detaynet.net Open in urlscan Pro
5.253.143.101  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response detaynet.net/gdnco/moon/moon/	21 KB 6 KB	238ms 65ms	Document text/html	5.253.143.101 AEROTEK-AS
General Check archive.org Show headers Download Go to Full URL https://detaynet.net/gdnco/moon/moon/login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.253.143.101 , Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS Software Apache / Resource Hash cad7083525c46d9c6b4fd0a954725885f40a1c58a6ae3550bb25ad15afad9c80 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 6265 Content-Type text/html; charset=UTF-8 Date Mon, 13 May 2024 02:45:16 GMT Keep-Alive timeout=5, max=100 Server Apache Upgrade h2,h2c Vary Accept-Encoding
GET H2	200	55013136-widget_css_bundle.css www.blogger.com/static/v1/widgets/	30 KB 7 KB	169ms 49ms	Stylesheet text/css	2a00:1450:4001:82f::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:14:15 GMT content-encoding gzip x-content-type-options nosniff age 498661 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6620 x-xss-protection 0 last-modified Mon, 06 May 2024 18:55:53 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Wed, 07 May 2025 08:14:15 GMT
GET H2	200	css.css uae.sharafdg.net/fdx/file/	56 KB 9 KB	129ms 40ms	Stylesheet text/css	2a02:4780:27:1112:0:1fe0:ea65:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://uae.sharafdg.net/fdx/file/css.css Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:27:1112:0:1fe0:ea65:2 Paris, France, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 345dfa6ca7308f86946f82f7d416deea9e9788cd16c11be8569a0c930131f972 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:16 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 20 Dec 2023 22:36:41 GMT server LiteSpeed etag "de12-65836c79-18b7da8ff1185e2f;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 9308 expires Mon, 20 May 2024 02:45:16 GMT
GET H/1.1	404 Not Found	common-core_SHF.css detaynet.net/gdnco/moon/moon/file/	0 0	65ms 63ms	Stylesheet text/html	5.253.143.101 AEROTEK-AS
General Check archive.org Show headers Download Go to Full URL https://detaynet.net/gdnco/moon/moon/file/common-core_SHF.css Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.253.143.101 , Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/gdnco/moon/moon/login.php Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 13 May 2024 02:45:16 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 196 Content-Type text/html; charset=iso-8859-1
GET H2	200	jquery.min.js Show response uae.sharafdg.net/fdx/file/	87 KB 29 KB	201ms 112ms	Script application/x-javascript	2a02:4780:27:1112:0:1fe0:ea65:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://uae.sharafdg.net/fdx/file/jquery.min.js Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:27:1112:0:1fe0:ea65:2 Paris, France, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:16 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Wed, 20 Dec 2023 22:36:41 GMT server LiteSpeed etag "15d84-65836c79-2064e815b1a5efbb;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 30020 expires Mon, 20 May 2024 02:45:16 GMT
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	60ms 16ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Origin https://detaynet.net Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:16 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1424498 x-cache HIT, HIT content-length 30875 x-served-by cache-lga21931-LGA, cache-ams21074-AMS last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1715568317.907742,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 45, 546388
GET H3	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/	85 KB 27 KB	46ms 23ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Origin https://detaynet.net Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 348800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27446 last-modified Tue, 29 Aug 2023 04:36:11 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "64ed75bb-6b36" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pD6%2B3drRHJGviK5c1HGkBAHurAUQt%2BzzNWuoDvX2bDWpvFEFI%2FRdJ7%2FMKPT36h%2FG5s1TGvzVVck15UQTXWpe1JRsnTC3uIu4Hmal4dwwD8cJ2i%2BjIGan8Aq%2FdHlHZYrzRSSu%2FCF"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 882f4fbc8dc80b7b-AMS expires Sat, 03 May 2025 02:45:16 GMT
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/	21 KB 8 KB	67ms 28ms	Script application/javascript	2606:4700::6812:ba1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Origin https://detaynet.net Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 589858 x-jsd-version 1.16.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230104-FRA, cache-lga21938-LGA x-jsd-version-type version server cloudflare etag W/"5309-YvI45zNIx3656GVCan0bfeI8uy0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ad%2F4pJ8uHZd9bXwzKKYK7gV4i7rUmvUitn9ViF3GX%2BCW9Z%2B2aQJlBJOEBTaR3owLQVA099zyWsxoQ7ltxhfWb6%2Fe7GCe%2FtroMTAZ3HkvCbpc2Jd0NlsToSNdqO7CTLXjmU1VJFi1GRWU3sD5C5I%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 882f4fbcac8006ba-AMS
GET H3	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/	59 KB 18 KB	57ms 27ms	Script application/javascript	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Origin https://detaynet.net Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:16 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 1049 strict-transport-security max-age=31536000; includeSubDomains; preload age 293159 cdn-cachedat 03/18/2024 12:12:20 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:09 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"61f338f870fcd0ff46362ef109d28533" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 0ca93cc6f88264b649ecc842e7052fdc timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 882f4fbc9f6d9fdc-AMS cdn-requestpullsuccess True
GET H2	200	aae1a073a8.js Show response kit.fontawesome.com/	12 KB 5 KB	495ms 457ms	Script text/javascript	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/aae1a073a8.js Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2aadb7ab6f8ab2778447898f71b6d2b32bd2386bb00da9433638895b887d1036 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Origin https://detaynet.net Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:17 GMT content-encoding gzip cf-cache-status REVALIDATED server cloudflare vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-max-age 3000 access-control-allow-methods GET, OPTIONS access-control-allow-origin * content-type text/javascript cache-control max-age=60, public, stale-while-revalidate=30 cf-ray 882f4fbca9c79fa8-AMS access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F83hqv7ydvXBYKmVVGMh
GET H2	200	main.6c0d7f22.css kw.sharafdg.net/monn/file/	92 KB 12 KB	119ms 33ms	Stylesheet text/css	2a02:4780:27:1112:0:1fe0:ea65:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://kw.sharafdg.net/monn/file/main.6c0d7f22.css Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:27:1112:0:1fe0:ea65:2 Paris, France, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 037c44143ce2129b555a74c8fcbf777c4bf054506c9bb617e671f3a7566c3d9f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:16 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Fri, 02 Feb 2024 13:04:55 GMT server LiteSpeed etag "17197-65bce877-d24d6f670c279a0;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 12121 expires Mon, 20 May 2024 02:45:16 GMT
GET H2	200	logo-mooney.1330f350147445f5103b36dac80a6726.svg kw.sharafdg.net/monn/file/	5 KB 2 KB	145ms 60ms	Image image/svg+xml	2a02:4780:27:1112:0:1fe0:ea65:2 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://kw.sharafdg.net/monn/file/logo-mooney.1330f350147445f5103b36dac80a6726.svg Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:27:1112:0:1fe0:ea65:2 Paris, France, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 49616c860ff4ad5bed99b66a2b1295e7ef5213d5d5cf76ad2560d2f1daa06635 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:16 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Fri, 02 Feb 2024 13:04:55 GMT server LiteSpeed etag "126f-65bce877-b53da6ab2baa89c;br" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 1959 expires Mon, 20 May 2024 02:45:16 GMT
GET		Icon_99e4c76d41.svg kw.sharafdg.net/monn/file/	0 0
GET		scrollButton.372d5008fb0996706305047d7e23d56d.svg kw.sharafdg.net/monn/file/	0 0
GET H/1.1	404 Not Found	jquery.min.js detaynet.net/gdnco/moon/moon/file/	0 0	64ms 63ms	Script text/html	5.253.143.101 AEROTEK-AS
General Check archive.org Show headers Download Go to Full URL https://detaynet.net/gdnco/moon/moon/file/jquery.min.js Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.253.143.101 , Turkey, ASN42807 (AEROTEK-AS, TR), Reverse DNS Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/gdnco/moon/moon/login.php Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 13 May 2024 02:45:17 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 196 Content-Type text/html; charset=iso-8859-1
GET H2	200	1671891383-widgets.js Show response www.blogger.com/static/v1/widgets/	142 KB 51 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:82f::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/widgets/1671891383-widgets.js Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a7ca5c0d12b974ad99685fd44983f85b2a0b00360dd820437b33f862e0ee44ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 07:50:26 GMT content-encoding gzip x-content-type-options nosniff age 500091 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51705 x-xss-protection 0 last-modified Wed, 13 Mar 2024 20:58:03 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Wed, 07 May 2025 07:50:26 GMT
GET H3	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	50ms 29ms	Fetch text/css	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=aae1a073a8 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/aae1a073a8.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:17 GMT via 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 age 293159 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzvb5h%2F1dA%2BkXIX2eH%2BGk8cPluVxBCTQgR7WzawkINfAgzVVWdwBZkd%2FYJPlQleCtUtNtwL3SwevXluXWwGDgBPbBMnFH0i15M8RMXGoxdw6G%2Fr9lv1HjZpsuehx%2F0bBUN7ts6%2FoIw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 882f4fbfaebe9708-AMS access-control-allow-headers fa-kit-token x-amz-cf-id 6Omlpz1kOMYfH8uc686Eh_4zl4KZchvGxJrwuCRAR1PKKFhAkCdAdQ==
GET H3	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 5 KB	48ms 27ms	Fetch text/css	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=aae1a073a8 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/aae1a073a8.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:17 GMT via 1.1 abf5199c76a5a64063b4cf8863f823aa.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop AMS1-P2 age 293159 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnqGdyH78bfO0r%2F%2FwP5gaRwAHEFt%2FKLBweUGYzHD3ujdgKhF%2FcUa2ECzDAK0XVTHSG911m9eEV7SJ63o3kW48vcvGXnS3%2BydTEaA3aTvlF6ESxt1o3XuEcoHWOlS6eBIf0ts2jl%2F1A%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 882f4fbfaebf9708-AMS access-control-allow-headers fa-kit-token x-amz-cf-id VGdusi7mopyuJ41KJQ-iPGdybZZeBYqAuf41CBsgIs9Ds8B0d7-lwg==
GET H3	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	3 KB 1 KB	46ms 26ms	Fetch text/css	172.67.139.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=aae1a073a8 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/aae1a073a8.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:17 GMT via 1.1 adf2154fc698566cbee2ffdab8c37922.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop AMS1-P2 age 293159 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"f2e0b2680d9b0bcb6e0039c4424e5a59" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4K5H%2B%2B1e%2FJmM5fk6vLnFLPqQSLFnyMtakhowLgoda2%2FCyGXPBRBqeaDBEwJSJV6MUwp097mAplDEJmdlXSAw5CbwG01rOD4doTVVbW0t4SZYlCUstXjvPBYtvAK%2FCkDqSrBIY6Va7w%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 882f4fbfaebd9708-AMS access-control-allow-headers fa-kit-token x-amz-cf-id 8yNzZ4P_vCH1QIQo2jruNwmop7N4mp3BNiCFqkRNOWGlu83ThpPc-g==
GET H2	200	authorization.css www.blogger.com/dyn-css/	1 B 684 B	126ms 125ms	Stylesheet text/css	2a00:1450:4001:82f::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3552880097910789401&zx=bf92ad5d-4b84-44a2-89c8-98857fad58f4 Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Security Headers Name Value Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache content-security-policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport date Mon, 13 May 2024 02:45:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 13 May 2024 02:45:17 GMT server GSE x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." content-type text/css; charset=UTF-8 cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET		Gotham-Book_Web.7fa96aa06775160ee646.woff2 kw.sharafdg.net/online/static/media/	0 0
GET		Gotham-Medium_Web.1ddab6f832b5d19ddd8f.woff2 kw.sharafdg.net/online/static/media/	0 0
GET		Gotham-Bold_Web.d23d96aefe768329255e.woff2 kw.sharafdg.net/online/static/media/	0 0
GET H3	200	Mooney_characters_ea6989a335.svg kw.sharafdg.net/monn/file/	41 KB 12 KB	32ms 32ms	Image image/svg+xml	154.49.245.111 AS-HOSTINGER
General Check archive.org Show headers Download Go to Show image Full URL https://kw.sharafdg.net/monn/file/Mooney_characters_ea6989a335.svg Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 154.49.245.111 Paris, France, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash a332ca3d23059d37a26c3957b44670cada5a32ecaf94987b3ebe127a8dc0ce4d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:17 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Fri, 02 Feb 2024 13:04:55 GMT server LiteSpeed etag "a530-65bce877-3b9037e90151ff36;br" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 12435 expires Mon, 20 May 2024 02:45:17 GMT
GET H3	200	authorization.css www.blogger.com/dyn-css/	1 B 43 B	132ms 132ms	Stylesheet text/css	142.250.181.233 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3552880097910789401&zx=bf92ad5d-4b84-44a2-89c8-98857fad58f4 Requested by Host: detaynet.net URL: https://detaynet.net/gdnco/moon/moon/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.233 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f9.1e100.net Software GSE / Resource Hash 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Security Headers Name Value Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache content-security-policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport date Mon, 13 May 2024 02:45:17 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 13 May 2024 02:45:17 GMT server GSE x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." content-type text/css; charset=UTF-8 cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	favicon.ico www.fedex.com/secure-login/de-ch/	5 KB 1 KB	1091ms 940ms	Other image/x-icon	2a02:26f0:1700:11::b856:6794 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.fedex.com/secure-login/de-ch/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:1700:11::b856:6794 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash eab1b9a0ef942d84e3a8ed8c3e3996acb7a46af9a0b9f914ced662bcbe0e54be Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://detaynet.net/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 13 May 2024 02:45:18 GMT content-encoding gzip akamai-grn 0.946656b8.1715568317.1ad7c4b content-length 818 pragma no-cache referrer-policy no-referrer-when-downgrade last-modified Mon, 04 Mar 2024 03:11:44 GMT server nginx x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/x-icon x-vcap-request-id 5e484d37-4324-463b-437a-f696b2df6ae9 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true accept-ranges bytes expires Mon, 13 May 2024 02:45:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

kw.sharafdg.net

URL

https://kw.sharafdg.net/monn/file/Icon_99e4c76d41.svg

Domain

kw.sharafdg.net

URL

https://kw.sharafdg.net/monn/file/scrollButton.372d5008fb0996706305047d7e23d56d.svg

Domain

kw.sharafdg.net

URL

https://kw.sharafdg.net/online/static/media/Gotham-Book_Web.7fa96aa06775160ee646.woff2

Domain

kw.sharafdg.net

URL

https://kw.sharafdg.net/online/static/media/Gotham-Medium_Web.1ddab6f832b5d19ddd8f.woff2

Domain

kw.sharafdg.net

URL

https://kw.sharafdg.net/online/static/media/Gotham-Bold_Web.d23d96aefe768329255e.woff2

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Mooney (Banking)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| cookieChoices function| $ function| jQuery function| Popper object| bootstrap object| FontAwesomeKitConfig function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://detaynet.net/gdnco/moon/moon/file/common-core_SHF.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://detaynet.net/gdnco/moon/moon/file/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://detaynet.net/gdnco/moon/moon/login.php Message: Access to font at 'https://kw.sharafdg.net/online/static/media/Gotham-Bold_Web.d23d96aefe768329255e.woff2' from origin 'https://detaynet.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://kw.sharafdg.net/online/static/media/Gotham-Bold_Web.d23d96aefe768329255e.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://detaynet.net/gdnco/moon/moon/login.php Message: Access to font at 'https://kw.sharafdg.net/online/static/media/Gotham-Medium_Web.1ddab6f832b5d19ddd8f.woff2' from origin 'https://detaynet.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://kw.sharafdg.net/online/static/media/Gotham-Medium_Web.1ddab6f832b5d19ddd8f.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://detaynet.net/gdnco/moon/moon/login.php Message: Access to font at 'https://kw.sharafdg.net/online/static/media/Gotham-Book_Web.7fa96aa06775160ee646.woff2' from origin 'https://detaynet.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://kw.sharafdg.net/online/static/media/Gotham-Book_Web.7fa96aa06775160ee646.woff2 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
detaynet.net
ka-f.fontawesome.com
kit.fontawesome.com
kw.sharafdg.net
stackpath.bootstrapcdn.com
uae.sharafdg.net
www.blogger.com
www.fedex.com
kw.sharafdg.net
104.17.25.14
104.18.11.207
142.250.181.233
154.49.245.111
172.67.139.119
2606:4700:4400::6812:2844
2606:4700::6812:ba1f
2a00:1450:4001:82f::2009
2a02:26f0:1700:11::b856:6794
2a02:4780:27:1112:0:1fe0:ea65:2
2a04:4e42:400::649
5.253.143.101
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
037c44143ce2129b555a74c8fcbf777c4bf054506c9bb617e671f3a7566c3d9f
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
2aadb7ab6f8ab2778447898f71b6d2b32bd2386bb00da9433638895b887d1036
345dfa6ca7308f86946f82f7d416deea9e9788cd16c11be8569a0c930131f972
49616c860ff4ad5bed99b66a2b1295e7ef5213d5d5cf76ad2560d2f1daa06635
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
a332ca3d23059d37a26c3957b44670cada5a32ecaf94987b3ebe127a8dc0ce4d
a7ca5c0d12b974ad99685fd44983f85b2a0b00360dd820437b33f862e0ee44ae
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cad7083525c46d9c6b4fd0a954725885f40a1c58a6ae3550bb25ad15afad9c80
eab1b9a0ef942d84e3a8ed8c3e3996acb7a46af9a0b9f914ced662bcbe0e54be
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e