfbbfOgElbGzJ1l%2Fxi2EmHYcV50MXjQAZqsmhxV7xXl0%2FhDCJxEIyhq4QMywbz8giARFdOIPJS5%2BeGsnET9vutmBzafD97suU0OHHiBCYb2dPKUacwiUsLRgoLXIPdixPQNxo0VqUA2Oq3cu%2BNA8BMNh40MCWd9X%2FFc7XULKMGpTEjiWokhcXXWr%2FIEK%2Be4TGlK0AvSPfczEwcEQ6mu%2BDcYgv0T2wEN2ir2v8Isx0iREh6d5x29iYaLzshkx%2BPZ8W86fQUh6nQbtTj7vgVgCWH1DXp%2BiO7b6Umg2U7B6xfKFXuV4%2ByeD11CC6qMLGpsUXsGvo0WjOKNQvGMdoP3g45FHgGLXppnD8PQA%2FujBLIFOpLmrmMdjEYFzUnxNGipVM%2Fktmxpb6bdKqtdseipQ7A%2FU1eU37hZiAGTtZY75JX2D8p%2BoCVzi1dkd6%2BlshmEJxTC36DNpOaGoQ1N4pegHd4%2Bohxy56yar15bUXLVzkTGRAqENNEmC%2BWcn7CvfJDaMXBl7dj7O8%2BRuY%2B6bZKxETAVRPSUlXwpnIL13Wkp9IGEgqviyLDAx5qvsAxw9YUwY%3D
Frame ID: DF278B5022485FDD00966A1ACBC09CC1
Requests: 30 HTTP requests in this frame
Frame:
https://mostwinhere.life/media/mainstream/frame.html
Frame ID: A131D4B38CBF10E5B6DB24004D0E556E
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/3cfb3f81-83e2-4953-8aac-1acbbd392b2d.png)
Page URL History Show full URLs
- https://nitrositezero.net/ Page URL
-
https://nitrositezero.net/
HTTP 301
https://a.psh-new.top/?pl=wyqwIiui3U-oMKNOfTV6Dg HTTP 302
https://open.flintguard.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=SPNqzidXMLYI-RDRrag... Page URL
- https://open.flintguard.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=SPNqzidXMLYI-RDRrag... Page URL
- https://mostwinhere.life/?u=pe7k605&o=3u0gcu2 Page URL
- https://249.liecashmeat.live/jmmdycoi/?u=pe7k605&o=3u0gcu2&f=1&sid=t1~ig1p3i52bdoefkk0bfikv3ib&fp=RrYpH3C... Page URL
Detected technologies
![](/vendor/wappa/icons/Firebase.png)
Detected patterns
- /firebasejs/([\d.]+)/firebase
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://nitrositezero.net/ Page URL
-
https://nitrositezero.net/
HTTP 301
https://a.psh-new.top/?pl=wyqwIiui3U-oMKNOfTV6Dg HTTP 302
https://open.flintguard.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=SPNqzidXMLYI-RDRragiqg&exp=1671876022 Page URL
- https://open.flintguard.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=SPNqzidXMLYI-RDRragiqg&exp=1671876022 Page URL
- https://mostwinhere.life/?u=pe7k605&o=3u0gcu2 Page URL
- https://249.liecashmeat.live/jmmdycoi/?u=pe7k605&o=3u0gcu2&f=1&sid=t1~ig1p3i52bdoefkk0bfikv3ib&fp=RrYpH3CAs0iqhjMap3eXQoc6nYc%2Fl9zLnK7L7JO1SwdsmbutNxbOoLmhKUz3EYeX46Nx53hV9ZOGeYgX7SAkFNdxVrwhFfvv4Ttfy9dM3sToy54Wm1QR03Hw5NpuvPQPekz9WjkvCEQb0UeJGBpheOyfhfnWLGRnDHZiPiUEHtpBhUp0CGn7%2BTjB1rNB%2BlkFizKCvWxo07RAPh1o1gzKOoyV8X%2B%2B%2Bu3gxw6VYFEnMk6ftyl2JJHqtp7AG91HHYCFX7iJyIJIzUDqyAuKdLxU0nzRfwRAm2EaNWT%2BAR6om%2FFJSN2lUfiQVYvkfr4mkn3N%2BM8sn0%2FNabtIzLHcs6XMzxjJx9ad%2BjWN8TY7pUQCwWGCEf0iRiGFyTGI5Ry30exUx8UbVTtO%2BtN7jFlmQtxtRomk1v0fCAqwWc7KdD0pBOcFvCQN97btrn99H2btykVSvQttqKGo8TPl2NX0237h4JYoQlda20UCyTW%2B8NyJEZdBwmgsyWViF%2FNVIbbAYgwH1cqOylldV3r2u3YxFxV%2BaWZpTrHrYp%2B35HEUkCM%2BNF20l2fkI5NLZC7l7%2BjDir6gJ5UCsNg9kiI8sEwVh4hPoCp8tWOdsr8vnz84pBY%2BXyQjTrFV5%2BP810tpQHDppXWF0vT19proMcnGgHEeGS1dph05O39gS1bw7XLVXO%2BxtTqWRwKFA1ywYSiJ5zy6BkimZlmKiiL8ro2SJ%2FmjGTFHwcKlx2TH1JpkFg%2Fywu8eDrMOastOsGFhl7yN%2B2saj86wuvbIxgJZDSfusyfLmtzxZsF72A7ah6DY96tZeiD2lGbOt5UJvTjl7%2FzIYdGT%2Fn2YCCQ7hijKYzqc4TcFCIl%2FheZRdv3YcXEWMG27OWgLcQsc2%2FPUj5vg%2B2%2FreFeTorBg5I2FyE5HxM3vZMU2jlDjIK%2FnMMJtBSzjGs1Nce3k%2FwWkc7INYXUM17%2BhAjWOcsAhbeIZ2VK5%2BFGMQrt6yu0kzEKMjcTCrTbqhvzS83kQliqF6KDd%2Fd6l7m8m8Z6jBTiP3O8d3rw0uT%2BdXCUQEuRlvktRhTsoDZUfXg1360G4jsynR6JBGM9gVHfK%2B4Y5TQenr%2BbCniyN9xDEbUKkicH2UnxUnb9Tg%2FQQRnlY5kA2oFK08O44g5U53ohjjmcbEWzITlVFmGUZExDznU%2FaoUJdu%2FwvteXjQ%2BDLhH5xRDeAKZMVjdFBImxYTFRDDwkYBEDhs%2Fpi7E9zH4f8GxFjq%2BJcNfSusVzTil4noB4N83aUxrztZ2Lrwuslpnq7R1KnisdPjZpyjehroTMPTqFLPRD8seMWQKNiuAvi9Iyn3jSX8nSbaMJPCMA7KZdIW4YYG12NTV%2BlHnTv5mHoKOEllvqU3b1uT3uh5tgCqLfbpA6tH35sVx3ksIvf0wSTbAaZqA1LzwizGdmQocH2xqQYqalugOv9BJgKUGESxb%2BWXxknLdEUfbbfOgElbGzJ1l%2Fxi2EmHYcV50MXjQAZqsmhxV7xXl0%2FhDCJxEIyhq4QMywbz8giARFdOIPJS5%2BeGsnET9vutmBzafD97suU0OHHiBCYb2dPKUacwiUsLRgoLXIPdixPQNxo0VqUA2Oq3cu%2BNA8BMNh40MCWd9X%2FFc7XULKMGpTEjiWokhcXXWr%2FIEK%2Be4TGlK0AvSPfczEwcEQ6mu%2BDcYgv0T2wEN2ir2v8Isx0iREh6d5x29iYaLzshkx%2BPZ8W86fQUh6nQbtTj7vgVgCWH1DXp%2BiO7b6Umg2U7B6xfKFXuV4%2ByeD11CC6qMLGpsUXsGvo0WjOKNQvGMdoP3g45FHgGLXppnD8PQA%2FujBLIFOpLmrmMdjEYFzUnxNGipVM%2Fktmxpb6bdKqtdseipQ7A%2FU1eU37hZiAGTtZY75JX2D8p%2BoCVzi1dkd6%2BlshmEJxTC36DNpOaGoQ1N4pegHd4%2Bohxy56yar15bUXLVzkTGRAqENNEmC%2BWcn7CvfJDaMXBl7dj7O8%2BRuY%2B6bZKxETAVRPSUlXwpnIL13Wkp9IGEgqviyLDAx5qvsAxw9YUwY%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://counter.yadro.ru/hit;lootraffer2?r;s1600*1200*24;uhttps%3A//nitrositezero.net/;hWacht.;0.3472739724271181 HTTP 302
- https://counter.yadro.ru/hit;lootraffer2?q;r;s1600*1200*24;uhttps%3A//nitrositezero.net/;hWacht.;0.3472739724271181
- https://nitrositezero.net/ HTTP 301
- https://a.psh-new.top/?pl=wyqwIiui3U-oMKNOfTV6Dg HTTP 302
- https://open.flintguard.top/eyes-robot/?pl=wyqwIiui3U-oMKNOfTV6Dg&sm=eyes-robot&hash=SPNqzidXMLYI-RDRragiqg&exp=1671876022
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
nitrositezero.net/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ |
156 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hit;lootraffer2
counter.yadro.ru/ Redirect Chain
|
43 B 528 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ab.php
nitrositezero.net/antibot777/ |
72 B 428 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
open.flintguard.top/eyes-robot/ Redirect Chain
|
1 KB 710 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trls.js
open.flintguard.top/eyes-robot/assets/ |
13 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fnr.js
open.flintguard.top/shared-js/assets/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
open.flintguard.top/eyes-robot/assets/ |
18 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.png
open.flintguard.top/eyes-robot/assets/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.png
open.flintguard.top/eyes-robot/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pl.js
js.pushssp.top/ps/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ps.js
js.nextpsh.top/ps/ |
21 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
feed.cdnpsh.com/ps/ |
356 B 483 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/8.4.1/ |
21 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firebase-messaging.js
www.gstatic.com/firebasejs/8.4.1/ |
40 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
open.flintguard.top/eyes-robot/ |
1 KB 709 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trls.js
open.flintguard.top/eyes-robot/assets/ |
13 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fnr.js
open.flintguard.top/shared-js/assets/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
open.flintguard.top/eyes-robot/assets/ |
18 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.png
open.flintguard.top/eyes-robot/assets/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.png
open.flintguard.top/eyes-robot/assets/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pl.js
js.pushssp.top/ps/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ps.js
js.nextpsh.top/ps/ |
21 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
feed.cdnpsh.com/ps/ |
356 B 391 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firebase-app.js
www.gstatic.com/firebasejs/8.4.1/ |
21 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
firebase-messaging.js
www.gstatic.com/firebasejs/8.4.1/ |
40 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
mostwinhere.life/ |
87 KB 40 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frame.html
mostwinhere.life/media/mainstream/ Frame A131 |
39 B 320 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
249.liecashmeat.live/jmmdycoi/ |
2 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nitrositezero.net/ | Name: antibot_uid Value: 3f23af719a2453efce4b657c91283f30 |
|
.nitrositezero.net/ | Name: antibot_country Value: NL |
|
.nitrositezero.net/ | Name: antibot_lang Value: nl |
|
.nitrositezero.net/ | Name: antibot_ptr Value: 2a00%3A1630%3A0002%3A1c02%3A0000%3A0000%3A0000%3A0008 |
|
nitrositezero.net/ | Name: antibot_34e7011b79a86270500045251cb165fa Value: 2c828fc171cf8838ee171b61574bc5c9 |
|
nitrositezero.net/ | Name: antibot_referer Value: https%3A%2F%2Fnitrositezero.net%2F |
|
.nitrositezero.net/ | Name: antibot_unique_20221224 Value: 1 |
|
.yadro.ru/ | Name: FTID Value: 1ZfioA00M3eT1ZfioA0013su |
|
.yadro.ru/ | Name: VID Value: 0CV8D02HLHeT1ZfioA001IMj |
|
a.psh-new.top/ | Name: wyqwIiui3U-oMKNOfTV6Dg Value: 5 |
|
a.psh-new.top/ | Name: __pl Value: 7564fb91-3c14-4805-8de3-c09d59fde1bc |
|
js.nextpsh.top/ | Name: __psu Value: 2a0a204a-08ab-42ff-a046-123c90017fa2 |
|
feed.cdnpsh.com/ | Name: __psu Value: e114f0ec-c96e-4ae2-889c-6046c2d257ef |
|
mostwinhere.life/ | Name: sid Value: t1~ig1p3i52bdoefkk0bfikv3ib |
|
mostwinhere.life/ | Name: p1 Value: https://liecashmeat.live/jmmdycoi/ |
|
mostwinhere.life/ | Name: s1 Value: mntc7zcky41srewt |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
249.liecashmeat.live
a.psh-new.top
counter.yadro.ru
feed.cdnpsh.com
js.nextpsh.top
js.pushssp.top
mostwinhere.life
nitrositezero.net
open.flintguard.top
stackpath.bootstrapcdn.com
www.gstatic.com
116.202.184.109
141.95.100.100
195.201.93.6
2606:4700::6812:bcf
2a00:1450:4001:82b::2003
2a06:98c1:3121::c
46.148.125.182
5.75.133.219
88.212.201.198
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
12c03fed9dccd38f88fefd11dfacfa1c96532eb64257ec0245e333d63633e4e4
227d91eb11ee7c53542aba223aea1138aea3113d606c18c21da850a38ba30bba
2fe4af427bd85f1934a685583b055f2d3879158886cb2e14a6f65c84a809c389
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
5aaae803e64982e772bfe2232801046dfd6907601969cdcf24fd64e2ef4b9865
71e79f46be6883cb94673cb02041031b186ef525e8d4a15ae86dc4f11cdfb206
794abc29a7074ba2b37f00f63a4c028c000c8dbb996736d4f322dbdbf2995c7e
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
9bd55a2b4d4726c08c72d29255063b3b5e1737b538e3266024ee0cd0b10d7c52
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
bbc343a1d9ecb99900bce433358dfba3ad372e0707287e1f54887b1663107d88
d4d5669220045e130b79770e93dc7dca5fdfa00c9d7047639dbb15c4f28eb2e2
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
f8a483f88b1ed8657ad9d9da6842b4bf28c20750edb5f967f16dc16c6f7cc354