| my.rtmark.net/gid.js?userId=poelqyeyq72ilyuuj3ryj2ng6bk0cd | 139.45.195.8 | 200 OK | 63 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=poelqyeyq72ilyuuj3ryj2ng6bk0cd IP139.45.195.8:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hasha2a453434b6872d73fad284dee55d092 b222b56707388047ff4261bcfe67d7789d1c1351 14809ff6711d4612e230cb15387299637a03debee037363190e74c04293f3980
GET /gid.js?userId=poelqyeyq72ilyuuj3ryj2ng6bk0cd HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aipsouft.com/
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/json; charset=utf-8
content-length: 63
access-control-allow-origin: https://aipsouft.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; expires=Sun, 04 May 2025 08:17:22 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://aipsouft.com/
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:17:22 GMT
content-length: 0
access-control-allow-origin: https://aipsouft.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aipsouft.com/
Content-Type: application/json
Content-Length: 313
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 4d74d1226f1629ffec47b0107d9861bc
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://aipsouft.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| aipsouft.com/track?dry=false&request_var=810536962338599444&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&var=6587617&var_3=8120249&var_4=&variable2=&ymid=810536962338599444&z=6587617&offer_id=2 | 104.21.14.97 | 204 No Content | 0 B |
URL GET HTTP/3aipsouft.com/track?dry=false&request_var=810536962338599444&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&var=6587617&var_3=8120249&var_4=&variable2=&ymid=810536962338599444&z=6587617&offer_id=2 IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=false&request_var=810536962338599444&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&var=6587617&var_3=8120249&var_4=&variable2=&ymid=810536962338599444&z=6587617&offer_id=2 HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
DNT: 1
Connection: keep-alive
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 04 May 2024 08:17:22 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://aipsouft.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O0S5f97weakhrjW6Ik3RL7qtk31sFVTspoYavxqF7u0KDZSo01DgVwTCqnObX4yZl%2FKOVEdIXauAW8qge6Ym3NQtrPffaT69L0oO9G5Y2ePNjSvOpXNSF7hIiWWBTwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd28c4c569c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/main-beb6af9e60a8e042.js | 104.21.14.97 | 200 OK | 34 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/main-beb6af9e60a8e042.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash49c6f57370e917bd37dc7d4d4d0bdb56 f5b56f5b9498f3500055c5614808903d85303991 0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=108887
etag: W/"6631038c-1a957"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xFj77kHpSy%2BW6ZpDQYdIPhBC%2Fb1bKG6mJxJkujnb%2BHqbKU3w%2FZvVhL4asTvEWNAuogBVdfXVfJUgY8BZli0UV2wiMnRe7o1Hv8um%2Fsp3gfpipWt2yNum6kSTxJ98MM0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9b4569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://aipsouft.com/
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 08:17:22 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://aipsouft.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| aipsouft.com/custom | 104.21.14.97 | 200 OK | 136 B |
IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 385
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: a233b178cd4860af0237c24812000047
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://aipsouft.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uA8EkGNe3vFv65Lo6PnuopdP4Z4KbZaJ0UH1rOMjUSvLlkv9s7RbcQxE8WAtTJ6Gub9PYHzkDyfyjQWA0FE%2BX6u3e8XkO9xjQm0f8pPwbqwFCzJTQmEfJ5I0gqldIfI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd35d27569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/810.3c8446ab4166aeac.js | 104.21.14.97 | 200 OK | 1.5 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/810.3c8446ab4166aeac.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (2997), with no line terminators Hash61131b8a333b875509fbe8f240ff4d62 93b25ff9783f3321a0408cdf69f686f6c439dec0 b01211f54977d65f26a1cf9dd30c9c4e251ad34fc09cfb176259b40af4f0f83d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/810.3c8446ab4166aeac.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-bb5"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OnG4gd3RM9NPHtX05iLrZVirPC86VMl4xlr1DJxO3Fs%2FN1sMPEFBn73ZnxNy5bIoLI4PMHtDUFfYzjv9eXC9D2nK1mgv2kOonJGAg4gG0hr3Y2801in%2Fg9fACiugn2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd11af1569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/2090-519478c186a3d867.js | 104.21.14.97 | 200 OK | 4.4 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/2090-519478c186a3d867.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (10752), with no line terminators Hash37545926cc9a6e537b9f3e95d7a16c1e c3cbfe1f9737817eda25770274e97feaf6b8cc68 d3ccc772608b2a03a543da22715903e2b6e2c14c42c2f475a0f483ac3cd64b37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-519478c186a3d867.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-2a00"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QJ%2FtOWTxNVjhdyaC%2BXCv8%2BbSZ8mhHMbMl1V2jvj9jsciVYgM9kUjRbjVqpjrX60XHnA4VgfmP6NTumzBaB16EJk3rC1Cwqee%2FrLdaQ1tBzlBvGipK%2Fr1UZ1%2FK5yPKRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9ba569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6587617&ymid=810536962338599444&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=8120249&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&btz=UTC&bto=0&z=6920711&cdn=1&domain=aipsouft.com&ab2=&ab2_ttl=5184000 | 104.21.14.97 | 200 OK | 19 kB |
URL GET HTTP/3aipsouft.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6587617&ymid=810536962338599444&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=8120249&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&btz=UTC&bto=0&z=6920711&cdn=1&domain=aipsouft.com&ab2=&ab2_ttl=5184000 IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6587617&ymid=810536962338599444&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=8120249&oaid=poelqyeyq72ilyuuj3ryj2ng6bk0cd&os_version=&btz=UTC&bto=0&z=6920711&cdn=1&domain=aipsouft.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=1800
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IUssQfo2PC88JejlNzCh00cVK8%2FZ1cvtc4sGuFj%2FQtjaskZ%2Fh77lo%2B64oCvevgewGb93S%2Ffv6%2B%2Fkb%2FDvt1%2FLb4XK8%2FMRn5LgD46YAZ9G4l%2F%2BdKQxDZeum8Z7YM%2F%2FsQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd28c5d569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/rotate?zz=7387556&var=6587617&ymid=810536962338599444&ab2r=&var_3=8120249&var_4=&os_version=&uid=poelqyeyq72ilyuuj3ryj2ng6bk0cd | 104.21.14.97 | 200 OK | 6.5 kB |
URL GET HTTP/3aipsouft.com/rotate?zz=7387556&var=6587617&ymid=810536962338599444&ab2r=&var_3=8120249&var_4=&os_version=&uid=poelqyeyq72ilyuuj3ryj2ng6bk0cd IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
Hash4117feb9c435c4c7734d6d2fdbb1f37f 8688ebb63007d6a6487e420e6b10d42882c1e622 ebd79f7b89b8705c224b3c17f1303bba48d6828b49ab50b3c3bd47b194ab92ee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=7387556&var=6587617&ymid=810536962338599444&ab2r=&var_3=8120249&var_4=&os_version=&uid=poelqyeyq72ilyuuj3ryj2ng6bk0cd HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
DNT: 1
Connection: keep-alive
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: 8dec4d4f024f82d4ea20ee080cecc108
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: https://aipsouft.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; expires=Sun, 04 May 2025 08:17:22 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZBhCM3H%2FRx8Yboh%2BLelXACoB9k2i%2F0Gb5rcWBEYa83wc0CC%2FR4IHScT3c8RbaaAfQlqeIKLc8rGr%2FehqRXeaPNfQ0wQo34NyTZ5jyAbheRKcExQF8FIziJ%2Fx69eqEw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd28c4d569c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/86.1605512c42332a2f.js | 104.21.14.97 | 200 OK | 2.8 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/86.1605512c42332a2f.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (2908), with no line terminators Hashf7cb4f746f2cabc625d1ab452426c2e5 32f7f8a18c1d477a41291637019374bd4d722df9 6e3c489f8505040ae3a765d615dd63b8e385d2baeecd0ba58a2da9bf079b1a9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/86.1605512c42332a2f.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-b1e"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2Bl6uBVqpXc5Fus524aZlyNPP4h6HZgxiwU7JGhya7cGw2N41Vo3WZcAEScg0wFVd5fYn6FdBPfONhypThNo7J%2FkE44Gb0WcYYgP4hRyikHuVNbTKDSKiFk%2BbMUobyQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd10ade569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/zone?&pub=0&zone_id=6920711&is_mobile=false&domain=aipsouft.com&var=6587617&ymid=810536962338599444&var_3=8120249&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=e080b768-db5f-42be-99f9-6ac74828122f&action=prerequest | 104.21.14.97 | 200 OK | 0 B |
URL POST HTTP/3aipsouft.com/zone?&pub=0&zone_id=6920711&is_mobile=false&domain=aipsouft.com&var=6587617&ymid=810536962338599444&var_3=8120249&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=e080b768-db5f-42be-99f9-6ac74828122f&action=prerequest IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6920711&is_mobile=false&domain=aipsouft.com&var=6587617&ymid=810536962338599444&var_3=8120249&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=e080b768-db5f-42be-99f9-6ac74828122f&action=prerequest HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aipsouft.com
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-length: 0
x-trace-id: 7df939602c2d10ddf36c7921650c62f8
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://aipsouft.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6YQmHJ7LNLt9W%2Fb7yFS7nCPbMq1STnPSg3w5a2XvjItlv9H6kp5PMi%2BxymWcpxmFaGO2YKATmvVV6uOs87BGeEBIh1ftOJXt1PGLXp%2FrySztlSInKbjc646TVO9DsM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd35d20569c-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 | 104.21.14.97 | 200 OK | 7.1 kB |
URL User Request GET HTTP/2aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 IP104.21.14.97:443
CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeHTML document, ASCII text, with very long lines (7582), with no line terminators Hash208dea1675390baaa45435d5e8e6b5e8 664aee64be15da5aaf3cdd2b5d2d444b4e794bac 8a1e78ff410714665ce0893dbeb0be5cedeaa865492129e66eedf50c644decad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: text/html
last-modified: Tue, 30 Apr 2024 14:43:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 5641
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DJqGMf0Rwz95OiV%2B2TUfp6BZkjwgJbYLGh2MAQingyDoSsoTe28eqPQdRQtfurhdSqPmh41RyU7E7sP976UBHUMOBgRi%2BhxijW1Ma2a1X7mC0ZDnRBOBBvgIZwoekT8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcd8d0756ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aipsouft.com/_next/static/chunks/pages/_app-7ac21b6c354dd447.js | 104.21.14.97 | 200 OK | 42 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/pages/_app-7ac21b6c354dd447.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (41515), with no line terminators Hash92ee35a274faa2df0c68f0def06a750e 8131ecf1752dbf3591bf213855896b2618f48734 47929dce053ec819a11270e42aaff07b95e02ee29513b8f5b73cf75f6cdeddd5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-7ac21b6c354dd447.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-a22b"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fYRHn%2B9cr5Xm7y1I6Gft6DD%2FexJaRYQB35OwruNLNfye4L82j7KI64quTA4XM5XmOLwlDF4Y83lV10rO4junaxZiddYWfucuUGJk5tW%2B6ygs9Yugt8Aoz9t4HZw0uD4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9b5569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/3091.8141ef861c4fae96.js | 104.21.14.97 | 200 OK | 2.4 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/3091.8141ef861c4fae96.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (2431), with no line terminators Hashaff0a51ad60c666bf1f7f27ddff14217 9677799390dc5667eeda431957d59b25d6a40946 f495db20d41fe12519423d9776481cd5c3f1dabc346ea304b8a7201b032d4e87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.8141ef861c4fae96.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-951"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxmbknHDjOY9Bm0BDajxGhbFK0JvY7ocmpqL%2BFbHv12YRa9eGza1RfnzvFFn28mo6UBxBanlxV7zpePiR0rpmStfF5C%2FNUV9o7%2BOIcQhqoabQlLsW2SnYXSvsfsNl3o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd11af8569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js | 104.21.14.97 | 200 OK | 925 B |
URL GET HTTP/3aipsouft.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (939), with no line terminators Hashe370c58940efd9305daf2c9601a7da0d ac6f3895617e4817d7bf86b7c637a231b13a12b7 acba948084ac297d876a066617c1a4c6d9f5a664d43514af605a4c6d1fe37315
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8904.6fbc0cfd51623cbf.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-39d"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=di1YTZP59DdMb1DoqjByRDldu00PMpEVK82NPCAm7aJxxTCsOfrTG%2BEaPjMAMx72v1OgBMQ3rGf6HehCp39bRBzFOlesK9y7ryuyPJXRW2t5iEt1XUXWmVYQm5tqYvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd11af3569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/4080.09c67f76e57da5c9.js | 104.21.14.97 | 200 OK | 11 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/4080.09c67f76e57da5c9.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (11141), with no line terminators Hash53f745e63b231a1aeec5b1d00d910226 98ef9089909b0677606de6c240c4222ef2a3730d 60ee081afdc42175515ae8683e1a7c389cc7765ba02c5d008d06838eea955e36
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4080.09c67f76e57da5c9.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-2b85"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yKVAuG%2FgTzvGV%2Bqry2xknKnZDYk%2FssorPepfxBPX9tblgUYs0%2Fysts1B0bcQ8KLQcgEP5%2F%2F0B%2F%2FL%2BUdVyFGzkrKB4097nF3OPyX4iNs6HK9scHkDngVBoVuU27pCxls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9ad569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/7903-dd238946c7924507.js | 104.21.14.97 | 200 OK | 32 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/7903-dd238946c7924507.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-7c98"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bwaErRZCsJyytyn0J9wIY2IWDq0C4ri60QALCeeGohGAQ0JgQdosoufbDghUlTSWDSOyvo7np9ULQrs6xQ4%2BG1jxNv5jQSmW%2BMLNljAPynyTR%2BWV2iP0ptlxADIY%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9b8569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js | 104.21.14.97 | 200 OK | 661 B |
URL GET HTTP/3aipsouft.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (665), with no line terminators Hashf8e52c06430c8d613af8c236a1972a4a 8ac071e6c0908ee068e453ae47a6598d733d9a1a 7f75dbe159ba344bd4495842a3c902c147703b5f4835885f3a9e13f879cdcddc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-295"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NeZxVdYXe1z1LoeViAnWSYUDRPxI1H0tufeeR1y5a0gql4VEHVtIYqDS01RAb2MSYPH3w3hhN%2BCYIXaW2JtRWw91YDTqXOgqwFqaI89itLedpRqIWe2RLu3m28hTs4k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9be569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/framework-8940d626f3bfb7e9.js | 104.21.14.97 | 200 OK | 26 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/framework-8940d626f3bfb7e9.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (25995), with no line terminators Hash33a34c525e2bee14a166fe1289835308 4afb650772181930d19dca9a41490beea5087932 bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-8940d626f3bfb7e9.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-658b"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cHtwOU1Fl1%2Fc2gl4WDpsFZdXemfnuPrNYiIfqRD3M%2FhB31hpQ1RjAIXp%2B7sRGm3s%2B1763GYeXV9n2sc95tBHLOos6NAuGLO11FOZnm9o7vCy07Ms0kXgTCx6RfjRbX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9b0569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/2734.6269ca0cf725ea17.js | 104.21.14.97 | 200 OK | 4.1 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/2734.6269ca0cf725ea17.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (4219), with no line terminators Hash98132c6c771aec065d3ab61e5c8c0f53 56484dafed6218ea17ef047fc8cd4c5a342c1890 ae09486720d6d4764b5126f0e26414962ee83eeebdc05db588bb7d86855e8b23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2734.6269ca0cf725ea17.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-1033"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1yYuI9etnI8P%2BTig6MYObjFeB5meCwV46jpcvDnz3nUu2OsfZT5ZRRkClXH%2BD0QqgAAFpwSExutzfGM7%2F%2FJbRJ07bQNUCF6WYZ66rXGG9qxXvwjtTustbMRTRnZqT0U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd0fadc569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/css/0bc0cde260d08b97.css | 104.21.14.97 | 200 OK | 1.8 kB |
URL GET HTTP/3aipsouft.com/_next/static/css/0bc0cde260d08b97.css IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeASCII text, with very long lines (1841), with no line terminators Hashff1d3d5d24ca0172d59b02e7505ddaa1 41e83ee08e21f369886b0fdad0ba01d8b20897b6 939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1843
etag: W/"6631038c-733"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyPZzs2fdckxQ%2BzXRcdzo%2BzjAXFGKCZWg9fqCvRIi19kGa2dnssUvlufDvygIHuEooTYNCT5aup1UnsdAtliTDtYru8WGpIsIvbNfJEnX%2F2hD%2Buo3w%2F%2BEzOoWBe7yYI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9aa569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_buildManifest.js | 104.21.14.97 | 200 OK | 1.6 kB |
URL GET HTTP/3aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_buildManifest.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeASCII text, with very long lines (1696), with no line terminators Hash543651efa338e66f345fe8c6095592e0 6108342c3f5cdd637443746d0c07a5b7a528aa36 8d80f5e899864f3590935e867f8814fe3bb8eb6b87ab6d84c3e1d609d971583c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/pCw5QzD_EB0_mbmsqIUh2/_buildManifest.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-644"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5NejsEByOTQxF7c6oYTJ0AO3AXikoRK%2BJWoiRxB7bYI0LZLIRO1LO49%2F7dF%2FGusoXwzLG5nntP6jUYG1VpP2xnVhY%2FdOnt8%2BOwphgA1ALFKdBfLuWR0ITju36bCIizo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9c1569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/5057.48c7d5a8740ee05f.js | 104.21.14.97 | 200 OK | 3.3 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/5057.48c7d5a8740ee05f.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (3375), with no line terminators Hash8f79b9155b8b6921206c5c92026b7365 50ef9171a052e5428806431761fca7e75044c0dd 497fc3beb3a1f2e5af56019b4051a15204b9a1320622f4e4bc23342dbbfb71b3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5057.48c7d5a8740ee05f.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-d0d"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rB82s%2BAPRNJZhgoY%2BIggtzd81HXnU19pnquqWmuR7tUVHOOKDQMQRHFmtC2w5RvHSiMffndkfD2EGeRTac37fkslFSCTXIo%2FOy6fnNunt5UZybQ82d3f8NYkcNqGk7I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd11af4569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/sw/universal.js?var=6587617&var_3=8120249&ymid=810536962338599444&ab2_ttl=5184000&zoneId=6920711 | 104.21.14.97 | 200 OK | 1.5 kB |
URL GET HTTP/3aipsouft.com/sw/universal.js?var=6587617&var_3=8120249&ymid=810536962338599444&ab2_ttl=5184000&zoneId=6920711 IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeASCII text, with very long lines (1540), with no line terminators Hash5edd43e1c6126829925eb36cdbaf7af3 e1baae48011f9077aa37e6ab31d4604d41aec303 38945b2621b28329b93e77cc757db7e8def95dd4f4ba1c13862018da2df83411
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=6587617&var_3=8120249&ymid=810536962338599444&ab2_ttl=5184000&zoneId=6920711 HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:22 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
vary: Accept-Encoding
etag: W/"6631038c-5b2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRQu4yd1QzxC9yr0mGEaiCEKpPYAoITBi%2F0dvV9unQc64DPsl%2FyNCzNdCnuUbeDRSVemnwwOedBbDePfxdR7KAMz8QipoVyOOLqPg%2B1PWJomsSpm0xPrEsYtHfGsETs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dd34d19569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/webpack-c63afe4326372fa8.js | 104.21.14.97 | 200 OK | 6.3 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/webpack-c63afe4326372fa8.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (6507), with no line terminators Hashb4f4daa4446e65050b8af39fb465e9cc c922010fabb2e409bf1ac29f10563652f06f55aa 318ebdbd0768c4e17a59236e31a5a86a05769131d5e5637d55f78eb3f153d720
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-c63afe4326372fa8.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-1875"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 32
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PlTGU0cTjkZ0LS7GYMnqHD4jHWYs2k2gHGPCrJWEWcSsTBsSnyf7Qddc6scl2s%2BoO9WEljLpa56hETa7PpmHjd5Jql64dEZQ7HArcDP6bcEDVTgAYcbNAb7k81v%2BPN8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9af569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_ssgManifest.js | 104.21.14.97 | 200 OK | 182 B |
URL GET HTTP/3aipsouft.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_ssgManifest.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/pCw5QzD_EB0_mbmsqIUh2/_ssgManifest.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-b6"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IxA5bkfI19RXw2el3HSyKt%2BRdB7lg7tYXzTTA7YgsEKoWBaP6RlpKdTwYVPZvaZ0ueAvp8fwjqU4a006qpdkA3pHLmqO00iQWQVVayHc17rN%2FgKR%2BETuJf9alSbX7r0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfd9c4569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/_next/static/chunks/802-3e1f59b7c0fe3ef9.js | 104.21.14.97 | 200 OK | 67 kB |
URL GET HTTP/3aipsouft.com/_next/static/chunks/802-3e1f59b7c0fe3ef9.js IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash8288efc1729193ab69e39ae227fb924b b6cda864edfa8126c902b5de80229790a6f9be15 070ce71e2510a99695b81a839821823ddf3b49213f166212641fcf98adfef3f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/802-3e1f59b7c0fe3ef9.js HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 08:17:21 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-10749"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R8q466yIN6ZWG27gX60WkKAFWeweV%2FomXvwhvNkvqvrSOmqlFQe80gu0J18kfHPsFb%2B9XmxV3eSC53nwqK%2FnWR%2BTk3JZoqzob3ZRwU2wdNuY%2FMkLA1cwVhjmXllmAYo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e70dcfc9bb569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aipsouft.com/favicon.ico | 104.21.14.97 | 204 No Content | 0 B |
IP104.21.14.97:443
Requested byhttps://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249 CertificateIssuerLet's Encrypt Subjectaipsouft.com Fingerprint44:E3:5C:7E:AE:A0:81:0D:AD:88:B4:96:AA:93:3E:1D:FF:3D:79:1F ValidityMon, 15 Apr 2024 03:30:06 GMT - Sun, 14 Jul 2024 03:30:05 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: aipsouft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aipsouft.com/please-confirm/15/2/en.html?z=6587617&var=810536962338599444&var_3=8120249
Cookie: OAID=poelqyeyq72ilyuuj3ryj2ng6bk0cd; syncedCookie=true; oaidts=1714810642
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Sat, 04 May 2024 08:17:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wp5X%2FmW3G%2FgEG20W1DKY5cKrX45VhUuvcJITrZA4Xu%2Bxcd3DoPttBYxDOqJJnW9BriS%2BOJnKb51nPD8xr2Mp2ghBsiPeIaj7IDW87pH0KukBDeyhMRFX5el18scZhHg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e70dd4eee6569c-OSL
alt-svc: h3=":443"; ma=86400
|
|