Report - teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB

Report Overview

Submitted URL
teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
IP
167.71.12.129
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-05-04 07:21:11
Access
public
Website Title
🔔👑
Final URL
teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155#
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
teleastra.online	unknown	2024-02-21	2024-03-21	2024-03-21	10 kB	72 kB	167.71.12.129
push-sdk.com	unknown	2022-10-25	2022-12-23	2024-05-03	874 B	16 kB	157.90.33.72
ak.aubaigeep.com	unknown	2024-04-10	2024-04-11	2024-04-18	1.1 kB	44 kB	23.36.76.241

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	aubaigeep.com	Sinkholed
2024-05-04	medium	aubaigeep.com	Sinkholed
2024-05-04	medium	aubaigeep.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155	192 B	2024-05-04	2024-05-04
Pretty URL teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 IP 167.71.12.129 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 09:21:13 Last Seen2024-05-04 09:21:13 Times Seen1 Hash 7bd17e764844503eed2c46a9369dafb0 68679ac43804a590fd73f0b07c14981b2f3d8c5d c3988092e0cbbeb900393a58c64e87cc94acbbc1049b510448de82bd06ff6ce4 Loading...

	teleastra.online/et/mbirr/treasure/jq.min.js	90 kB	2023-03-10	2024-05-18
Pretty URL teleastra.online/et/mbirr/treasure/jq.min.js IP 167.71.12.129 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:24:46 Last Seen2024-05-18 09:11:37 Times Seen17908 Hash cf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575 Loading...

	push-sdk.com/f/sdk.js?z=1151252	53 kB	2024-02-06	2024-05-17
Pretty URL push-sdk.com/f/sdk.js?z=1151252 IP 157.90.33.72 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-06 12:08:15 Last Seen2024-05-17 11:33:16 Times Seen496 Hash f25dc1587ebc5a30e3ba48b7b40f7b42 f5729d7b87661e4a0eb540163437b888739a3887 00cc1d6f8359763349a09d2c5b32b6d1de9b0642a6838c22ee34e9b329447da5 Loading...

HTTP Transactions (15)

URL IP Response Size

teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155

167.71.12.129

200 OK

1.2 kB

URL User Request GET HTTP/2
teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
IP
167.71.12.129:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectteleastra.online
Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81
ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT

File type
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
1.2 kB (1188 bytes)
Hash
73ebf575a5c72a7da3d6c34117c11f0d
bd052be44eb973c9ba851b1d24524a289277c0fb
eabf9aad92bbc47ad7f4dbc863990e4526a17c9581b0f4859c1256070878e6cd

HTTP Headers

GET /et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 1188
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

teleastra.online/et/mbirr/treasure/style.css

167.71.12.129

200 OK

789 B

URL GET HTTP/3
teleastra.online/et/mbirr/treasure/style.css
IP
167.71.12.129:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Certificate
IssuerLet's Encrypt
Subjectteleastra.online
Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81
ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
789 B (789 bytes)
Hash
c4a25a0c178a6a80ec5e2a2ffc3a14b5
ef5cee2bc77a08526ef1d414792d374b691ce0c7
5a7f64651d5d030cc88fa76944ef4e8d6f4aecf6e2fae4b4194c253c7dea7e43

HTTP Headers

GET /et/mbirr/treasure/style.css HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 07:20:46 GMT
etag: "b42-66140d32-2b6322;br"
last-modified: Mon, 08 Apr 2024 15:28:50 GMT
content-type: text/css
content-length: 789
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

teleastra.online/et/mbirr/treasure/jq.min.js

167.71.12.129

200 OK

30 kB

URL GET HTTP/3
teleastra.online/et/mbirr/treasure/jq.min.js
IP
167.71.12.129:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Certificate
IssuerLet's Encrypt
Subjectteleastra.online
Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81
ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
30 kB (30254 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

HTTP Headers

GET /et/mbirr/treasure/jq.min.js HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
etag: "15f5b-63cc4204-2b6320;br"
last-modified: Sat, 21 Jan 2023 19:50:28 GMT
content-type: text/javascript
content-length: 30254
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

teleastra.online/et/mbirr/treasure/logo.png

167.71.12.129

200 OK

5.1 kB

URL GET HTTP/3
teleastra.online/et/mbirr/treasure/logo.png
IP
167.71.12.129:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Certificate
IssuerLet's Encrypt
Subjectteleastra.online
Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81
ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT

File type
PNG image data, 400 x 100, 8-bit colormap, non-interlaced
Size
5.1 kB (5125 bytes)
Hash
cedbdbc169f841fd72e58a028d8f9413
a3c4d559e12ef34eaa250c008c8a00b8fed50a27
58fa753a31fb10739ba08d21514853eb568c90661fa78e93682eb9bba4f2715b

HTTP Headers

GET /et/mbirr/treasure/logo.png HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 07:20:46 GMT
etag: "1405-66140c10-2b6321;;;"
last-modified: Mon, 08 Apr 2024 15:24:00 GMT
content-type: image/png
content-length: 5125
accept-ranges: bytes
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

teleastra.online/et/mbirr/treasure/chest.webp

167.71.12.129

200 OK

17 kB

URL GET HTTP/3
teleastra.online/et/mbirr/treasure/chest.webp
IP
167.71.12.129:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Certificate
IssuerLet's Encrypt
Subjectteleastra.online
Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81
ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT

File type
RIFF (little-endian) data, Web/P image
Size
17 kB (16856 bytes)
Hash
bbf319937c815a6556d3ee7be880a6af
9cea0377a0c616b56f4a271258b6a1f771f408a1
39fc5099ed32373f652acc97c6870eb3203cb3a3fc493f8c61f2d22ac8aee41e

HTTP Headers

GET /et/mbirr/treasure/chest.webp HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 07:20:46 GMT
etag: "41d8-64b065e2-2b631c;;;"
last-modified: Thu, 13 Jul 2023 21:00:18 GMT
content-type: image/webp
content-length: 16856
accept-ranges: bytes
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

teleastra.online/et/mbirr/treasure/chest2.webp

167.71.12.129

200 OK

11 kB

URL GET HTTP/3
teleastra.online/et/mbirr/treasure/chest2.webp
IP
167.71.12.129:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Certificate
IssuerLet's Encrypt
Subjectteleastra.online
Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81
ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT

File type
RIFF (little-endian) data, Web/P image
Size
11 kB (11332 bytes)
Hash
9cbe5a96c896f42ffe23952f67f4f714
f7e1b06c5640cab60c4da967a7a05d9fa2e55f9d
5fca88e911683cd72b4cb6518f145f296471a16b822c9fbe30d91de1b051b4cd

HTTP Headers

GET /et/mbirr/treasure/chest2.webp HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 07:20:46 GMT
etag: "2c44-64b06782-2b631d;;;"
last-modified: Thu, 13 Jul 2023 21:07:14 GMT
content-type: image/webp
content-length: 11332
accept-ranges: bytes
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

teleastra.online/et/mbirr/treasure/favicon.png

167.71.12.129

200 OK

1.7 kB

URL GET HTTP/3
teleastra.online/et/mbirr/treasure/favicon.png
IP
167.71.12.129:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Certificate
IssuerLet's Encrypt
Subjectteleastra.online
Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81
ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
1.7 kB (1742 bytes)
Hash
8675c46b5471dc701777526762c9ff69
3fac264f96bfec52f1a17a2d0b82cca7f8c189ee
c881528a8ce48293f451e857509061cc510ff3dfb75cac8b3b48fb5908e4933b

HTTP Headers

GET /et/mbirr/treasure/favicon.png HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 07:20:46 GMT
etag: "6ce-64a45a68-2b631e;;;"
last-modified: Tue, 04 Jul 2023 17:44:08 GMT
content-type: image/png
content-length: 1742
accept-ranges: bytes
date: Sat, 04 May 2024 07:20:46 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

push-sdk.com/f/sdk.js?z=1151252

157.90.33.72

200 OK

15 kB

URL GET HTTP/2
push-sdk.com/f/sdk.js?z=1151252
IP
157.90.33.72:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.com
FingerprintDB:4D:3B:77:64:B4:DD:5C:20:07:53:34:81:42:A0:E7:99:CE:E7:EC
ValiditySun, 14 Apr 2024 03:34:47 GMT - Sat, 13 Jul 2024 03:34:46 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (53344), with no line terminators
Size
15 kB (14884 bytes)
Hash
f25dc1587ebc5a30e3ba48b7b40f7b42
f5729d7b87661e4a0eb540163437b888739a3887
00cc1d6f8359763349a09d2c5b32b6d1de9b0642a6838c22ee34e9b329447da5

HTTP Headers

GET /f/sdk.js?z=1151252 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: Angie
date: Sat, 04 May 2024 07:20:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 14884
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
vary: Accept-Encoding
X-Firefox-Spdy: h2

push-sdk.com/event?z=1151252

157.90.33.72

200 OK

0 B

URL POST HTTP/2
push-sdk.com/event?z=1151252
IP
157.90.33.72:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.com
FingerprintDB:4D:3B:77:64:B4:DD:5C:20:07:53:34:81:42:A0:E7:99:CE:E7:EC
ValiditySun, 14 Apr 2024 03:34:47 GMT - Sat, 13 Jul 2024 03:34:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /event?z=1151252 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 79
Origin: https://teleastra.online
DNT: 1
Connection: keep-alive
Referer: https://teleastra.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: Angie
date: Sat, 04 May 2024 07:20:48 GMT
content-length: 0
access-control-allow-origin: https://teleastra.online
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2

167.71.12.129

200 OK

0 B

URL User Request GET HTTP/2
teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
IP
167.71.12.129:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectteleastra.online
Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81
ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://ak.aubaigeep.com/4/6974664?var=tb1
content-type: text/html; charset=UTF-8
content-length: 0
date: Sat, 04 May 2024 07:21:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ak.aubaigeep.com/4/6974664?var=tb1

23.36.76.241

13 kB

URL
ak.aubaigeep.com/4/6974664?var=tb1
IP
23.36.76.241:0
ASN
#20940 Akamai International B.V.

File type
HTML document, ASCII text, with very long lines (18247)
Size
13 kB (13341 bytes)
Hash
ee5f4e6a18ec38d21a578dc380628259
413dfd587b564b536a68293ebf9f09aad7e0c4b3
68163bade724562dee933d7b9558e862093cb5da7481604cc117488542269bd3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4/6974664?var=tb1 HTTP/1.1
Host: ak.aubaigeep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: c453c5460211fe922671d382a0669845
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
expires: Sat, 04 May 2024 07:21:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 04 May 2024 07:21:09 GMT
content-length: 13341
vary: Accept-Encoding
set-cookie: OAID=008052b576ec4964f4aeaec33a56d135; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
oaidts=1714807269; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2

167.71.12.129

200 OK

0 B

URL User Request GET HTTP/2
teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
IP
167.71.12.129:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectteleastra.online
Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81
ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: teleastra.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
location: https://ak.aubaigeep.com/4/6974664?var=tb1
content-type: text/html; charset=UTF-8
content-length: 0
date: Sat, 04 May 2024 07:21:09 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

ak.aubaigeep.com/4/6974664?var=tb1

23.36.76.241

13 kB

URL
ak.aubaigeep.com/4/6974664?var=tb1
IP
23.36.76.241:0
ASN
#20940 Akamai International B.V.

File type
HTML document, ASCII text, with very long lines (18247)
Size
13 kB (13336 bytes)
Hash
32865e2348cf5e790096d8aae7830912
98f95ac5d6d9766f19bfa93cd5ba6ef5ad51d1dc
7399a61617c62e6abdf7995794bf73890bf71ba78ede993e4a678a92ed39326b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4/6974664?var=tb1 HTTP/1.1
Host: ak.aubaigeep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 93b13e508c44f0ee5ddcd21ca9d1447d
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
expires: Sat, 04 May 2024 07:21:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 04 May 2024 07:21:09 GMT
content-length: 13336
vary: Accept-Encoding
set-cookie: OAID=0080521404ea424be62be5da724414cf; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
oaidts=1714807269; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2

167.71.12.129

200 OK

0 B

URL User Request GET HTTP/2
teleastra.online/et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155
IP
167.71.12.129:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectteleastra.online
Fingerprint9A:80:0A:6B:5E:87:0A:B6:F4:33:B6:96:34:D6:F4:1C:D7:A2:73:81
ValiditySat, 04 May 2024 05:24:13 GMT - Fri, 02 Aug 2024 05:24:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /et/mbirr/treasure/?key=eyJ0aW1lc3RhbXAiOiIxNzE0ODA3MjA3IiwiaGFzaCI6IjRhODhiNjQ2MTg1NTliZDk5NjM2YzA2N2M3Y2ZlODUyYmEyZTdjZGMifQ==&ccc=ET&ppp=PropellerAds:Popunder&tdom=www.mediaglobal.store&zoneid=7396724&bemobdata=c=ec7e96f5-57cf-44d2-8281-d29c376fc1e8..l=fabc8366-740a-4383-b1b9-36095954f02a..a=0..b=0..z=0.0009..e=810341347461443584..c1=7396724..c2=8075460..c3=ET..c4=satellite..c5=mtn-et..c6=other..c7=chrome..c8=85..c9=ethiotelecom..c10=Mozilla/5~BEMOB_DOT~0(Linux;Android8~BEMOB_DOT~0~BEMOB_DOT~0;SM-G950FBuild/R16NW)AppleWebKit/537~BEMOB_DOT~36(KHTML,likeGecko)Chrome/124~BEMOB_DOT~0~BEMOB_DOT~6367~BEMOB_DOT~54MobileSafari/537~BEMOB_DOT~36OPX/2~BEMOB_DOT~1..ts=1714807207155 HTTP/1.1
Host: teleastra.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: teleastra.online
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
location: https://ak.aubaigeep.com/4/6974664?var=tb1
content-type: text/html; charset=UTF-8
content-length: 0
date: Sat, 04 May 2024 07:21:09 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

ak.aubaigeep.com/4/6974664?var=tb1

23.36.76.241

13 kB

URL
ak.aubaigeep.com/4/6974664?var=tb1
IP
23.36.76.241:0
ASN
#20940 Akamai International B.V.

File type
HTML document, ASCII text, with very long lines (18247)
Size
13 kB (13343 bytes)
Hash
68f1afa48d26f46cd3d6f34f1edd2d8d
8a870c555f1799e2ebdbf597222c4b8f9f0442cb
4d4059a9396ed2cf262810fdc6c63258bdfdf79ff36d63062ad64ae4afebdd3d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4/6974664?var=tb1 HTTP/1.1
Host: ak.aubaigeep.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 37b417bb14c95cc45b367f812622424b
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
expires: Sat, 04 May 2024 07:21:09 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 04 May 2024 07:21:09 GMT
content-length: 13343
vary: Accept-Encoding
set-cookie: OAID=008052e3803c4e52f19dd8191f941e95; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
oaidts=1714807269; expires=Sun, 04 May 2025 07:21:09 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type