| decidedlyenjoyableannihilation.com/68f5a38c?adb=n&dev=r&key=f9f04e429487bb9ba54c1aa49ea7bed4&kw=[%22video%22,%22player%22]&ojpqz=84&psid=CF-2967-new_1&refer=https://shitcjshit.com/e/crenAnLNI3n9?first=https://freecdn.online/user26454/subtitles/v2/5ec071e4e2c33.vtt%23iss=ODguMjEyLjE5LjE0Mg==&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=2&uuid=6cb0a169-aff2-4742-9ac7-9bf0947de8f6:3:1&v=24.4.3467 | 172.240.108.68 | | 1.7 kB |
URL decidedlyenjoyableannihilation.com/68f5a38c?adb=n&dev=r&key=f9f04e429487bb9ba54c1aa49ea7bed4&kw=[%22video%22,%22player%22]&ojpqz=84&psid=CF-2967-new_1&refer=https://shitcjshit.com/e/crenAnLNI3n9?first=https://freecdn.online/user26454/subtitles/v2/5ec071e4e2c33.vtt%23iss=ODguMjEyLjE5LjE0Mg==&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=2&uuid=6cb0a169-aff2-4742-9ac7-9bf0947de8f6:3:1&v=24.4.3467 IP172.240.108.68:0
File typeHTML document, ASCII text, with very long lines (918) Hash34eaef8f00e3cc7b7d9238b562f2de5c 59a220e459a2e1dabaeff6f6cc188cc0bbadacba 0e9afc43f52f348e2310278ce316c897dd448587c771124b686fcb1757e75d22
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /68f5a38c?adb=n&dev=r&key=f9f04e429487bb9ba54c1aa49ea7bed4&kw=[%22video%22,%22player%22]&ojpqz=84&psid=CF-2967-new_1&refer=https://shitcjshit.com/e/crenAnLNI3n9?first=https://freecdn.online/user26454/subtitles/v2/5ec071e4e2c33.vtt%23iss=ODguMjEyLjE5LjE0Mg==&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=2&uuid=6cb0a169-aff2-4742-9ac7-9bf0947de8f6:3:1&v=24.4.3467 HTTP/1.1
Host: decidedlyenjoyableannihilation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 21:13:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17336349; expires=Thu, 18 Apr 2024 21:13:01 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzMzNjM0OSwiayI6ImY5ZjA0ZTQyOTQ4N2JiOWJhNTRjMWFhNDllYTdiZWQ0Iiwic2lkIjoiQ0YtMjk2Ny1uZXdfMSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTg4MzQzNSwicGlkIjo0ODI3ODAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzcsImFpZCI6MjgsInB0Ijo0LCJwayI6IjY4ZjVhMzhjIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NoaXRjanNoaXQuY29tL2UvY3JlbkFuTE5JM245P2ZpcnN0PWh0dHBzOi8vZnJlZWNkbi5vbmxpbmUvdXNlcjI2NDU0L3N1YnRpdGxlcy92Mi81ZWMwNzFlNGUyYzMzLnZ0dCNpc3M9T0RndU1qRXlMakU1TGpFME1nPT0iLCJhciI6W119fQ.lS7C2TjBhQSlLXK00hdf0YzyVNeBzE9TGbDNZ7V-png; expires=Wed, 17 Apr 2024 21:14:01 GMT
uid_id2=6cb0a169-aff2-4742-9ac7-9bf0947de8f6:3:1; expires=Wed, 24 Apr 2024 21:13:01 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c05f3925f49dacdae47734d07188d19
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
| decidedlyenjoyableannihilation.com/api/users?token=LzY4ZjVhMzhjP2FkYj1uJmRldj1yJmtleT1mOWYwNGU0Mjk0ODdiYjliYTU0YzFhYTQ5ZWE3YmVkNCZrdz0lNUIlMjJ2aWRlbyUyMiUyQyUyMnBsYXllciUyMiU1RCZvanBxej04NCZwc2lkPUNGLTI5NjctbmV3XzEmcHN0PTE3MTMzODg0NDEmcmVmZXI9aHR0cHMlM0ElMkYlMkZzaGl0Y2pzaGl0LmNvbSUyRmUlMkZjcmVuQW5MTkkzbjklM0ZmaXJzdCUzRGh0dHBzJTNBJTJGJTJGZnJlZWNkbi5vbmxpbmUlMkZ1c2VyMjY0NTQlMkZzdWJ0aXRsZXMlMkZ2MiUyRjVlYzA3MWU0ZTJjMzMudnR0JTIzaXNzJTNET0RndU1qRXlMakU1TGpFME1nJTNEJTNEJnJlcz0xNC4zMSZybXRjPXQmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MTkyMCZzaGlwPSZzaHU9YmFhYjc2NDBmM2E5YWMxNzQwNzQyNDAxNWI4YzUwMmUxMjEwZjVlMTFiMTkyZjg2ZGZlMGUyMzU4OGE5MDY5OTkwNjc0NjI4YzljZTI2NWYxYjA3ZjBkYWEwZjc1YzEwMjRlYjk3Yzk5YmEwMGQzZWQ3NWQ1NzQ1ZWIxNjA2OGU5ZWZhMmY4MTJhYzQxYmVmNDA1ZTk1ZDFkZTkwYmEzY2IyMjdmMTFjMGFkMDlkNDVjYjcxNjVjMWQzMWEwYmZiJnN1YjM9aW52b2tlX2xheWVyJnR6PTImdXVpZD02Y2IwYTE2OS1hZmYyLTQ3NDItOWFjNy05YmYwOTQ3ZGU4ZjYlM0EzJTNBMSZ2PTI0LjQuMzQ2Nw&uuid=6cb0a169-aff2-4742-9ac7-9bf0947de8f6%3A3%3A1&pii=&in=false | 172.240.108.68 | 302 Found | 0 B |
URL User Request GET HTTP/1.1decidedlyenjoyableannihilation.com/api/users?token=LzY4ZjVhMzhjP2FkYj1uJmRldj1yJmtleT1mOWYwNGU0Mjk0ODdiYjliYTU0YzFhYTQ5ZWE3YmVkNCZrdz0lNUIlMjJ2aWRlbyUyMiUyQyUyMnBsYXllciUyMiU1RCZvanBxej04NCZwc2lkPUNGLTI5NjctbmV3XzEmcHN0PTE3MTMzODg0NDEmcmVmZXI9aHR0cHMlM0ElMkYlMkZzaGl0Y2pzaGl0LmNvbSUyRmUlMkZjcmVuQW5MTkkzbjklM0ZmaXJzdCUzRGh0dHBzJTNBJTJGJTJGZnJlZWNkbi5vbmxpbmUlMkZ1c2VyMjY0NTQlMkZzdWJ0aXRsZXMlMkZ2MiUyRjVlYzA3MWU0ZTJjMzMudnR0JTIzaXNzJTNET0RndU1qRXlMakU1TGpFME1nJTNEJTNEJnJlcz0xNC4zMSZybXRjPXQmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MTkyMCZzaGlwPSZzaHU9YmFhYjc2NDBmM2E5YWMxNzQwNzQyNDAxNWI4YzUwMmUxMjEwZjVlMTFiMTkyZjg2ZGZlMGUyMzU4OGE5MDY5OTkwNjc0NjI4YzljZTI2NWYxYjA3ZjBkYWEwZjc1YzEwMjRlYjk3Yzk5YmEwMGQzZWQ3NWQ1NzQ1ZWIxNjA2OGU5ZWZhMmY4MTJhYzQxYmVmNDA1ZTk1ZDFkZTkwYmEzY2IyMjdmMTFjMGFkMDlkNDVjYjcxNjVjMWQzMWEwYmZiJnN1YjM9aW52b2tlX2xheWVyJnR6PTImdXVpZD02Y2IwYTE2OS1hZmYyLTQ3NDItOWFjNy05YmYwOTQ3ZGU4ZjYlM0EzJTNBMSZ2PTI0LjQuMzQ2Nw&uuid=6cb0a169-aff2-4742-9ac7-9bf0947de8f6%3A3%3A1&pii=&in=false IP172.240.108.68:443
CertificateIssuerLet's Encrypt Subjectdecidedlyenjoyableannihilation.com Fingerprint04:5E:A7:2F:94:E4:08:88:66:15:BE:36:F0:95:99:2C:7B:DD:4F:6D ValidityTue, 16 Apr 2024 13:55:09 GMT - Mon, 15 Jul 2024 13:55:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/users?token=LzY4ZjVhMzhjP2FkYj1uJmRldj1yJmtleT1mOWYwNGU0Mjk0ODdiYjliYTU0YzFhYTQ5ZWE3YmVkNCZrdz0lNUIlMjJ2aWRlbyUyMiUyQyUyMnBsYXllciUyMiU1RCZvanBxej04NCZwc2lkPUNGLTI5NjctbmV3XzEmcHN0PTE3MTMzODg0NDEmcmVmZXI9aHR0cHMlM0ElMkYlMkZzaGl0Y2pzaGl0LmNvbSUyRmUlMkZjcmVuQW5MTkkzbjklM0ZmaXJzdCUzRGh0dHBzJTNBJTJGJTJGZnJlZWNkbi5vbmxpbmUlMkZ1c2VyMjY0NTQlMkZzdWJ0aXRsZXMlMkZ2MiUyRjVlYzA3MWU0ZTJjMzMudnR0JTIzaXNzJTNET0RndU1qRXlMakU1TGpFME1nJTNEJTNEJnJlcz0xNC4zMSZybXRjPXQmc2NySGVpZ2h0PTEwODAmc2NyV2lkdGg9MTkyMCZzaGlwPSZzaHU9YmFhYjc2NDBmM2E5YWMxNzQwNzQyNDAxNWI4YzUwMmUxMjEwZjVlMTFiMTkyZjg2ZGZlMGUyMzU4OGE5MDY5OTkwNjc0NjI4YzljZTI2NWYxYjA3ZjBkYWEwZjc1YzEwMjRlYjk3Yzk5YmEwMGQzZWQ3NWQ1NzQ1ZWIxNjA2OGU5ZWZhMmY4MTJhYzQxYmVmNDA1ZTk1ZDFkZTkwYmEzY2IyMjdmMTFjMGFkMDlkNDVjYjcxNjVjMWQzMWEwYmZiJnN1YjM9aW52b2tlX2xheWVyJnR6PTImdXVpZD02Y2IwYTE2OS1hZmYyLTQ3NDItOWFjNy05YmYwOTQ3ZGU4ZjYlM0EzJTNBMSZ2PTI0LjQuMzQ2Nw&uuid=6cb0a169-aff2-4742-9ac7-9bf0947de8f6%3A3%3A1&pii=&in=false HTTP/1.1
Host: decidedlyenjoyableannihilation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://decidedlyenjoyableannihilation.com/api/users?token=LzY4ZjVhMzhjP2tleT0wZjIyYzFmZDYwOWYxM2NiNzk0N2M4Y2FiZmUxYTkwZCZzdWJtZXRyaWM9MTczMzYzNDk
Cookie: u_pl=17336349; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzMzNjM0OSwiayI6ImY5ZjA0ZTQyOTQ4N2JiOWJhNTRjMWFhNDllYTdiZWQ0Iiwic2lkIjoiQ0YtMjk2Ny1uZXdfMSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTg4MzQzNSwicGlkIjo0ODI3ODAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzcsImFpZCI6MjgsInB0Ijo0LCJwayI6IjY4ZjVhMzhjIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NoaXRjanNoaXQuY29tL2UvY3JlbkFuTE5JM245P2ZpcnN0PWh0dHBzOi8vZnJlZWNkbi5vbmxpbmUvdXNlcjI2NDU0L3N1YnRpdGxlcy92Mi81ZWMwNzFlNGUyYzMzLnZ0dCNpc3M9T0RndU1qRXlMakU1TGpFME1nPT0iLCJhciI6W119fQ.lS7C2TjBhQSlLXK00hdf0YzyVNeBzE9TGbDNZ7V-png; uid_id2=6cb0a169-aff2-4742-9ac7-9bf0947de8f6:3:1; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 21:13:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17336349
Set-Cookie: uid_id2=6cb0a169-aff2-4742-9ac7-9bf0947de8f6:3:1; expires=Wed, 24 Apr 2024 21:13:02 GMT
pdhtkv=true; expires=Thu, 18 Apr 2024 21:13:02 GMT
uncs=1; expires=Thu, 18 Apr 2024 21:13:02 GMT
pdhtkv28=true; expires=Thu, 18 Apr 2024 21:13:02 GMT
uncs28=1; expires=Thu, 18 Apr 2024 21:13:02 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 52bb3d9e519a58fe69bad5e480cfc0db
Strict-Transport-Security: max-age=0; includeSubdomains
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17336349 | 13.107.213.53 | 403 Forbidden | 409 B |
URL User Request GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17336349 IP13.107.213.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hashc350c6ecaaaa8973b6ead67556b8d526 11af81d580826687f5f90141d3475760bb9dbb18 7d92f87ecc881194699fbba91f1e42635355de6ad3f27628269bec89a47fd2df
GET /redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17336349 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://decidedlyenjoyableannihilation.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Wed, 17 Apr 2024 21:13:02 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240417T211302Z-17f9dd4c48btxgxmh00167mdfs000000019g000000003qkq
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
| adserving.unibet.com/favicon.ico | 13.107.246.53 | 403 Forbidden | 409 B |
URL GET HTTP/2adserving.unibet.com/favicon.ico IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17336349 CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
File typeASCII text, with CRLF line terminators Hash05a9bf38139b0686766c1f204c64abc6 04ec3b08c65e1007379009e0d9c58e0b065f6be7 d4f94697475b725e761e66643dfd533096549b38ba7bfa687a8f5493a2624234
GET /favicon.ico HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=15135578&sref=ADST&ADST=17336349
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Wed, 17 Apr 2024 21:13:02 GMT
content-type: text/html
content-length: 409
x-azure-ref: 20240417T211302Z-17f9dd4c48bdtt2tckkauf2nf800000001dg000000001hnf
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|