Report - crazysport77.com/bin/?listings==m6qlk2LFzPWBMlAPk6ybUMv31PFm1HRU1bIbeSIaSCaXEuCOOa

Report Overview

Submitted URL
crazysport77.com/bin/?listings==m6qlk2LFzPWBMlAPk6ybUMv31PFm1HRU1bIbeSIaSCaXEuCOOa
IP
37.187.212.159
ASN
#16276 OVH SAS
Submitted
2024-05-04 03:50:22
Access
public
Website Title
404 Not Found
Final URL
mmtoy.store/bin/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
crazysport77.com	unknown	unknown	No data	No data	536 B	308 B	37.187.212.159
mmtoy.store	unknown	2022-11-17	2022-11-17	2024-04-13	807 B	3.3 kB	172.67.219.44

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-03	medium	mmtoy.store/bin/	Generic/Spear Phishing

PhishTank

Scan Date	Severity	Indicator	Alert
2024-05-03	medium	mmtoy.store/bin/	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	mmtoy.store	Sinkholed
2024-05-04	medium	mmtoy.store	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (3)

URL IP Response Size

crazysport77.com/bin/?listings==m6qlk2LFzPWBMlAPk6ybUMv31PFm1HRU1bIbeSIaSCaXEuCOOa

37.187.212.159

302 Moved Temporarily

1 B

URL User Request GET HTTP/1.1
crazysport77.com/bin/?listings==m6qlk2LFzPWBMlAPk6ybUMv31PFm1HRU1bIbeSIaSCaXEuCOOa
IP
37.187.212.159:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subject*.crazysport77.com
Fingerprint82:E8:40:1D:C1:09:9D:D2:3C:BE:C0:FB:A5:20:2C:9C:75:B9:0C:13
ValidityMon, 18 Mar 2024 14:05:16 GMT - Sun, 16 Jun 2024 14:05:15 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

HTTP Headers

GET /bin/?listings==m6qlk2LFzPWBMlAPk6ybUMv31PFm1HRU1bIbeSIaSCaXEuCOOa HTTP/1.1
Host: crazysport77.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Date: Sat, 04 May 2024 03:49:57 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Location: https://mmtoy.store/bin/
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 1
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

mmtoy.store/bin/

172.67.219.44

301 Moved Permanently

707 B

URL User Request GET HTTP/1.1
mmtoy.store/bin/
IP
172.67.219.44:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bin/ HTTP/1.1
Host: mmtoy.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 May 2024 03:49:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://mmtoy.store/bin/
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2FGx1OUgZB4uvg0bEHHqspxuZ2t9TDOKVKTICB5EnQilL%2B4PdkohKp8u%2BkqRXzK0Y8KQcESqRkQ6g7ujoyeCdoQAMMoY8wHX31XCbMgppqDC7TzaDM062gpaRcSdfg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87e5861f7de0b51d-OSL
alt-svc: h2=":443"; ma=60

mmtoy.store/favicon.ico

104.21.53.221

404 Not Found

1.2 kB

URL GET HTTP/3
mmtoy.store/favicon.ico
IP
104.21.53.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mmtoy.store/bin/
Certificate
IssuerGoogle Trust Services LLC
Subjectmmtoy.store
Fingerprint90:DF:05:B5:44:D9:D0:79:41:1E:2B:C1:8F:F6:67:E4:0D:93:73:F7
ValiditySat, 13 Apr 2024 17:16:10 GMT - Fri, 12 Jul 2024 17:16:09 GMT

File type
HTML document, ASCII text, with very long lines (1276), with no line terminators
Size
1.2 kB (1238 bytes)
Hash
24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mmtoy.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mmtoy.store/bin/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 04 May 2024 03:49:59 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v1BLaOZDYKK1QGmN%2Fy%2BV6IUiU4h0e445o1q86fdxXG5iIn4xfX4pZzGS%2FpiQWD7LXUq%2BY%2BFKe%2BpJu7I2aB2RMnYldrnIcBCaJaqAMSnlsnvWwHBAScfZhTkrJVXsYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e586261879b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (3)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers