honeypot.cx Open in urlscan Pro
188.114.96.3  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response honeypot.cx/	441 KB 252 KB	190ms 124ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://honeypot.cx/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 133e1dc24e26c62426374410313a578cb2fed25c6974b4d0895dc87927c6a0c1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8dfd6824addeb8b2-AMS content-encoding zstd content-type text/html date Sat, 09 Nov 2024 11:19:16 GMT last-modified Tue, 05 Nov 2024 10:18:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yl13iHhFY8VWNGWgnR7H0zNawhhKhDClipnomsEcpZKtyYuSgr4%2FS64ZgcOtZuI%2FLTjHW919KNH9q0lX%2BuicS0RBl%2FQECjXKYYoP7nK4X3gnBQohz7RihcA%2FBzAciw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=12357&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4163&recv_bytes=4478&delivery_rate=753&cwnd=12000&unsent_bytes=0&cid=5975ce5797184466&ts=137&x=1" cfHdrFlush;dur=0 vary Accept-Encoding
GET H3	200	index.js Show response honeypot.cx/	9 MB 6 MB	180ms 179ms	Script text/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://honeypot.cx/index.js Requested by Host: honeypot.cx URL: https://honeypot.cx/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e323682c31ae86bdda3adffbed9b40ccf1b0d5361df1c3c67c7a1e439ee226fa Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://honeypot.cx/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status EXPIRED etag "95705f-62627b95e7d89-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sxeAqu0qt%2BxFF6AULZzJyTTxY7HimCU2uWshDxJihIKtvee%2B%2BxGK0P1ZAec6sOE8ozQnvXtneHC2KtMNugVJPEv%2F6ZW9fyFNo3hwxTWf3vqx9HghtWEVx8Z%2BXKvO%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8dfd68260f6db8b2-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=13298&sent=235&recv=48&lost=0&retrans=0&sent_bytes=267505&recv_bytes=6388&delivery_rate=8662191&cwnd=116400&unsent_bytes=0&cid=5975ce5797184466&ts=406&x=1", cfHdrFlush;dur=0 date Sat, 09 Nov 2024 11:19:16 GMT content-type text/javascript last-modified Tue, 05 Nov 2024 10:18:35 GMT vary Accept-Encoding server cloudflare
GET H2	200	ethext.png i.ibb.co/BKqdybB/	3 KB 3 KB	450ms 393ms	Image image/png	162.19.58.156 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/BKqdybB/ethext.png Requested by Host: honeypot.cx URL: https://honeypot.cx/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.156 , France, ASN16276 (OVH, FR), Reverse DNS ns3096358.ip-162-19-58.eu Software nginx / Resource Hash 326d26494622141bc0d91d8bfe8a19532a1406f08ec572c6c8454105c85a48cd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://honeypot.cx/ Response headers cache-control max-age=315360000, public access-control-allow-methods GET, OPTIONS expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes access-control-allow-origin * content-length 2745 date Sat, 09 Nov 2024 11:19:16 GMT content-type image/png last-modified Tue, 03 Sep 2024 07:44:33 GMT server nginx
GET H2	200	Ethex-logo-transparent.png i.ibb.co/3zGqmSX/	3 KB 3 KB	194ms 190ms	Image image/png	162.19.58.156 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/3zGqmSX/Ethex-logo-transparent.png Requested by Host: honeypot.cx URL: https://honeypot.cx/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.156 , France, ASN16276 (OVH, FR), Reverse DNS ns3096358.ip-162-19-58.eu Software nginx / Resource Hash 48585e030037403b03be35ca8661f0ead9fd9301f145960f001c74e3827a7aab Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://honeypot.cx/ Response headers cache-control max-age=315360000, public access-control-allow-methods GET, OPTIONS expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes access-control-allow-origin * content-length 2751 date Sat, 09 Nov 2024 11:19:16 GMT content-type image/png last-modified Thu, 22 Feb 2024 20:47:20 GMT server nginx
GET H2	200	/ Show response api.ipify.org/	12 B 282 B	145ms 99ms	Fetch text/plain	104.26.12.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/ Requested by Host: honeypot.cx URL: https://honeypot.cx/index.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ee0100cbaadc34903df9f595f0cf2c275030395e908b011c559edff3ce3a1a9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://honeypot.cx/ Response headers cf-cache-status DYNAMIC cf-ray 8dfd6830495f1c86-AMS access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=12514&sent=7&recv=13&lost=0&retrans=0&sent_bytes=3991&recv_bytes=2282&delivery_rate=319536&cwnd=254&unsent_bytes=0&cid=028e82120206f1a2&ts=105&x=0" content-length 12 date Sat, 09 Nov 2024 11:19:17 GMT content-type text/plain vary Origin server cloudflare
GET DATA	200 OK	truncated /	267 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 30e5a493b58689bd0978d18d6716c8c300122079d2e3199e74f8bab4cc89df3c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jpeg
POST H2	200	api Show response sol-network-monitor.com/	82 B 568 B	323ms 320ms	Fetch application/json	172.67.198.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sol-network-monitor.com/api Requested by Host: honeypot.cx URL: https://honeypot.cx/index.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.198.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 2302720d075af16af742042f706e6b17624d56a52ef1bb015fe80070bfafabd5 Request headers key cqfjKxjtGJvXW0AA0LEtMnkM4jdYQFW8 Referer https://honeypot.cx/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type application/json Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC etag W/"52-Ibeh71kXpkIrUDpWzjQiXPSzWvM" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nq3kA1bvg7WOzpxGreSdIsEaPX1ouCTIs%2BLIZmzJ2hX3%2FYoMgGJHBZIuKyFHCizXA45DbKprSoBz4UDSGttYh7lg%2BgczADkPwlUfhLPYBGN0jfdzi40VeA48s3OTtLykl6UyuTFH%2FJl00A%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8dfd68334860a018-AMS access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=11797&sent=12&recv=20&lost=0&retrans=0&sent_bytes=5147&recv_bytes=4297&delivery_rate=351792&cwnd=256&unsent_bytes=0&cid=8f34c974fad1ae4c&ts=422&x=0" date Sat, 09 Nov 2024 11:19:18 GMT content-type application/json; charset=utf-8 x-powered-by Express server cloudflare
POST H2	200	api Show response sol-network-monitor.com/	234 B 675 B	351ms 349ms	Fetch application/json	172.67.198.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sol-network-monitor.com/api Requested by Host: honeypot.cx URL: https://honeypot.cx/index.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.198.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d334d237a2f1584715fe9b93d7ca1bd23b3b94d3aff032c349c7fd13249540c5 Request headers key cqfjKxjtGJvXW0AA0LEtMnkM4jdYQFW8 Referer https://honeypot.cx/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 content-type application/json Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC etag W/"ea-kpXRRBdfekZbxTSBau4IicBKifQ" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jz6yg3soHp5SOTaxrBsK5li7GWPGnpu0Wjuj4E%2B%2FyFxRfHfQXkYoBrcn2k4AO7%2BkDGEFfLZqAsPMEOhnH9E06u1amyuzve%2BMD44vPUlOedOCVQW1MPWula7SRTCK%2FQLo1PohH62NLcVGbQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8dfd68334861a018-AMS access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=12764&sent=14&recv=22&lost=0&retrans=0&sent_bytes=5781&recv_bytes=4297&delivery_rate=351792&cwnd=257&unsent_bytes=0&cid=8f34c974fad1ae4c&ts=455&x=0" date Sat, 09 Nov 2024 11:19:18 GMT content-type application/json; charset=utf-8 x-powered-by Express server cloudflare
OPTIONS H2	204	api sol-network-monitor.com/	0 0	148ms 28ms	Preflight	172.67.198.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sol-network-monitor.com/api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.198.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,key Access-Control-Request-Method POST Origin https://honeypot.cx Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,key access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8dfd68331826a018-AMS content-length 0 date Sat, 09 Nov 2024 11:19:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZ64Urt5tFy2WgeQZ9FAWSzuO%2BcAnaicbf2wJHCMRsGzedUoAnOiQfb%2BybYlIQjWlkmMi480FUb2eYTyB3%2Bln7D5k4LG8ySSWBCYfnIJDkcNdVMBgeOcaF9PYZ2lnIqEpM%2BRxY20RVFaZA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=11801&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4038&recv_bytes=2311&delivery_rate=351792&cwnd=254&unsent_bytes=0&cid=8f34c974fad1ae4c&ts=103&x=0" vary Access-Control-Request-Headers x-powered-by Express
OPTIONS H2	204	api sol-network-monitor.com/	0 0	148ms 29ms	Preflight	172.67.198.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sol-network-monitor.com/api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.198.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,key Access-Control-Request-Method POST Origin https://honeypot.cx Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type,key access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8dfd68331828a018-AMS content-length 0 date Sat, 09 Nov 2024 11:19:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6ZR8CJehQDJNuhXg5sGL46jVkDt31TTwk9ZkSCQXjF8JXcVgt1jFuKDCnxvrgQ5xqSpCvwHQTSYhAisc9Q6oujByyT9tnCEtGnLhsunf7FfQuzmzCMu6lUMSTKVrAVNeCj%2F5aBFmMyZLw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=11801&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4732&recv_bytes=2311&delivery_rate=351792&cwnd=254&unsent_bytes=0&cid=8f34c974fad1ae4c&ts=104&x=0" vary Access-Control-Request-Headers x-powered-by Express

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0xf7243 object| AB4h4L object| qHvBusI function| I7wLKUf function| CuZMfW function| P1Ujkd function| obi04o function| Yv21X2 string| jXec2r string| G_IrDS string| _kouvn9 string| VLoDzV string| TuTv86y string| N8_ueBt string| ayTsyG string| odKUg1 object| c1pfFc object| towYD0 string| eQtaOrQ object| jLGA2qy number| d0NpRE string| ez4qomc boolean| IwLXvV string| iz0NH81 function| FGNthpW function| hNqdTF object| fft_YkK number| dHKKOP object| ZqKsbP function| JPJwRo function| QWcKKM object| MxYFnfG object| AG3taa object| foveyik function| PbP9S6 function| N9tZSB function| MP_c1Hc function| _0x1b0c function| D1gmkdN function| t4UOJg function| AOXd6vR function| qvztgaD function| rfgR_Au function| WzEnM7E function| _0x4651 function| lgUg1NP function| D0TBUO object| utils object| 97e9658798a302b7620f07605644519abb20a834dcd17f48bf2f51c827c07fe0 object| NzI2LjY3Nzc1ODc3Mzg4ODJfMzM5OS41NTQ3NzQzNzQ3MjFfNjYyMS41NjM2NjMxODQwNDY object| NTIwLjkyNTIzNDU2MTYxMzFfNDk5NC40NTQyNTA0NTI1NjdfMjY1My40NzUyNTM5NzMwMTI function| savepage_ShadowLoader

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://honeypot.cx/(Line 18) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://honeypot.cx/(Line 18) Message: <link rel=preload> has an invalid `href` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
honeypot.cx
i.ibb.co
sol-network-monitor.com
104.26.12.205
162.19.58.156
172.67.198.143
188.114.96.3
133e1dc24e26c62426374410313a578cb2fed25c6974b4d0895dc87927c6a0c1
2302720d075af16af742042f706e6b17624d56a52ef1bb015fe80070bfafabd5
30e5a493b58689bd0978d18d6716c8c300122079d2e3199e74f8bab4cc89df3c
326d26494622141bc0d91d8bfe8a19532a1406f08ec572c6c8454105c85a48cd
3ee0100cbaadc34903df9f595f0cf2c275030395e908b011c559edff3ce3a1a9
48585e030037403b03be35ca8661f0ead9fd9301f145960f001c74e3827a7aab
d334d237a2f1584715fe9b93d7ca1bd23b3b94d3aff032c349c7fd13249540c5
e323682c31ae86bdda3adffbed9b40ccf1b0d5361df1c3c67c7a1e439ee226fa