| teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 | 167.71.12.129 | 200 OK | 1.2 kB |
URL User Request GET HTTP/2teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 IP167.71.12.129:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectteleastra.online Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81 ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash73ebf575a5c72a7da3d6c34117c11f0d bd052be44eb973c9ba851b1d24524a289277c0fb eabf9aad92bbc47ad7f4dbc863990e4526a17c9581b0f4859c1256070878e6cd
GET /et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 1188
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| teleastra.online/et/mbirr/treasure/style.css | 167.71.12.129 | 200 OK | 789 B |
URL GET HTTP/3teleastra.online/et/mbirr/treasure/style.css IP167.71.12.129:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 CertificateIssuerLet's Encrypt Subjectteleastra.online Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81 ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT
File typeassembler source, ASCII text, with CRLF line terminators Hashc4a25a0c178a6a80ec5e2a2ffc3a14b5 ef5cee2bc77a08526ef1d414792d374b691ce0c7 5a7f64651d5d030cc88fa76944ef4e8d6f4aecf6e2fae4b4194c253c7dea7e43
GET /et/mbirr/treasure/style.css HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 07:20:46 GMT
etag: "b42-66140d32-2b6322;br"
last-modified: Mon, 08 Apr 2024 15:28:50 GMT
content-type: text/css
content-length: 789
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
| teleastra.online/et/mbirr/treasure/jq.min.js | 167.71.12.129 | 200 OK | 30 kB |
URL GET HTTP/3teleastra.online/et/mbirr/treasure/jq.min.js IP167.71.12.129:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 CertificateIssuerLet's Encrypt Subjectteleastra.online Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81 ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hashcf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
GET /et/mbirr/treasure/jq.min.js HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
etag: "15f5b-63cc4204-2b6320;br"
last-modified: Sat, 21 Jan 2023 19:50:28 GMT
content-type: text/javascript
content-length: 30254
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
| teleastra.online/et/mbirr/treasure/logo.png | 167.71.12.129 | 200 OK | 5.1 kB |
URL GET HTTP/3teleastra.online/et/mbirr/treasure/logo.png IP167.71.12.129:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 CertificateIssuerLet's Encrypt Subjectteleastra.online Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81 ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT
File typePNG image data, 400 x 100, 8-bit colormap, non-interlaced Hashcedbdbc169f841fd72e58a028d8f9413 a3c4d559e12ef34eaa250c008c8a00b8fed50a27 58fa753a31fb10739ba08d21514853eb568c90661fa78e93682eb9bba4f2715b
GET /et/mbirr/treasure/logo.png HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 07:20:46 GMT
etag: "1405-66140c10-2b6321;;;"
last-modified: Mon, 08 Apr 2024 15:24:00 GMT
content-type: image/png
content-length: 5125
accept-ranges: bytes
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
| teleastra.online/et/mbirr/treasure/chest.webp | 167.71.12.129 | 200 OK | 17 kB |
URL GET HTTP/3teleastra.online/et/mbirr/treasure/chest.webp IP167.71.12.129:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 CertificateIssuerLet's Encrypt Subjectteleastra.online Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81 ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT
File typeRIFF (little-endian) data, Web/P image Hashbbf319937c815a6556d3ee7be880a6af 9cea0377a0c616b56f4a271258b6a1f771f408a1 39fc5099ed32373f652acc97c6870eb3203cb3a3fc493f8c61f2d22ac8aee41e
GET /et/mbirr/treasure/chest.webp HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 07:20:46 GMT
etag: "41d8-64b065e2-2b631c;;;"
last-modified: Thu, 13 Jul 2023 21:00:18 GMT
content-type: image/webp
content-length: 16856
accept-ranges: bytes
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
| teleastra.online/et/mbirr/treasure/chest2.webp | 167.71.12.129 | 200 OK | 11 kB |
URL GET HTTP/3teleastra.online/et/mbirr/treasure/chest2.webp IP167.71.12.129:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 CertificateIssuerLet's Encrypt Subjectteleastra.online Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81 ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT
File typeRIFF (little-endian) data, Web/P image Hash9cbe5a96c896f42ffe23952f67f4f714 f7e1b06c5640cab60c4da967a7a05d9fa2e55f9d 5fca88e911683cd72b4cb6518f145f296471a16b822c9fbe30d91de1b051b4cd
GET /et/mbirr/treasure/chest2.webp HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 07:20:46 GMT
etag: "2c44-64b06782-2b631d;;;"
last-modified: Thu, 13 Jul 2023 21:07:14 GMT
content-type: image/webp
content-length: 11332
accept-ranges: bytes
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
| teleastra.online/et/mbirr/treasure/favicon.png | 167.71.12.129 | 200 OK | 1.7 kB |
URL GET HTTP/3teleastra.online/et/mbirr/treasure/favicon.png IP167.71.12.129:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 CertificateIssuerLet's Encrypt Subjectteleastra.online Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81 ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Hash8675c46b5471dc701777526762c9ff69 3fac264f96bfec52f1a17a2d0b82cca7f8c189ee c881528a8ce48293f451e857509061cc510ff3dfb75cac8b3b48fb5908e4933b
GET /et/mbirr/treasure/favicon.png HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 07:20:46 GMT
etag: "6ce-64a45a68-2b631e;;;"
last-modified: Tue, 04 Jul 2023 17:44:08 GMT
content-type: image/png
content-length: 1742
accept-ranges: bytes
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
| push-sdk.com/f/sdk.js?z=1151252 | 157.90.33.72 | 200 OK | 15 kB |
URL GET HTTP/2push-sdk.com/f/sdk.js?z=1151252 IP157.90.33.72:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 CertificateIssuerLet's Encrypt Subjectpush-sdk.com FingerprintDB:4D:3B:77:64:B4:DD:5C:20:07:53:34:81:42:A0:E7:99:CE:E7:EC ValiditySun, 14 Apr 2024 03:34:47 GMT - Sat, 13 Jul 2024 03:34:46 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (53344), with no line terminators Hashf25dc1587ebc5a30e3ba48b7b40f7b42 f5729d7b87661e4a0eb540163437b888739a3887 00cc1d6f8359763349a09d2c5b32b6d1de9b0642a6838c22ee34e9b329447da5
GET /f/sdk.js?z=1151252 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Angie
date: Sat, 04 May 2024 07:20:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 14884
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
vary: Accept-Encoding
X-Firefox-Spdy: h2
|
|
| push-sdk.com/event?z=1151252 | 157.90.33.72 | 200 OK | 0 B |
URL POST HTTP/2push-sdk.com/event?z=1151252 IP157.90.33.72:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 CertificateIssuerLet's Encrypt Subjectpush-sdk.com FingerprintDB:4D:3B:77:64:B4:DD:5C:20:07:53:34:81:42:A0:E7:99:CE:E7:EC ValiditySun, 14 Apr 2024 03:34:47 GMT - Sat, 13 Jul 2024 03:34:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event?z=1151252 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 79
Origin: https://teleastra.online
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Angie
date: Sat, 04 May 2024 07:20:48 GMT
content-length: 0
access-control-allow-origin: https://teleastra.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
|
|
| teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 | 167.71.12.129 | 200 OK | 0 B |
URL User Request GET HTTP/2teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 IP167.71.12.129:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectteleastra.online Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81 ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://ak.aubaigeep.com/4/6974664?var=tb1
content-type: text/html; charset=UTF-8
content-length: 0
date: Sat, 04 May 2024 07:21:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| ak.aubaigeep.com/4/6974664?var=tb1 | 23.36.76.241 | | 13 kB |
URL ak.aubaigeep.com/4/6974664?var=tb1 IP23.36.76.241:0 ASN#20940 Akamai International B.V.
File typeHTML document, ASCII text, with very long lines (18247) Hashee5f4e6a18ec38d21a578dc380628259 413dfd587b564b536a68293ebf9f09aad7e0c4b3 68163bade724562dee933d7b9558e862093cb5da7481604cc117488542269bd3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4/6974664?var=tb1 HTTP/1.1
Host: ak.aubaigeep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: c453c5460211fe922671d382a0669845
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
expires: Sat, 04 May 2024 07:21:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 04 May 2024 07:21:09 GMT
content-length: 13341
vary: Accept-Encoding
set-cookie: OAID=008052b576ec4964f4aeaec33a56d135; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
oaidts=1714807269; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2
|
|
| teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 | 167.71.12.129 | 200 OK | 0 B |
URL User Request GET HTTP/2teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 IP167.71.12.129:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectteleastra.online Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81 ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: teleastra.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
location: https://ak.aubaigeep.com/4/6974664?var=tb1
content-type: text/html; charset=UTF-8
content-length: 0
date: Sat, 04 May 2024 07:21:09 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
| ak.aubaigeep.com/4/6974664?var=tb1 | 23.36.76.241 | | 13 kB |
URL ak.aubaigeep.com/4/6974664?var=tb1 IP23.36.76.241:0 ASN#20940 Akamai International B.V.
File typeHTML document, ASCII text, with very long lines (18247) Hash32865e2348cf5e790096d8aae7830912 98f95ac5d6d9766f19bfa93cd5ba6ef5ad51d1dc 7399a61617c62e6abdf7995794bf73890bf71ba78ede993e4a678a92ed39326b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4/6974664?var=tb1 HTTP/1.1
Host: ak.aubaigeep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 93b13e508c44f0ee5ddcd21ca9d1447d
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
expires: Sat, 04 May 2024 07:21:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 04 May 2024 07:21:09 GMT
content-length: 13336
vary: Accept-Encoding
set-cookie: OAID=0080521404ea424be62be5da724414cf; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
oaidts=1714807269; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2
|
|
| teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 | 167.71.12.129 | 200 OK | 0 B |
URL User Request GET HTTP/2teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 IP167.71.12.129:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectteleastra.online Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81 ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: teleastra.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
location: https://ak.aubaigeep.com/4/6974664?var=tb1
content-type: text/html; charset=UTF-8
content-length: 0
date: Sat, 04 May 2024 07:21:09 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
|
|
| ak.aubaigeep.com/4/6974664?var=tb1 | 23.36.76.241 | | 13 kB |
URL ak.aubaigeep.com/4/6974664?var=tb1 IP23.36.76.241:0 ASN#20940 Akamai International B.V.
File typeHTML document, ASCII text, with very long lines (18247) Hash68f1afa48d26f46cd3d6f34f1edd2d8d 8a870c555f1799e2ebdbf597222c4b8f9f0442cb 4d4059a9396ed2cf262810fdc6c63258bdfdf79ff36d63062ad64ae4afebdd3d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4/6974664?var=tb1 HTTP/1.1
Host: ak.aubaigeep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 37b417bb14c95cc45b367f812622424b
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
expires: Sat, 04 May 2024 07:21:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 04 May 2024 07:21:09 GMT
content-length: 13343
vary: Accept-Encoding
set-cookie: OAID=008052e3803c4e52f19dd8191f941e95; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
oaidts=1714807269; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2
|
|