Report - b895000.cc/

Report Overview

Submitted URL
b895000.cc/
IP
144.48.83.25
ASN
#138995 Antbox Networks Limited
Submitted
2024-05-09 17:28:21
Access
public
Website Title
b89588.com/
Final URL
b89588.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
b895000.cc	unknown	2024-02-22	2024-02-22	2024-02-25	381 B	159 B	144.48.83.154
bet895.bet	unknown	unknown	No data	No data	465 B	177 B	185.121.169.100
img2.thethsdnadagvx.com	unknown	2022-07-07	2023-08-21	2024-01-18	1.9 kB	200 kB	172.67.168.33
b89588.com	unknown	unknown	No data	No data	8.6 kB	596 kB	185.121.169.101

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	b895000.cc/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365
2024-05-06	medium	b89588.com/	Bet365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	b89588.com/xss/download/tp04/js/pageHook.js?v=2023040	1.9 kB	2024-04-02	2024-05-10
Pretty URL b89588.com/xss/download/tp04/js/pageHook.js?v=2023040 IP 185.121.169.101 ASN #138995 Antbox Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 06:47:19 Last Seen2024-05-10 02:58:07 Times Seen8 Hash bba26e61e42fd947f6c39374a1803931 7cc6b9b4a85ec08fe076a2124322320b3cd0f629 c241c7ff4beb37e947e124b866df14356bc5fd459a309acc544fe54eeee35ffb Loading...

	b89588.com/xss/script/jquery.min.js?v=2023040	96 kB	2023-03-07	2024-05-20
Pretty URL b89588.com/xss/script/jquery.min.js?v=2023040 IP 185.121.169.101 ASN #138995 Antbox Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:11 Last Seen2024-05-20 10:14:45 Times Seen15752 Hash f03e5a3bf534f4a738bc350631fd05bd 37b1db88b57438f1072a8ebc7559c909c9d3a682 aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Loading...

	b89588.com/xss/download/common/tempo.min.js?v=2023040	12 kB	2023-08-11	2024-05-10
Pretty URL b89588.com/xss/download/common/tempo.min.js?v=2023040 IP 185.121.169.101 ASN #138995 Antbox Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-11 00:35:09 Last Seen2024-05-10 02:58:07 Times Seen10 Hash 81b2531edf469e6c2707a2e05c5dc7c2 584da6d970043337ba70fe7171673933ed8806cb 532e68f1b7b852ee680366a68910bb5318ed801b28b6dee1904c6be30c09ddb9 Loading...

	b89588.com/xss/download/common/utils.js?v=2023040	6.2 kB	2024-04-02	2024-05-10
Pretty URL b89588.com/xss/download/common/utils.js?v=2023040 IP 185.121.169.101 ASN #138995 Antbox Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 06:47:19 Last Seen2024-05-10 02:58:07 Times Seen8 Hash 32a0196013dddfcb13e69dbc7ce0dc9c a947111063075873bd36a12f070a6a368d48b378 4e2e7641ffa68169a53f9634fdb30c468492ffe61e5521e19c32dbfdb6a5cd81 Loading...

	b89588.com/xss/script/jquery.i18n.properties.js?v=2023040	22 kB	2024-04-02	2024-05-10
Pretty URL b89588.com/xss/script/jquery.i18n.properties.js?v=2023040 IP 185.121.169.101 ASN #138995 Antbox Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 06:47:19 Last Seen2024-05-10 02:58:07 Times Seen8 Hash b741058928bdc6e307257f082dd99024 3f22d15fb7e1bc4f1ff93ab423143e9e3299e1b2 1c76de73bdf9aaecef3518c7353a990c557b9fa7f95aca2f8130c6cd2740195d Loading...

	b89588.com/xss/download/tp04/js/main.js?v=2023040	1.2 kB	2024-04-02	2024-05-10
Pretty URL b89588.com/xss/download/tp04/js/main.js?v=2023040 IP 185.121.169.101 ASN #138995 Antbox Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 06:47:19 Last Seen2024-05-10 02:58:07 Times Seen8 Hash dfa831bb886c3426011da7647c92e76e 64cee9e798ecaf06227a389b0ac1d0f00627127a 507da1be223e4d40dbb80d7375bdcd25daa8ec77d705712ccf8f8b59529e425c Loading...

	b89588.com/	0 B	2023-03-07	2024-05-20
Pretty URL b89588.com/ IP 185.121.169.101 ASN #138995 Antbox Networks Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 13:58:08 Times Seen37876225 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 46944c51837b00a177bb3609a11e0af6	17 kB	2023-03-07	2024-05-10
Pretty Observations First Seen2023-03-07 15:42:43 Last Seen2024-05-10 02:58:07 Times Seen8 Hash 46944c51837b00a177bb3609a11e0af6 fa20aff3b8d420a4bbec568fc56bb305562e8d35 2f9e981621bf040bd61dd1044f9e6bb5986208807618281f8d6705318ec817a9 Loading...

	#2 Eval - 865c0c0b4ab0e063e5caa3387c1a8741	1 B	2023-03-07	2024-05-10
Pretty Observations First Seen2023-03-07 12:09:42 Last Seen2024-05-10 02:58:07 Times Seen240 Hash 865c0c0b4ab0e063e5caa3387c1a8741 042dc4512fa3d391c5170cf3aa61e6a638f84342 de7d1b721a1e0632b7cf04edf5032c8ecffa9f9a08492152b926f1a5a7e765d7 Loading...

	#3 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 13:58:08 Times Seen37876225 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (25)

URL IP Response Size

b895000.cc/

144.48.83.154

307 Temporary Redirect

0 B

URL User Request GET HTTP/1.1
b895000.cc/
IP
144.48.83.154:80
ASN
#138995 Antbox Networks Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET / HTTP/1.1
Host: b895000.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Content-Type: text/html; charset=utf-8
Location: http://bet895.bet/
Date: Thu, 09 May 2024 17:27:56 GMT
Content-Length: 0

bet895.bet/

185.121.169.100

307 Temporary Redirect

0 B

URL User Request GET HTTP/2
bet895.bet/
IP
185.121.169.100:443
ASN
#138995 Antbox Networks Limited

Certificate
IssuerLet's Encrypt
Subjectbet895.vip
FingerprintAF:30:FA:9B:57:AC:14:B0:84:5B:A2:3B:95:E7:34:7A:5F:91:04:86
ValiditySat, 06 Apr 2024 16:02:45 GMT - Fri, 05 Jul 2024 16:02:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: bet895.bet
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
content-type: text/html; charset=utf-8
location: https://b89588.com
content-length: 0
date: Thu, 09 May 2024 17:27:58 GMT
X-Firefox-Spdy: h2

img2.thethsdnadagvx.com/gameplat-cms/d75549f2-45f2-481d-bfa8-b647490109bd.png

172.67.168.33

192 kB

URL GET
img2.thethsdnadagvx.com/gameplat-cms/d75549f2-45f2-481d-bfa8-b647490109bd.png
IP
172.67.168.33:0
ASN
#13335 CLOUDFLARENET

Requested by
https://b89588.com/
Certificate
IssuerCloudflare, Inc.
Subjectthethsdnadagvx.com
FingerprintD0:59:40:20:CB:0D:B0:03:C5:4B:93:D7:39:6D:DE:C5:76:F3:4A:26
ValidityTue, 30 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
192 kB (192091 bytes)
Hash
2c433e17fbbb00d884e7546be9689e37
b8e3265ccb03d783bccc6fc23b9192a1331cdf29
485379a0f96261fc7fffdf86203ff382453264ed598b9e67ebf4294830de7e1a

HTTP Headers

GET /gameplat-cms/d75549f2-45f2-481d-bfa8-b647490109bd.png HTTP/1.1
Host: img2.thethsdnadagvx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 17:27:59 GMT
content-type: image/png
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"dcbcd83fb275c2fc2f29359116a70b03"
last-modified: Wed, 03 Jan 2024 14:12:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: d9b602680ee2ed5df806be630bacf98432e6305614eb4f8377eb5d27a8dc0b35
x-amz-request-id: 17CCCC324BFA0189
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 4618
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=keBaWBhb07e%2BwBb2wr3sXV1VgD3p0h0cpKEgH7y67VwgKoidEz2CQJSPpqirSrLOdg%2B11gUdTQuMPqc3fabyaFTkY8LRjMWUpXnaSb7XZz%2FoohIHRdoG34pyQJszXFLk0gQuDRPkYLWoOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881367474bcf56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

b89588.com/xss/download/tp04/css/reset.css?v=2023040

185.121.169.101

200 OK

1.2 kB

URL GET HTTP/2
b89588.com/xss/download/tp04/css/reset.css?v=2023040
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
CSV text
Size
1.2 kB (1220 bytes)
Hash
53716944980fe9dd9d6ac60a05769189
bb14497ad9dba17e383275a5512bcc77a7c22a4a
5abbd993158cc7b1771bad5fac9ca41e20eb31059297d88c6d5d51dba7c175e1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/tp04/css/reset.css?v=2023040 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: text/css
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 1220
X-Firefox-Spdy: h2

b89588.com/xss/download/tp04/css/style.css?v=2023040

185.121.169.101

200 OK

17 kB

URL GET HTTP/2
b89588.com/xss/download/tp04/css/style.css?v=2023040
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
Unicode text, UTF-8 text
Size
17 kB (16651 bytes)
Hash
eee751aba0daf80329bd01b55ae95a10
de3b874777b4abdb480c2311641472c8f5e7ef65
a2101dd92784f4ec4a2dfa17f66663135a121ca3fdf4a6011718ac7ea8b607d3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/tp04/css/style.css?v=2023040 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: text/css
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 16651
X-Firefox-Spdy: h2

b89588.com/xss/css/loading.css?v=2023040

185.121.169.101

200 OK

1.9 kB

URL GET HTTP/2
b89588.com/xss/css/loading.css?v=2023040
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
ASCII text
Size
1.9 kB (1876 bytes)
Hash
12a40c9903237ef4bc94ec051fbaf3b6
784fe29a7779f0d128d00b88dfb0acca3fd5aaa8
1af6febf41f3039f9ed004994d6fe85e4c7e3e0949c3a006caf74138d20ebbd0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/css/loading.css?v=2023040 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: text/css
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 1876
X-Firefox-Spdy: h2

b89588.com/xss/download/tp04/img/left_line.png

185.121.169.101

200 OK

3.4 kB

URL GET HTTP/2
b89588.com/xss/download/tp04/img/left_line.png
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
PNG image data, 437 x 42, 8-bit/color RGBA, non-interlaced
Size
3.4 kB (3369 bytes)
Hash
c68c208414cbb8db6cc8e38e1e4781ae
9f2a3a039fe4f34f231848778b6fcbc0dc3b2515
c5cd42d7bc1a4b250a85976272f6054fc3e1a59ad89734c472f35dc686aa1f30

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/tp04/img/left_line.png HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: image/png
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 3369
X-Firefox-Spdy: h2

b89588.com/xss/download/tp04/img/right_line.png

185.121.169.101

200 OK

3.5 kB

URL GET HTTP/2
b89588.com/xss/download/tp04/img/right_line.png
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
PNG image data, 437 x 42, 8-bit/color RGBA, non-interlaced
Size
3.5 kB (3500 bytes)
Hash
988f2e91eb4518fbe986783f20e70c36
19a93281a4e4670ed06005d4a12eac7b20cf1c20
cd0fd6677c39cd6d11213811c376598e7efd0e7ba8060508d8de5ba232aabe11

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/tp04/img/right_line.png HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: image/png
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 3500
X-Firefox-Spdy: h2

b89588.com/xss/download/tp04/img/green/btn_home.png

185.121.169.101

200 OK

3.0 kB

URL GET HTTP/2
b89588.com/xss/download/tp04/img/green/btn_home.png
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
PNG image data, 84 x 84, 8-bit colormap, non-interlaced
Size
3.0 kB (3037 bytes)
Hash
0cb9beb7cbc1e7eac7f2187d772d580b
30adef9272fc09d43c505f9c22b8366c67ec698e
6fc744842c9a353156834990bcc8bf934f9191cd32b560dee11e583cbe916fa2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/tp04/img/green/btn_home.png HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: image/png
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 3037
X-Firefox-Spdy: h2

b89588.com/xss/download/tp04/img/green/btn_down.png

185.121.169.101

200 OK

2.2 kB

URL GET HTTP/2
b89588.com/xss/download/tp04/img/green/btn_down.png
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
PNG image data, 84 x 84, 8-bit colormap, non-interlaced
Size
2.2 kB (2243 bytes)
Hash
422f55d5439b4fa6e81034ac58bf70b2
71f5986ca34ac18700386a22e0f37ec86a2ea23f
67063829354c1637b30b3c690b40199c9794a0552ead5d5351d0b25c05aaafd9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/tp04/img/green/btn_down.png HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: image/png
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 2243
X-Firefox-Spdy: h2

b89588.com/xss/download/tp04/img/green/btn_cs.png

185.121.169.101

200 OK

2.9 kB

URL GET HTTP/2
b89588.com/xss/download/tp04/img/green/btn_cs.png
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
PNG image data, 84 x 84, 8-bit colormap, non-interlaced
Size
2.9 kB (2913 bytes)
Hash
1bf2ee1e16ce696e112a904d1d6c0a63
2ff890996681bf588eab13cb794e713a927674e4
fe95f1f6d406da91e3d1757c94ae9a5df2c0be7127fba8229f5e2c083397b804

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/tp04/img/green/btn_cs.png HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: image/png
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 2913
X-Firefox-Spdy: h2

b89588.com/xss/download/tp04/js/main.js?v=2023040

185.121.169.101

200 OK

1.2 kB

URL GET HTTP/2
b89588.com/xss/download/tp04/js/main.js?v=2023040
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
JavaScript source, ASCII text
Size
1.2 kB (1210 bytes)
Hash
dfa831bb886c3426011da7647c92e76e
64cee9e798ecaf06227a389b0ac1d0f00627127a
507da1be223e4d40dbb80d7375bdcd25daa8ec77d705712ccf8f8b59529e425c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/tp04/js/main.js?v=2023040 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: application/javascript
date: Thu, 09 May 2024 17:14:21 GMT
etag: "1715274861"
expires: Fri, 10 May 2024 17:14:21 GMT
last-modified: Thu, 09 May 2024 17:14:21 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 1210
X-Firefox-Spdy: h2

b89588.com/xss/download/tp04/js/pageHook.js?v=2023040

185.121.169.101

200 OK

1.9 kB

URL GET HTTP/2
b89588.com/xss/download/tp04/js/pageHook.js?v=2023040
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
C++ source, Unicode text, UTF-8 text
Size
1.9 kB (1901 bytes)
Hash
bba26e61e42fd947f6c39374a1803931
7cc6b9b4a85ec08fe076a2124322320b3cd0f629
c241c7ff4beb37e947e124b866df14356bc5fd459a309acc544fe54eeee35ffb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/tp04/js/pageHook.js?v=2023040 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: application/javascript
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 1901
X-Firefox-Spdy: h2

b89588.com/xss/download/common/tempo.min.js?v=2023040

185.121.169.101

200 OK

12 kB

URL GET HTTP/2
b89588.com/xss/download/common/tempo.min.js?v=2023040
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
JavaScript source, ASCII text, with very long lines (12204), with no line terminators
Size
12 kB (12204 bytes)
Hash
81b2531edf469e6c2707a2e05c5dc7c2
584da6d970043337ba70fe7171673933ed8806cb
532e68f1b7b852ee680366a68910bb5318ed801b28b6dee1904c6be30c09ddb9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/common/tempo.min.js?v=2023040 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: application/javascript
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 12204
X-Firefox-Spdy: h2

b89588.com/xss/download/common/utils.js?v=2023040

185.121.169.101

200 OK

6.2 kB

URL GET HTTP/2
b89588.com/xss/download/common/utils.js?v=2023040
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
Unicode text, UTF-8 text
Size
6.2 kB (6201 bytes)
Hash
32a0196013dddfcb13e69dbc7ce0dc9c
a947111063075873bd36a12f070a6a368d48b378
4e2e7641ffa68169a53f9634fdb30c468492ffe61e5521e19c32dbfdb6a5cd81

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/common/utils.js?v=2023040 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: application/javascript
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 6201
X-Firefox-Spdy: h2

b89588.com/xss/script/jquery.i18n.properties.js?v=2023040

185.121.169.101

200 OK

22 kB

URL GET HTTP/2
b89588.com/xss/script/jquery.i18n.properties.js?v=2023040
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
JavaScript source, ASCII text
Size
22 kB (21972 bytes)
Hash
b741058928bdc6e307257f082dd99024
3f22d15fb7e1bc4f1ff93ab423143e9e3299e1b2
1c76de73bdf9aaecef3518c7353a990c557b9fa7f95aca2f8130c6cd2740195d

HTTP Headers

GET /xss/script/jquery.i18n.properties.js?v=2023040 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: application/javascript
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715269867"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 15:51:07 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 21972
X-Firefox-Spdy: h2

b89588.com/xss/script/jquery.min.js?v=2023040

185.121.169.101

200 OK

96 kB

URL GET HTTP/2
b89588.com/xss/script/jquery.min.js?v=2023040
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
JavaScript source, ASCII text, with very long lines (32038)
Size
96 kB (95992 bytes)
Hash
f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

HTTP Headers

GET /xss/script/jquery.min.js?v=2023040 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: application/javascript
date: Thu, 09 May 2024 15:51:07 GMT
etag: "1715274400"
expires: Fri, 10 May 2024 15:51:07 GMT
last-modified: Thu, 09 May 2024 17:06:40 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, memory
x-proxy-cache: HIT
content-length: 95992
X-Firefox-Spdy: h2

b89588.com/xss/download/tp04/img/bg.png

185.121.169.101

200 OK

405 kB

URL GET HTTP/2
b89588.com/xss/download/tp04/img/bg.png
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
PNG image data, 3840 x 2160, 8-bit colormap, non-interlaced
Size
405 kB (405446 bytes)
Hash
1059411dae14a407d1a47f9aad2a9a9c
0e33209fbdcc718f9232230c3fa5cce789ce3cf0
ca2784354984e8f864ca55597ae67aa3a358f321f21f3e9e4cd95c9f65aa2ee4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /xss/download/tp04/img/bg.png HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: image/png
date: Thu, 09 May 2024 15:51:08 GMT
etag: "1715269868"
expires: Fri, 10 May 2024 15:51:08 GMT
last-modified: Thu, 09 May 2024 15:51:08 GMT
server: openresty
vary: Access-Control-Request-Headers
x-cache: HIT, policy, disk
x-proxy-cache: HIT
content-length: 405446
X-Firefox-Spdy: h2

b89588.com/api/download/getDownloadInfo?recommendCode=b89588.com&mark=1

185.121.169.101

200 OK

806 B

URL GET HTTP/2
b89588.com/api/download/getDownloadInfo?recommendCode=b89588.com&mark=1
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
JSON text data
Size
806 B (806 bytes)
Hash
5c9df5fc84db0c6fc6158128a0e6b88f
442e149dc48ea7be855e341d8a4362b542395361
942b18f47ba23b7682c25577e4dc4a13bb20bd7f4d2e8f2fc424a701c94aa96e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET /api/download/getDownloadInfo?recommendCode=b89588.com&mark=1 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
content-type: application/json;charset=UTF-8
date: Thu, 09 May 2024 17:28:01 GMT
server: openresty
x-cache: BYPASS
content-length: 806
X-Firefox-Spdy: h2

b89588.com/xss/download/tp04/i18n/messages.properties?_=1715275681450

185.121.169.101

200 OK

420 B

URL GET HTTP/2
b89588.com/xss/download/tp04/i18n/messages.properties?_=1715275681450
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
ISO-8859 text
Size
420 B (420 bytes)
Hash
98e8eff7c4389466dd2fb9d523029bda
d6b304928f132dcb2936164447a477934d5aa55a
126da55f34ddefb0cbd16a0f43e0dc5509b11ad6976ab0485f70d979cbf90fa1

HTTP Headers

GET /xss/download/tp04/i18n/messages.properties?_=1715275681450 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: application/octet-stream
date: Thu, 09 May 2024 17:28:01 GMT
expires: Fri, 10 May 2024 17:28:01 GMT
last-modified: Sun, 28 Apr 2024 10:16:39 GMT
server: openresty
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: BYPASS
x-proxy-cache: MISS
content-length: 420
X-Firefox-Spdy: h2

img2.thethsdnadagvx.com/gameplat-cms/da6ca97e-6aa2-41d1-a1c4-1b708afedeac.png

172.67.168.33

200 OK

3.7 kB

URL GET HTTP/3
img2.thethsdnadagvx.com/gameplat-cms/da6ca97e-6aa2-41d1-a1c4-1b708afedeac.png
IP
172.67.168.33:443
ASN
#13335 CLOUDFLARENET

Requested by
https://b89588.com/
Certificate
IssuerCloudflare, Inc.
Subjectthethsdnadagvx.com
FingerprintD0:59:40:20:CB:0D:B0:03:C5:4B:93:D7:39:6D:DE:C5:76:F3:4A:26
ValidityTue, 30 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
3.7 kB (3691 bytes)
Hash
0ef62107b2f6c16bc0468cd9b62d791f
d796dacf5dc75bd05b5e9d6698f4cbebb6881d6b
0c19664d4ebefc56d8ac9077403838ca2b26b8968ac2a0ebed81fcb1488171be

HTTP Headers

GET /gameplat-cms/da6ca97e-6aa2-41d1-a1c4-1b708afedeac.png HTTP/1.1
Host: img2.thethsdnadagvx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 17:28:02 GMT
content-type: image/png
content-length: 3691
etag: "0ef62107b2f6c16bc0468cd9b62d791f"
last-modified: Wed, 03 Jan 2024 12:51:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: 891cc6e2d9f1c35b2c12c8a4e476b4a5ca09deccda9e25248c850b9912710f3d
x-amz-request-id: 17CDC4E0DF3B29B1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Ppw5lkFc5tapLoiSabwi5w5WIxn8Wp8MEnh3129pAD1WnJzxURiM3BvQxY1pN%2FbejqlHYrGljXWQVA4vLVjXLf%2FMDDzozCW%2BhGgNRAv1qtTq0VM8lpy8b5GGzeAEbykHhptlWXxWyngbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881367513fbd56ae-OSL
alt-svc: h3=":443"; ma=86400

b89588.com/xss/download/tp04/i18n/messages_zh.properties?_=1715275681451

185.121.169.101

200 OK

1.1 kB

URL GET HTTP/2
b89588.com/xss/download/tp04/i18n/messages_zh.properties?_=1715275681451
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Requested by
https://b89588.com/
Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
ASCII text, with very long lines (708)
Size
1.1 kB (1051 bytes)
Hash
089d8681addcb6c82b883f05fa4a4f8e
97923eac117a65f9367eb45fcd39937150ba09ab
4c5d6d76717436a57e46aeda5e3af07b4df51ba16529521ec1e9c5de235a3f55

HTTP Headers

GET /xss/download/tp04/i18n/messages_zh.properties?_=1715275681451 HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/plain, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=86400
content-type: application/octet-stream
date: Thu, 09 May 2024 17:28:02 GMT
expires: Fri, 10 May 2024 17:28:02 GMT
last-modified: Sun, 28 Apr 2024 10:16:39 GMT
server: openresty
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-cache: BYPASS
x-proxy-cache: MISS
content-length: 1051
X-Firefox-Spdy: h2

img2.thethsdnadagvx.com/gameplat-cms/9f6c90f7-83a5-40f9-961a-f3c60e568c8c.png

0.0.0.0

0 B

URL GET
img2.thethsdnadagvx.com/gameplat-cms/9f6c90f7-83a5-40f9-961a-f3c60e568c8c.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://b89588.com/
Certificate
IssuerCloudflare, Inc.
Subjectthethsdnadagvx.com
FingerprintD0:59:40:20:CB:0D:B0:03:C5:4B:93:D7:39:6D:DE:C5:76:F3:4A:26
ValidityTue, 30 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gameplat-cms/9f6c90f7-83a5-40f9-961a-f3c60e568c8c.png HTTP/1.1
Host: img2.thethsdnadagvx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 17:28:00 GMT
content-type: image/png
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"e7cb5ee9f30672a53b2f7495d4e42630"
last-modified: Wed, 03 Jan 2024 12:51:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: 891cc6e2d9f1c35b2c12c8a4e476b4a5ca09deccda9e25248c850b9912710f3d
x-amz-request-id: 17CDCEB9464D1500
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8M6ThSmQHkrGgQajmlbyc81jJPe%2Bp4LuW%2B3D8sNI3c0tMXgd610MtAv9aenL5at5B85azHfVhIZxK%2FEVihr8oA%2Fit5MDzzVtGDjZlijmhp9wrgBR13IY1L1bd8oQk4FQt9z%2BYZ1bRyIdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881367474bde56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img2.thethsdnadagvx.com/gameplat-cms/ab80663a-70ea-4a96-ba7d-2f60c1b1c65f.png

0.0.0.0

0 B

URL GET
img2.thethsdnadagvx.com/gameplat-cms/ab80663a-70ea-4a96-ba7d-2f60c1b1c65f.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://b89588.com/
Certificate
IssuerCloudflare, Inc.
Subjectthethsdnadagvx.com
FingerprintD0:59:40:20:CB:0D:B0:03:C5:4B:93:D7:39:6D:DE:C5:76:F3:4A:26
ValidityTue, 30 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gameplat-cms/ab80663a-70ea-4a96-ba7d-2f60c1b1c65f.png HTTP/1.1
Host: img2.thethsdnadagvx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://b89588.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 17:28:00 GMT
content-type: image/png
vary: Accept-Encoding, Origin, Accept-Encoding
etag: W/"f09094a8e991320891def0f6fcdbdf62"
last-modified: Thu, 11 Jan 2024 12:22:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: 891cc6e2d9f1c35b2c12c8a4e476b4a5ca09deccda9e25248c850b9912710f3d
x-amz-request-id: 17CDCEB946CD6243
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPOgm9jiut83MwMyNxiojfasFsZwGcc9W2KvvlKKwldznj1Yth%2F3P9AXH0l12x7xDY%2BtiLSRyojrKPp2I9T9xdGJdt3QYwe7uxWDBWvR72gbq1U1RAN9%2B8g4e%2BejqdqKfmPNotMnQkRGog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881367474bd856b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

b89588.com/

185.121.169.101

200 OK

7.0 kB

URL User Request GET HTTP/2
b89588.com/
IP
185.121.169.101:443
ASN
#138995 Antbox Networks Limited

Certificate
IssuerLet's Encrypt
Subjectb89500.com
Fingerprint7B:EB:92:DB:7D:04:15:00:A1:42:71:63:2E:DA:03:06:9D:FC:95:A7
ValidityThu, 22 Feb 2024 08:16:18 GMT - Wed, 22 May 2024 08:16:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (7314), with no line terminators
Size
7.0 kB (7029 bytes)
Hash
62b3430dadf671c34701a319366e1427
04d2c2a9ec965fb79aa267267784487d32f20915
8328ae47b8397a1f9afa432cf70a023fe10b9a064f37bcd431f2a3e95d94bdc9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Bet365

HTTP Headers

GET / HTTP/1.1
Host: b89588.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
content-language: en-US
content-type: text/html;charset=utf-8
date: Thu, 09 May 2024 17:27:59 GMT
server: openresty
x-cache: BYPASS
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations