Report - aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var

Report Overview

Submitted URL
aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
IP
104.21.14.97
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 08:17:47
Access
public
Website Title
Participate in Our Exclusive Online Survey: Share Your Insight
Final URL
aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
58

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
aipsouft.com	unknown	2024-02-16	2024-02-16	2024-03-23	15 kB	297 kB	104.21.14.97
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2024-05-03	507 B	479 B	139.45.197.250
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-03	455 B	737 B	139.45.195.8
arleavannya.com	unknown	2024-01-22	2024-01-22	2024-05-01	1.0 kB	1.4 kB	139.45.197.248

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	arleavannya.com	Sinkholed
2024-05-04	medium	arleavannya.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	amunfezanttor.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed
2024-05-04	medium	aipsouft.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	aipsouft.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js	661 B	2024-04-30	2024-05-08
Pretty URL aipsouft.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 15:34:30 Last Seen2024-05-08 10:54:27 Times Seen183 Hash 277a97cfa8751f2eac57de60434b437b 9834fe466692865ccbe9a6aed4b57b0a0947aba3 f157395e1d5a2d7f75b801b761e419e990275ffefe3f7a768fbb51ea52d24ef7 Loading...

	aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_buildManifest.js	1.6 kB	2024-04-30	2024-05-07
Pretty URL aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_buildManifest.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 19:35:37 Last Seen2024-05-07 09:27:07 Times Seen165 Hash 9b0be0ca64dfcd3470105849ad852e52 686f12cc573767f7acf2253656af0a1930712f02 1eac21475ce5b24fa4383c5e0e2f67c5823986fa2297184968ba91fb0297c6b6 Loading...

	aipsouft.com/_next/static/chunks/4080.09c67f76e57da5c9.js	11 kB	2024-04-30	2024-05-04
Pretty URL aipsouft.com/_next/static/chunks/4080.09c67f76e57da5c9.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 00:46:38 Last Seen2024-05-04 10:17:48 Times Seen6 Hash 53f745e63b231a1aeec5b1d00d910226 98ef9089909b0677606de6c240c4222ef2a3730d 60ee081afdc42175515ae8683e1a7c389cc7765ba02c5d008d06838eea955e36 Loading...

	aipsouft.com/_next/static/chunks/webpack-c63afe4326372fa8.js	6.3 kB	2024-04-30	2024-05-07
Pretty URL aipsouft.com/_next/static/chunks/webpack-c63afe4326372fa8.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 16:25:07 Last Seen2024-05-07 09:27:07 Times Seen164 Hash 6755b063bbe76414a7e1ae9cbbcb06c3 837fa01eee3bad11e2c839e1c34d360f15a65350 9298d7a0dcbc9bc7c6c8cd105543200fdeca2bc827bf03600e9257151e926416 Loading...

	aipsouft.com/_next/static/chunks/framework-8940d626f3bfb7e9.js	26 kB	2024-04-25	2024-05-18
Pretty URL aipsouft.com/_next/static/chunks/framework-8940d626f3bfb7e9.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 15:50:08 Last Seen2024-05-18 08:20:04 Times Seen789 Hash 33a34c525e2bee14a166fe1289835308 4afb650772181930d19dca9a41490beea5087932 bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555 Loading...

	aipsouft.com/_next/static/chunks/802-3e1f59b7c0fe3ef9.js	67 kB	2024-04-30	2024-05-07
Pretty URL aipsouft.com/_next/static/chunks/802-3e1f59b7c0fe3ef9.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 19:35:37 Last Seen2024-05-07 09:27:07 Times Seen221 Hash 8288efc1729193ab69e39ae227fb924b b6cda864edfa8126c902b5de80229790a6f9be15 070ce71e2510a99695b81a839821823ddf3b49213f166212641fcf98adfef3f4 Loading...

	aipsouft.com/_next/static/chunks/86.1605512c42332a2f.js	2.8 kB	2024-04-24	2024-05-18
Pretty URL aipsouft.com/_next/static/chunks/86.1605512c42332a2f.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 15:40:39 Last Seen2024-05-18 05:40:38 Times Seen457 Hash 4454dd8d20da57e5b4febc37bbc817c4 444023ea84fd9aaebd6126ddc692ef85dfd2b76b 67e0c13ad56e50a9388106a54d2e16a566b8aeba3e2b69b08c3accef0c522cd8 Loading...

	aipsouft.com/_next/static/chunks/5057.48c7d5a8740ee05f.js	3.3 kB	2024-04-14	2024-05-04
Pretty URL aipsouft.com/_next/static/chunks/5057.48c7d5a8740ee05f.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-14 22:24:12 Last Seen2024-05-04 10:17:47 Times Seen24 Hash ebaf4ad232569f63125adc3fb15e429d 0ccd7de1dbd267c32350e2a5e140edb7850f38f9 c46599211e04922a13ffdc04ea36e039ab9cf29b28d31c03003d9ab63ff01faf Loading...

	aipsouft.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6587617&ymid=810536962338599444&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=8120249&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&btz=UTC&bto=0&z=6920711&cdn=1&domain=aipsouft.com&ab2=&ab2_ttl=5184000	37 kB	2024-04-25	2024-05-15
Pretty URL aipsouft.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6587617&ymid=810536962338599444&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=8120249&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&btz=UTC&bto=0&z=6920711&cdn=1&domain=aipsouft.com&ab2=&ab2_ttl=5184000 IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 13:01:48 Last Seen2024-05-15 20:42:51 Times Seen2522 Hash 32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de Loading...

	aipsouft.com/_next/static/chunks/main-beb6af9e60a8e042.js	109 kB	2024-03-02	2024-05-18
Pretty URL aipsouft.com/_next/static/chunks/main-beb6af9e60a8e042.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-02 21:14:49 Last Seen2024-05-18 05:40:38 Times Seen692 Hash 49c6f57370e917bd37dc7d4d4d0bdb56 f5b56f5b9498f3500055c5614808903d85303991 0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4 Loading...

	aipsouft.com/_next/static/chunks/7903-dd238946c7924507.js	32 kB	2024-03-21	2024-05-18
Pretty URL aipsouft.com/_next/static/chunks/7903-dd238946c7924507.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-21 14:18:29 Last Seen2024-05-18 08:20:04 Times Seen905 Hash b5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5 Loading...

	aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_ssgManifest.js	182 B	2024-04-18	2024-05-13
Pretty URL aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_ssgManifest.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 11:58:16 Last Seen2024-05-13 15:57:50 Times Seen453 Hash d78f02cd11637a888af548f5e270c3af 9c90b573305ec9d6d2e7e74837c641a863d991b4 2357fd3fc3972384c0c7a714da244191da43a7bf5d91fd865a30d2deb0b6b517 Loading...

	aipsouft.com/_next/static/chunks/2734.6269ca0cf725ea17.js	4.1 kB	2024-04-24	2024-05-18
Pretty URL aipsouft.com/_next/static/chunks/2734.6269ca0cf725ea17.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 10:54:43 Last Seen2024-05-18 08:20:04 Times Seen481 Hash 48072be51722d2894982d56f13a52372 c1fbbdcb8b12079d61205284dec041f93390f47b b0ab49765bb74cdb8c46c171f3adad413e1934203046a3ca23d4872c892894d5 Loading...

	aipsouft.com/_next/static/chunks/pages/_app-7ac21b6c354dd447.js	42 kB	2024-04-26	2024-05-07
Pretty URL aipsouft.com/_next/static/chunks/pages/_app-7ac21b6c354dd447.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 14:10:32 Last Seen2024-05-07 09:27:07 Times Seen378 Hash 92ee35a274faa2df0c68f0def06a750e 8131ecf1752dbf3591bf213855896b2618f48734 47929dce053ec819a11270e42aaff07b95e02ee29513b8f5b73cf75f6cdeddd5 Loading...

	aipsouft.com/_next/static/chunks/2090-519478c186a3d867.js	11 kB	2024-04-25	2024-05-15
Pretty URL aipsouft.com/_next/static/chunks/2090-519478c186a3d867.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 23:22:30 Last Seen2024-05-15 16:30:11 Times Seen724 Hash 37545926cc9a6e537b9f3e95d7a16c1e c3cbfe1f9737817eda25770274e97feaf6b8cc68 d3ccc772608b2a03a543da22715903e2b6e2c14c42c2f475a0f483ac3cd64b37 Loading...

	aipsouft.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js	925 B	2024-04-09	2024-05-07
Pretty URL aipsouft.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 23:02:31 Last Seen2024-05-07 09:27:07 Times Seen256 Hash 3d657d2d17983fccaac3b0512a0f9460 06faa560e966627855c424e23fbb0bb5aadde083 b9e3997d6a87385dd604b65dfa962fe50944dfc158c2e82c945d6b8664e2f81e Loading...

	aipsouft.com/_next/static/chunks/3091.8141ef861c4fae96.js	2.4 kB	2024-04-24	2024-05-15
Pretty URL aipsouft.com/_next/static/chunks/3091.8141ef861c4fae96.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 20:44:14 Last Seen2024-05-15 10:39:48 Times Seen416 Hash 8de4ecfc18371e9af83a020ad48a4839 f4cfd9509facd189f8e3487426a36cecfc77c090 954601b08c55f3c2e1c2a0a766e31a55e18b3ee0f6213cd1761decd4e4715f64 Loading...

	aipsouft.com/_next/static/chunks/810.3c8446ab4166aeac.js	3.0 kB	2024-04-26	2024-05-07
Pretty URL aipsouft.com/_next/static/chunks/810.3c8446ab4166aeac.js IP 104.21.14.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 17:40:57 Last Seen2024-05-07 09:27:07 Times Seen220 Hash 61131b8a333b875509fbe8f240ff4d62 93b25ff9783f3321a0408cdf69f686f6c439dec0 b01211f54977d65f26a1cf9dd30c9c4e251ad34fc09cfb176259b40af4f0f83d Loading...

HTTP Transactions (30)

URL IP Response Size

my.rtmark.net/gid.js?userId=poelqyeyq72ilyuuj3ryj2ng6bk0cd

139.45.195.8

200 OK

63 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=poelqyeyq72ilyuuj3ryj2ng6bk0cd
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
63 B (63 bytes)
Hash
a2a453434b6872d73fad284dee55d092
b222b56707388047ff4261bcfe67d7789d1c1351
14809ff6711d4612e230cb15387299637a03debee037363190e74c04293f3980

HTTP Headers

GET /gid.js?userId=poelqyeyq72ilyuuj3ryj2ng6bk0cd HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aipsouft.com/
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/json; charset=utf-8
content-length: 63
access-control-allow-origin: https://aipsouft.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; expires=Sun, 04 May 2025 08:17:22 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

arleavannya.com/sync-metrics

139.45.197.248

200 OK

0 B

URL POST HTTP/2
arleavannya.com/sync-metrics
IP
139.45.197.248:443
ASN
#9002 RETN Limited

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectarleavannya.com
Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47
ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://aipsouft.com/
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:17:22 GMT
content-length: 0
access-control-allow-origin: https://aipsouft.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

arleavannya.com/sync-metrics

139.45.197.248

200 OK

17 B

URL POST HTTP/2
arleavannya.com/sync-metrics
IP
139.45.197.248:443
ASN
#9002 RETN Limited

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectarleavannya.com
Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47
ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT

File type
JSON text data
Size
17 B (17 bytes)
Hash
5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aipsouft.com/
Content-Type: application/json
Content-Length: 313
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 4d74d1226f1629ffec47b0107d9861bc
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://aipsouft.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

aipsouft.com/track?dry=false&request_var=810536962338599444&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&var=6587617&var_3=8120249&var_4=&variable2=&ymid=810536962338599444&z=6587617&offer_id=2

104.21.14.97

204 No Content

0 B

URL GET HTTP/3
aipsouft.com/track?dry=false&request_var=810536962338599444&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&var=6587617&var_3=8120249&var_4=&variable2=&ymid=810536962338599444&z=6587617&offer_id=2
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /track?dry=false&request_var=810536962338599444&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&var=6587617&var_3=8120249&var_4=&variable2=&ymid=810536962338599444&z=6587617&offer_id=2 HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
DNT: 1
Connection: keep-alive
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sat, 04 May 2024 08:17:22 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://aipsouft.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O0S5f97weakhrjW6Ik3RL7qtk31sFVTspoYavxqF7u0KDZSo01DgVwTCqnObX4yZl%2FKOVEdIXauAW8qge6Ym3NQtrPffaT69L0oO9G5Y2ePNjSvOpXNSF7hIiWWBTwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd28c4c569c-OSL
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/main-beb6af9e60a8e042.js

104.21.14.97

200 OK

34 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/main-beb6af9e60a8e042.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (34089 bytes)
Hash
49c6f57370e917bd37dc7d4d4d0bdb56
f5b56f5b9498f3500055c5614808903d85303991
0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=108887
etag: W/"6631038c-1a957"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xFj77kHpSy%2BW6ZpDQYdIPhBC%2Fb1bKG6mJxJkujnb%2BHqbKU3w%2FZvVhL4asTvEWNAuogBVdfXVfJUgY8BZli0UV2wiMnRe7o1Hv8um%2Fsp3gfpipWt2yNum6kSTxJ98MM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9b4569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://aipsouft.com/
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:17:22 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://aipsouft.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

aipsouft.com/custom

104.21.14.97

200 OK

136 B

URL POST HTTP/3
aipsouft.com/custom
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JSON text data
Size
136 B (136 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 385
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: a233b178cd4860af0237c24812000047
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://aipsouft.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uA8EkGNe3vFv65Lo6PnuopdP4Z4KbZaJ0UH1rOMjUSvLlkv9s7RbcQxE8WAtTJ6Gub9PYHzkDyfyjQWA0FE%2BX6u3e8XkO9xjQm0f8pPwbqwFCzJTQmEfJ5I0gqldIfI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd35d27569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/810.3c8446ab4166aeac.js

104.21.14.97

200 OK

1.5 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/810.3c8446ab4166aeac.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (2997), with no line terminators
Size
1.5 kB (1544 bytes)
Hash
61131b8a333b875509fbe8f240ff4d62
93b25ff9783f3321a0408cdf69f686f6c439dec0
b01211f54977d65f26a1cf9dd30c9c4e251ad34fc09cfb176259b40af4f0f83d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/810.3c8446ab4166aeac.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-bb5"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnG4gd3RM9NPHtX05iLrZVirPC86VMl4xlr1DJxO3Fs%2FN1sMPEFBn73ZnxNy5bIoLI4PMHtDUFfYzjv9eXC9D2nK1mgv2kOonJGAg4gG0hr3Y2801in%2Fg9fACiugn2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd11af1569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/2090-519478c186a3d867.js

104.21.14.97

200 OK

4.4 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/2090-519478c186a3d867.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (10752), with no line terminators
Size
4.4 kB (4427 bytes)
Hash
37545926cc9a6e537b9f3e95d7a16c1e
c3cbfe1f9737817eda25770274e97feaf6b8cc68
d3ccc772608b2a03a543da22715903e2b6e2c14c42c2f475a0f483ac3cd64b37

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/2090-519478c186a3d867.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-2a00"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QJ%2FtOWTxNVjhdyaC%2BXCv8%2BbSZ8mhHMbMl1V2jvj9jsciVYgM9kUjRbjVqpjrX60XHnA4VgfmP6NTumzBaB16EJk3rC1Cwqee%2FrLdaQ1tBzlBvGipK%2Fr1UZ1%2FK5yPKRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9ba569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6587617&ymid=810536962338599444&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=8120249&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&btz=UTC&bto=0&z=6920711&cdn=1&domain=aipsouft.com&ab2=&ab2_ttl=5184000

104.21.14.97

200 OK

19 kB

URL GET HTTP/3
aipsouft.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6587617&ymid=810536962338599444&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=8120249&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&btz=UTC&bto=0&z=6920711&cdn=1&domain=aipsouft.com&ab2=&ab2_ttl=5184000
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (37142), with no line terminators
Size
19 kB (18899 bytes)
Hash
32d6dbd00a639e2cd10d1704b9159bd5
0dab4c95675393f1d0e13d20f13d80ee12e41d95
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6587617&ymid=810536962338599444&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=8120249&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&btz=UTC&bto=0&z=6920711&cdn=1&domain=aipsouft.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=1800
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IUssQfo2PC88JejlNzCh00cVK8%2FZ1cvtc4sGuFj%2FQtjaskZ%2Fh77lo%2B64oCvevgewGb93S%2Ffv6%2B%2Fkb%2FDvt1%2FLb4XK8%2FMRn5LgD46YAZ9G4l%2F%2BdKQxDZeum8Z7YM%2F%2FsQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd28c5d569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/rotate?zz=7387556&var=6587617&ymid=810536962338599444&ab2r=&var_3=8120249&var_4=&os_version=&uid=poelqyeyq72ilyuuj3ryj2ng6bk0cd

104.21.14.97

200 OK

6.5 kB

URL GET HTTP/3
aipsouft.com/rotate?zz=7387556&var=6587617&ymid=810536962338599444&ab2r=&var_3=8120249&var_4=&os_version=&uid=poelqyeyq72ilyuuj3ryj2ng6bk0cd
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JSON text data
Size
6.5 kB (6460 bytes)
Hash
4117feb9c435c4c7734d6d2fdbb1f37f
8688ebb63007d6a6487e420e6b10d42882c1e622
ebd79f7b89b8705c224b3c17f1303bba48d6828b49ab50b3c3bd47b194ab92ee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rotate?zz=7387556&var=6587617&ymid=810536962338599444&ab2r=&var_3=8120249&var_4=&os_version=&uid=poelqyeyq72ilyuuj3ryj2ng6bk0cd HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
DNT: 1
Connection: keep-alive
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: 8dec4d4f024f82d4ea20ee080cecc108
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: https://aipsouft.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; expires=Sun, 04 May 2025 08:17:22 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZBhCM3H%2FRx8Yboh%2BLelXACoB9k2i%2F0Gb5rcWBEYa83wc0CC%2FR4IHScT3c8RbaaAfQlqeIKLc8rGr%2FehqRXeaPNfQ0wQo34NyTZ5jyAbheRKcExQF8FIziJ%2Fx69eqEw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd28c4d569c-OSL
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/86.1605512c42332a2f.js

104.21.14.97

200 OK

2.8 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/86.1605512c42332a2f.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (2908), with no line terminators
Size
2.8 kB (2846 bytes)
Hash
f7cb4f746f2cabc625d1ab452426c2e5
32f7f8a18c1d477a41291637019374bd4d722df9
6e3c489f8505040ae3a765d615dd63b8e385d2baeecd0ba58a2da9bf079b1a9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/86.1605512c42332a2f.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-b1e"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2Bl6uBVqpXc5Fus524aZlyNPP4h6HZgxiwU7JGhya7cGw2N41Vo3WZcAEScg0wFVd5fYn6FdBPfONhypThNo7J%2FkE44Gb0WcYYgP4hRyikHuVNbTKDSKiFk%2BbMUobyQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd10ade569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/zone?&pub=0&zone_id=6920711&is_mobile=false&domain=aipsouft.com&var=6587617&ymid=810536962338599444&var_3=8120249&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=e080b768-db5f-42be-99f9-6ac74828122f&action=prerequest

104.21.14.97

200 OK

0 B

URL POST HTTP/3
aipsouft.com/zone?&pub=0&zone_id=6920711&is_mobile=false&domain=aipsouft.com&var=6587617&ymid=810536962338599444&var_3=8120249&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=e080b768-db5f-42be-99f9-6ac74828122f&action=prerequest
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=6920711&is_mobile=false&domain=aipsouft.com&var=6587617&ymid=810536962338599444&var_3=8120249&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=e080b768-db5f-42be-99f9-6ac74828122f&action=prerequest HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-length: 0
x-trace-id: 7df939602c2d10ddf36c7921650c62f8
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://aipsouft.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6YQmHJ7LNLt9W%2Fb7yFS7nCPbMq1STnPSg3w5a2XvjItlv9H6kp5PMi%2BxymWcpxmFaGO2YKATmvVV6uOs87BGeEBIh1ftOJXt1PGLXp%2FrySztlSInKbjc646TVO9DsM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd35d20569c-OSL
alt-svc: h3=":443"; ma=86400

aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249

104.21.14.97

200 OK

7.1 kB

URL User Request GET HTTP/2
aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
HTML document, ASCII text, with very long lines (7582), with no line terminators
Size
7.1 kB (7116 bytes)
Hash
208dea1675390baaa45435d5e8e6b5e8
664aee64be15da5aaf3cdd2b5d2d444b4e794bac
8a1e78ff410714665ce0893dbeb0be5cedeaa865492129e66eedf50c644decad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: text/html
last-modified: Tue, 30 Apr 2024 14:43:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 5641
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DJqGMf0Rwz95OiV%2B2TUfp6BZkjwgJbYLGh2MAQingyDoSsoTe28eqPQdRQtfurhdSqPmh41RyU7E7sP976UBHUMOBgRi%2BhxijW1Ma2a1X7mC0ZDnRBOBBvgIZwoekT8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcd8d0756ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aipsouft.com/_next/static/chunks/pages/_app-7ac21b6c354dd447.js

104.21.14.97

200 OK

42 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/pages/_app-7ac21b6c354dd447.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (41515), with no line terminators
Size
42 kB (41515 bytes)
Hash
92ee35a274faa2df0c68f0def06a750e
8131ecf1752dbf3591bf213855896b2618f48734
47929dce053ec819a11270e42aaff07b95e02ee29513b8f5b73cf75f6cdeddd5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/_app-7ac21b6c354dd447.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-a22b"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fYRHn%2B9cr5Xm7y1I6Gft6DD%2FexJaRYQB35OwruNLNfye4L82j7KI64quTA4XM5XmOLwlDF4Y83lV10rO4junaxZiddYWfucuUGJk5tW%2B6ygs9Yugt8Aoz9t4HZw0uD4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9b5569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/3091.8141ef861c4fae96.js

104.21.14.97

200 OK

2.4 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/3091.8141ef861c4fae96.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (2431), with no line terminators
Size
2.4 kB (2385 bytes)
Hash
aff0a51ad60c666bf1f7f27ddff14217
9677799390dc5667eeda431957d59b25d6a40946
f495db20d41fe12519423d9776481cd5c3f1dabc346ea304b8a7201b032d4e87

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3091.8141ef861c4fae96.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-951"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxmbknHDjOY9Bm0BDajxGhbFK0JvY7ocmpqL%2BFbHv12YRa9eGza1RfnzvFFn28mo6UBxBanlxV7zpePiR0rpmStfF5C%2FNUV9o7%2BOIcQhqoabQlLsW2SnYXSvsfsNl3o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd11af8569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js

104.21.14.97

200 OK

925 B

URL GET HTTP/3
aipsouft.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (939), with no line terminators
Size
925 B (925 bytes)
Hash
e370c58940efd9305daf2c9601a7da0d
ac6f3895617e4817d7bf86b7c637a231b13a12b7
acba948084ac297d876a066617c1a4c6d9f5a664d43514af605a4c6d1fe37315

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8904.6fbc0cfd51623cbf.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-39d"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=di1YTZP59DdMb1DoqjByRDldu00PMpEVK82NPCAm7aJxxTCsOfrTG%2BEaPjMAMx72v1OgBMQ3rGf6HehCp39bRBzFOlesK9y7ryuyPJXRW2t5iEt1XUXWmVYQm5tqYvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd11af3569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/4080.09c67f76e57da5c9.js

104.21.14.97

200 OK

11 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/4080.09c67f76e57da5c9.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (11141), with no line terminators
Size
11 kB (11141 bytes)
Hash
53f745e63b231a1aeec5b1d00d910226
98ef9089909b0677606de6c240c4222ef2a3730d
60ee081afdc42175515ae8683e1a7c389cc7765ba02c5d008d06838eea955e36

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4080.09c67f76e57da5c9.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-2b85"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKVAuG%2FgTzvGV%2Bqry2xknKnZDYk%2FssorPepfxBPX9tblgUYs0%2Fysts1B0bcQ8KLQcgEP5%2F%2F0B%2F%2FL%2BUdVyFGzkrKB4097nF3OPyX4iNs6HK9scHkDngVBoVuU27pCxls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9ad569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/7903-dd238946c7924507.js

104.21.14.97

200 OK

32 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/7903-dd238946c7924507.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (31896), with no line terminators
Size
32 kB (31896 bytes)
Hash
b5dd343db67bd22544d11da18268f5c3
069b5b221dd75af58d93192460778b3d07835e74
6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-7c98"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bwaErRZCsJyytyn0J9wIY2IWDq0C4ri60QALCeeGohGAQ0JgQdosoufbDghUlTSWDSOyvo7np9ULQrs6xQ4%2BG1jxNv5jQSmW%2BMLNljAPynyTR%2BWV2iP0ptlxADIY%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9b8569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js

104.21.14.97

200 OK

661 B

URL GET HTTP/3
aipsouft.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (665), with no line terminators
Size
661 B (661 bytes)
Hash
f8e52c06430c8d613af8c236a1972a4a
8ac071e6c0908ee068e453ae47a6598d733d9a1a
7f75dbe159ba344bd4495842a3c902c147703b5f4835885f3a9e13f879cdcddc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-295"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NeZxVdYXe1z1LoeViAnWSYUDRPxI1H0tufeeR1y5a0gql4VEHVtIYqDS01RAb2MSYPH3w3hhN%2BCYIXaW2JtRWw91YDTqXOgqwFqaI89itLedpRqIWe2RLu3m28hTs4k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9be569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/framework-8940d626f3bfb7e9.js

104.21.14.97

200 OK

26 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/framework-8940d626f3bfb7e9.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (25995), with no line terminators
Size
26 kB (25995 bytes)
Hash
33a34c525e2bee14a166fe1289835308
4afb650772181930d19dca9a41490beea5087932
bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/framework-8940d626f3bfb7e9.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-658b"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cHtwOU1Fl1%2Fc2gl4WDpsFZdXemfnuPrNYiIfqRD3M%2FhB31hpQ1RjAIXp%2B7sRGm3s%2B1763GYeXV9n2sc95tBHLOos6NAuGLO11FOZnm9o7vCy07Ms0kXgTCx6RfjRbX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9b0569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/2734.6269ca0cf725ea17.js

104.21.14.97

200 OK

4.1 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/2734.6269ca0cf725ea17.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (4219), with no line terminators
Size
4.1 kB (4147 bytes)
Hash
98132c6c771aec065d3ab61e5c8c0f53
56484dafed6218ea17ef047fc8cd4c5a342c1890
ae09486720d6d4764b5126f0e26414962ee83eeebdc05db588bb7d86855e8b23

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/2734.6269ca0cf725ea17.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-1033"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1yYuI9etnI8P%2BTig6MYObjFeB5meCwV46jpcvDnz3nUu2OsfZT5ZRRkClXH%2BD0QqgAAFpwSExutzfGM7%2F%2FJbRJ07bQNUCF6WYZ66rXGG9qxXvwjtTustbMRTRnZqT0U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd0fadc569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/css/0bc0cde260d08b97.css

104.21.14.97

200 OK

1.8 kB

URL GET HTTP/3
aipsouft.com/_next/static/css/0bc0cde260d08b97.css
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
ASCII text, with very long lines (1841), with no line terminators
Size
1.8 kB (1841 bytes)
Hash
ff1d3d5d24ca0172d59b02e7505ddaa1
41e83ee08e21f369886b0fdad0ba01d8b20897b6
939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1843
etag: W/"6631038c-733"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyPZzs2fdckxQ%2BzXRcdzo%2BzjAXFGKCZWg9fqCvRIi19kGa2dnssUvlufDvygIHuEooTYNCT5aup1UnsdAtliTDtYru8WGpIsIvbNfJEnX%2F2hD%2Buo3w%2F%2BEzOoWBe7yYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9aa569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_buildManifest.js

104.21.14.97

200 OK

1.6 kB

URL GET HTTP/3
aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_buildManifest.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
ASCII text, with very long lines (1696), with no line terminators
Size
1.6 kB (1604 bytes)
Hash
543651efa338e66f345fe8c6095592e0
6108342c3f5cdd637443746d0c07a5b7a528aa36
8d80f5e899864f3590935e867f8814fe3bb8eb6b87ab6d84c3e1d609d971583c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/pCw5QzD_EB0_mbmsqIUh2/_buildManifest.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-644"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5NejsEByOTQxF7c6oYTJ0AO3AXikoRK%2BJWoiRxB7bYI0LZLIRO1LO49%2F7dF%2FGusoXwzLG5nntP6jUYG1VpP2xnVhY%2FdOnt8%2BOwphgA1ALFKdBfLuWR0ITju36bCIizo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9c1569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/5057.48c7d5a8740ee05f.js

104.21.14.97

200 OK

3.3 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/5057.48c7d5a8740ee05f.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (3375), with no line terminators
Size
3.3 kB (3341 bytes)
Hash
8f79b9155b8b6921206c5c92026b7365
50ef9171a052e5428806431761fca7e75044c0dd
497fc3beb3a1f2e5af56019b4051a15204b9a1320622f4e4bc23342dbbfb71b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5057.48c7d5a8740ee05f.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-d0d"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rB82s%2BAPRNJZhgoY%2BIggtzd81HXnU19pnquqWmuR7tUVHOOKDQMQRHFmtC2w5RvHSiMffndkfD2EGeRTac37fkslFSCTXIo%2FOy6fnNunt5UZybQ82d3f8NYkcNqGk7I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd11af4569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/sw/universal.js?var=6587617&var_3=8120249&ymid=810536962338599444&ab2_ttl=5184000&zoneId=6920711

104.21.14.97

200 OK

1.5 kB

URL GET HTTP/3
aipsouft.com/sw/universal.js?var=6587617&var_3=8120249&ymid=810536962338599444&ab2_ttl=5184000&zoneId=6920711
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
ASCII text, with very long lines (1540), with no line terminators
Size
1.5 kB (1458 bytes)
Hash
5edd43e1c6126829925eb36cdbaf7af3
e1baae48011f9077aa37e6ab31d4604d41aec303
38945b2621b28329b93e77cc757db7e8def95dd4f4ba1c13862018da2df83411

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw/universal.js?var=6587617&var_3=8120249&ymid=810536962338599444&ab2_ttl=5184000&zoneId=6920711 HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
vary: Accept-Encoding
etag: W/"6631038c-5b2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRQu4yd1QzxC9yr0mGEaiCEKpPYAoITBi%2F0dvV9unQc64DPsl%2FyNCzNdCnuUbeDRSVemnwwOedBbDePfxdR7KAMz8QipoVyOOLqPg%2B1PWJomsSpm0xPrEsYtHfGsETs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd34d19569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/webpack-c63afe4326372fa8.js

104.21.14.97

200 OK

6.3 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/webpack-c63afe4326372fa8.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (6507), with no line terminators
Size
6.3 kB (6261 bytes)
Hash
b4f4daa4446e65050b8af39fb465e9cc
c922010fabb2e409bf1ac29f10563652f06f55aa
318ebdbd0768c4e17a59236e31a5a86a05769131d5e5637d55f78eb3f153d720

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/webpack-c63afe4326372fa8.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-1875"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 32
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PlTGU0cTjkZ0LS7GYMnqHD4jHWYs2k2gHGPCrJWEWcSsTBsSnyf7Qddc6scl2s%2BoO9WEljLpa56hETa7PpmHjd5Jql64dEZQ7HArcDP6bcEDVTgAYcbNAb7k81v%2BPN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9af569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_ssgManifest.js

104.21.14.97

200 OK

182 B

URL GET HTTP/3
aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_ssgManifest.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
ASCII text, with no line terminators
Size
182 B (182 bytes)
Hash
ca6aa05f78eb6859347a61db067f16dc
444e70f53eb809f0920de921925d854baccdd251
11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/pCw5QzD_EB0_mbmsqIUh2/_ssgManifest.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-b6"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IxA5bkfI19RXw2el3HSyKt%2BRdB7lg7tYXzTTA7YgsEKoWBaP6RlpKdTwYVPZvaZ0ueAvp8fwjqU4a006qpdkA3pHLmqO00iQWQVVayHc17rN%2FgKR%2BETuJf9alSbX7r0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfd9c4569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/_next/static/chunks/802-3e1f59b7c0fe3ef9.js

104.21.14.97

200 OK

67 kB

URL GET HTTP/3
aipsouft.com/_next/static/chunks/802-3e1f59b7c0fe3ef9.js
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
67 kB (67401 bytes)
Hash
8288efc1729193ab69e39ae227fb924b
b6cda864edfa8126c902b5de80229790a6f9be15
070ce71e2510a99695b81a839821823ddf3b49213f166212641fcf98adfef3f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/802-3e1f59b7c0fe3ef9.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-10749"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R8q466yIN6ZWG27gX60WkKAFWeweV%2FomXvwhvNkvqvrSOmqlFQe80gu0J18kfHPsFb%2B9XmxV3eSC53nwqK%2FnWR%2BTk3JZoqzob3ZRwU2wdNuY%2FMkLA1cwVhjmXllmAYo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9bb569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

aipsouft.com/favicon.ico

104.21.14.97

204 No Content

0 B

URL GET HTTP/3
aipsouft.com/favicon.ico
IP
104.21.14.97:443
ASN
#13335 CLOUDFLARENET

Requested by
https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Certificate
IssuerLet's Encrypt
Subjectaipsouft.com
Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F
ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Sat, 04 May 2024 08:17:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wp5X%2FmW3G%2FgEG20W1DKY5cKrX45VhUuvcJITrZA4Xu%2Bxcd3DoPttBYxDOqJJnW9BriS%2BOJnKb51nPD8xr2Mp2ghBsiPeIaj7IDW87pH0KukBDeyhMRFX5el18scZhHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e70dd4eee6569c-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML