Report - ats.io

Report Overview

Submitted URL
ats.io
IP
167.71.81.63
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-05-10 13:15:10
Access
public
Website Title
ATS Sports Picks, Predictions & Best Bets - ATS.io
Final URL
ats.io/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
228

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
a.omappapi.com	5418	2020-03-16	2020-03-20	2024-05-09	6.9 kB	232 kB	194.242.11.186
www.google.no	25607	2001-02-26	2016-04-05	2024-05-09	576 B	578 B	142.250.74.131
to.getnitropack.com	17316	2018-04-24	2020-05-19	2024-05-08	1.3 kB	879 B	172.64.150.163
api.omappapi.com	5038	2020-03-16	2020-03-20	2024-05-09	849 B	42 kB	172.66.41.8
nitroscripts.com	unknown	2023-10-29	2023-11-20	2024-05-09	416 B	45 kB	172.64.154.248
ats.io	unknown	unknown	2019-04-15	2023-01-17	61 kB	947 kB	167.71.81.63
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	1.3 kB	180 kB	142.250.74.168
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-05-09	764 B	437 B	216.239.34.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed
2024-05-10	medium	ats.io	Sinkholed

ThreatFox

No alerts detected

JavaScript (39)

	URL	Size	First Seen	Last Seen
	nitroscripts.com/NBqRUzkcDFZyLbulDYSKKJaCHobbQKNs	44 kB	2024-05-10	2024-05-10
Pretty URL nitroscripts.com/NBqRUzkcDFZyLbulDYSKKJaCHobbQKNs IP 172.64.154.248 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 15:15:12 Last Seen2024-05-10 15:15:15 Times Seen2 Hash f504e649c9f3753d1bb836f9c907a429 5b5015e889e51dd36d26ce6b50f327132cb8b9e0 e63afec0e14a703312f354e5e69169d2429184578d95dc625eca46adccfd72d9 Loading...

	a.omappapi.com/app/js/19.b4e5b44b.min.js	4.3 kB	2024-03-12	2024-05-20
Pretty URL a.omappapi.com/app/js/19.b4e5b44b.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:05:16 Last Seen2024-05-20 11:53:10 Times Seen98 Hash 9b58d633106c72743af560dd8645e2e8 4053987ccac1d55e704ad44c6fe466c68a416aad 753fb193306c662fa5918a839c29e6ac2aa6f6bc9067897914f7f88cb0b7b13a Loading...

	ats.io/wp-content/themes/ats-reskin/js/lazysizes.js	8.8 kB	2024-05-10	2024-05-15
Pretty URL ats.io/wp-content/themes/ats-reskin/js/lazysizes.js IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 15:15:12 Last Seen2024-05-15 15:48:35 Times Seen4 Hash 2911eb297afe3c9144258747d32b0847 c860be2f0c452421882de5a409c3d2f951a5b333 7bb10289aacbb7de45faf7a85415dbed800fc492eceb1e05e210f96386916a12 Loading...

	ats.io/	157 B	2024-02-26	2024-05-18
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-26 22:56:28 Last Seen2024-05-18 11:56:43 Times Seen7 Hash 1f27975594a8b48639ac27cb9a030b38 7d51e04439beebae47e1fb8f92917b9ad0e9932e d03d5c10b4394c8e8c4576376a75be839021bc83febce82f32d386ce1eebc0be Loading...

	ats.io/	104 B	2024-04-12	2024-05-18
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-12 14:33:53 Last Seen2024-05-18 11:56:43 Times Seen5 Hash 42fded900379541fea9416e64475f812 e14a669e4eb65b99c30805100bd212a794fe8681 2959511725b0edb28e651707855db41447e3ca252296e3d6a99bd51b1af840f9 Loading...

	ats.io/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js	40 kB	2024-03-06	2024-05-20
Pretty URL ats.io/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-06 11:07:12 Last Seen2024-05-20 16:19:06 Times Seen271 Hash 684ba0b36cb26363cf696e27eac0cf08 574ee20736ef0f3093d9565658ff453cea82113a e48afa0ca2fdaed77ef3d14202f805ab16829b42e321b71635d538f9e9efa4e2 Loading...

	a.omappapi.com/app/js/28.b1a68bf1.min.js	3.5 kB	2024-03-12	2024-05-20
Pretty URL a.omappapi.com/app/js/28.b1a68bf1.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:05:17 Last Seen2024-05-20 11:53:09 Times Seen104 Hash 78e8b509c5881c2e7c8b7a019bd203cc 02b7e2debf2b05bc078bfbff070e795b518a0e62 7145f523095f6104f82d9dbd26409181378e073eecfa04beec262ae8e99fc02f Loading...

	a.omappapi.com/app/js/21.40afa0f2.min.js	2.1 kB	2024-03-12	2024-05-20
Pretty URL a.omappapi.com/app/js/21.40afa0f2.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:05:17 Last Seen2024-05-20 11:53:11 Times Seen102 Hash 6f0b49d1451a7545264d0c811edd1238 0bc9b3727578d59a26af90e24a596b382dc7575f dc5d4b967ffff9726af04edc42a6fd8c0d270e5d3cf4585ce67ddb2e63848935 Loading...

	ats.io/	397 B	2024-05-10	2024-05-15
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 15:15:12 Last Seen2024-05-15 15:48:34 Times Seen2 Hash 49187b5fcb2652ff62ee8d201bfdb403 e921d82322543e523b2dcbd80ea4919848bd6cb3 7dbbe1113dedeb838c283ef7770630a0cb220163cffb458cbf9a2b07125486d6 Loading...

	ats.io/	158 B	2024-05-10	2024-05-15
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 15:15:12 Last Seen2024-05-15 15:48:34 Times Seen2 Hash 9e0a1e61b3b1c3e101ba37e42c5d335e ab4b300ea8ecb37170ef4496ef1007947ac229d4 3e095f7bec3815895a2523178c258283d144fea43a198ae4b86caafc266c6814 Loading...

	www.googletagmanager.com/gtag/js?id=G-K0VX0N7KWX	322 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-K0VX0N7KWX IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 15:15:12 Last Seen2024-05-10 15:15:13 Times Seen2 Hash 655517ba52331cbf21043eb8253cc322 119c151697baf2c3fd7e4713547e37542a840d85 bf03e836b4a2a461df05bb419b740ae479f50c2c646c823d2debb241dc583832 Loading...

	a.omappapi.com/app/js/11.f24aae20.min.js	2.6 kB	2024-03-12	2024-05-20
Pretty URL a.omappapi.com/app/js/11.f24aae20.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:05:17 Last Seen2024-05-20 11:53:08 Times Seen96 Hash b46f25d9120b22c4f1ac405123a9f242 5e544b023d87067b8e4eca122444b1ef62362543 a8e8b78aa3a03c4da90595ae6701a7354f96b39eb7c2bfe8d48eea3c598a900e Loading...

	a.omappapi.com/app/js/16.f8b2cea4.min.js	1.3 kB	2024-03-12	2024-05-20
Pretty URL a.omappapi.com/app/js/16.f8b2cea4.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:05:16 Last Seen2024-05-20 11:53:09 Times Seen99 Hash 9eb031009c9fe89225eec208d6bd89e2 2aee95835dee95b0cfffebb26cfad4d8ffa27284 a6117ff5cc0820717586d0f2ca8695cad42bf4194bcd64bcfb089c868dd9f292 Loading...

	ats.io/	158 B	2024-05-10	2024-05-15
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 15:15:12 Last Seen2024-05-15 15:48:34 Times Seen2 Hash 40a180f009cda28c5aa5e934872e5397 06f3ba83e8fae15a613e81f53e5b09d8766339c4 a2f947b1ed6c0ef00b0ca28aa2639c4840a2085a9862d7275ef9725a7129000d Loading...

	ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/sports-picks-and-predictions/script.js	332 B	2024-05-10	2024-05-15
Pretty URL ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/sports-picks-and-predictions/script.js IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 15:15:12 Last Seen2024-05-15 15:48:35 Times Seen4 Hash 4752b36e19f304390cf0a74f84648649 017e2c79a1bfe604a17878d4e07d13a54f8711ff b54ef5b46a35b3ff3113948d74baed2e0640402efdfe3bb87fd94446b33796b8 Loading...

	a.omappapi.com/app/js/9.09463684.min.js	2.2 kB	2024-03-12	2024-05-20
Pretty URL a.omappapi.com/app/js/9.09463684.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:05:17 Last Seen2024-05-20 11:53:09 Times Seen103 Hash 10879e406c5b255321291f1faa99114a 75cf9a03287dead52cd2d23aaa0bd5e501be2535 85ac85413190c43521f591c1a6396da00ca53691e1f5efa474b98eb19355864e Loading...

	a.omappapi.com/app/js/26.ece538f7.min.js	1.7 kB	2024-03-12	2024-05-20
Pretty URL a.omappapi.com/app/js/26.ece538f7.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:05:16 Last Seen2024-05-20 11:53:10 Times Seen98 Hash 19dcfbedadc48d81d840e85741424037 e2e9128e506a945c8b2e80bc806dd1d245230b01 40f5fcdf443b5777b6c40b7bcfb16ffb819fb166c7fb03dc4d3051f298b3a0c5 Loading...

	a.omappapi.com/app/js/api.min.js	52 kB	2024-04-17	2024-05-20
Pretty URL a.omappapi.com/app/js/api.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 15:50:15 Last Seen2024-05-20 22:26:17 Times Seen342 Hash 346c4463d12bd2609a4bdc9618431927 491755fcfa8b0692945c325585a2a86c11eca97c 99142e3048ff980fa6ac618f8f99305efdf4bd1afa17aa842ae535a59716936d Loading...

	a.omappapi.com/app/js/10.d6ea746c.min.js	34 kB	2024-03-12	2024-05-20
Pretty URL a.omappapi.com/app/js/10.d6ea746c.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:05:16 Last Seen2024-05-20 11:53:08 Times Seen96 Hash 718bf3d3193fce96ffc93b898aa93286 204eb7c16ee3a4e55a7b5c62a002ff6be38d9ab3 dd46cd5b40060d4af54ab1826b49823e50e5765743b99854f649cd3328df54fd Loading...

	ats.io/wp-content/themes/ats-reskin/plugins/tiny-slider/script.js	32 kB	2024-05-10	2024-05-15
Pretty URL ats.io/wp-content/themes/ats-reskin/plugins/tiny-slider/script.js IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 15:15:12 Last Seen2024-05-15 15:48:35 Times Seen4 Hash 290c5d756d24ec52d0b6e279735dbc15 1820adb8183a5d097c48e8173212b9485c979fe4 ba90e5516ba309ff8b4538a4e5c66edbda3cc34c21646904dad1e6991d281b1a Loading...

	ats.io/	236 B	2024-05-10	2024-05-15
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 15:15:12 Last Seen2024-05-15 15:48:34 Times Seen2 Hash 70cac2fed753d734e8a0f0681304968b 1737963bc19af80ceed7112f4bdd8bb3603f9ca4 2f48de3f8497c7724a8edc265e000a9d119fc70795d6f5b92c5fa3a39caf3415 Loading...

	a.omappapi.com/app/js/20.41293cba.min.js	4.2 kB	2024-03-12	2024-05-20
Pretty URL a.omappapi.com/app/js/20.41293cba.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:05:16 Last Seen2024-05-20 11:53:10 Times Seen83 Hash dfc09777233627be3ba193d3b27f31ff a21ff1f9cd86d54410d942e7777967505ecf8b7e 9f4951170f17592fd277fcf1fb466699c0c6b653648f48e75f7b9be459eb68fb Loading...

	a.omappapi.com/app/js/27.b5b10bd4.min.js	6.5 kB	2024-04-17	2024-05-20
Pretty URL a.omappapi.com/app/js/27.b5b10bd4.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 15:50:13 Last Seen2024-05-20 11:53:09 Times Seen61 Hash 72c2f27e394afff5a826485fa4e1658d e254b2962b48bc35b95bf3c558e185eefc7f5754 76e0cb78cc3495b6f1d43ce22fcd3b86eb896c36449130fa6f57d5d78d24f326 Loading...

	a.omappapi.com/app/js/1.b1faf420.min.js	11 kB	2024-04-17	2024-05-20
Pretty URL a.omappapi.com/app/js/1.b1faf420.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 15:50:18 Last Seen2024-05-20 11:53:12 Times Seen94 Hash 1cb7e2d19c93b8b8fe259e58c02647f8 d13574d19e437e6029d00e5555f5f7ec10e93f46 8bea43a9ea37aa3cb1e00bdb138fb4d55b2f3b469914a3e6920b77d1eb114954 Loading...

	ats.io/	110 B	2023-03-12	2024-05-20
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 22:31:04 Last Seen2024-05-20 10:36:44 Times Seen1012 Hash 4e5ff8cd112333e739e563a49b4c49d0 4b2f15087893595b4d3c7e1eb5b5b2a04cf19d7c c960770914255fd4e96bc105e886b7e248a9a537a23f859f332d258980468111 Loading...

	ats.io/wp-content/themes/ats-reskin/js/jquery.js	97 kB	2024-05-10	2024-05-15
Pretty URL ats.io/wp-content/themes/ats-reskin/js/jquery.js IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 15:15:12 Last Seen2024-05-15 15:48:35 Times Seen4 Hash 6ca14ab7d643b39ce6ace2fd4742e28f 73d71bf2a7b3d9b71d80e7ed1d35e9a571b4bde3 28b3bfd75a9d6849e5e0f1ea65df296c737cc52233105b3bd96bd40b12b29493 Loading...

	ats.io/wp-content/themes/ats-reskin/layouts/bootstrap/js/carousel.js	22 kB	2024-05-10	2024-05-15
Pretty URL ats.io/wp-content/themes/ats-reskin/layouts/bootstrap/js/carousel.js IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 15:15:12 Last Seen2024-05-15 15:48:35 Times Seen4 Hash 3189cb7218a01f4285a27266b10add87 e1011cf67072608711f8fd7587324f4f9b6752b0 8b31db52eb59200ae6fc29c4ff731a33174c2d20be22eee8ca3954aad7019038 Loading...

	ats.io/	1.0 kB	2024-05-10	2024-05-15
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 15:15:13 Last Seen2024-05-15 15:48:34 Times Seen2 Hash 3658cb887f15f0c1cdb5462c17ab57a0 50bf12f922dcc63086e1285834a127ada101771b d28ef6871c6169bb4a664652f96a716358b0c47a016cafc35bacb4b9f48c7bff Loading...

	a.omappapi.com/app/js/5.ad5ae419.min.js	17 kB	2024-03-12	2024-05-20
Pretty URL a.omappapi.com/app/js/5.ad5ae419.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:05:16 Last Seen2024-05-20 11:53:11 Times Seen190 Hash 3f585aa58b9495b3807256e46d072aea b65631e1fbe4b6a76cbcac88e196bc314eded80c 5fd85023d4b7e68daa580930db825421c34ce8a005748eca44c2396922b2402e Loading...

	ats.io/	349 B	2023-03-14	2024-05-16
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 18:23:26 Last Seen2024-05-16 10:29:27 Times Seen26 Hash f5f445208b8a644a465f31b799abcece 83976b635087abdc393baf218afefff25e8ae065 ddabc853d3ab5abe6875a915c87cb5ef3a65c2dd1096e9778aa8f8df15af2936 Loading...

	ats.io/	251 B	2024-05-10	2024-05-15
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 15:15:13 Last Seen2024-05-15 15:48:34 Times Seen2 Hash 637e5d952e95dfa57f35655eef27cff2 2e04466452cbbb9da7b6c3ffdfa9fa548a317b0a cc7abd339cc95baedd86bb9cf5f36b76c558afbcc77eca23d19200d7352c38a5 Loading...

	ats.io/	1.0 kB	2024-05-10	2024-05-15
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 15:15:13 Last Seen2024-05-15 15:48:34 Times Seen2 Hash 24c7716e93737911c5cb59ad18ce68d4 b82731bc06280115de021dc64365bc1c6667a8d2 aee46ba6cee00e1268b43dbcbe5205559efdccc3c86a099f4d85349517584459 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PNFQC5P	202 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PNFQC5P IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 15:15:13 Last Seen2024-05-10 15:15:13 Times Seen2 Hash 7b89a6c30a2095130ac74732b5a143ce 598c4b33aafb1641c16f8caf1014391099db3170 98f0b7f2ca81176c136b27a4482cb2721294070838dba97b6116d02d21ecadee Loading...

	a.omappapi.com/app/js/32.b9065693.min.js	11 kB	2023-09-19	2024-05-20
Pretty URL a.omappapi.com/app/js/32.b9065693.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-19 07:48:19 Last Seen2024-05-20 11:53:11 Times Seen944 Hash 6fd48ead83fa7ab24afa74a2032e960c 082747f18091761fa46359c6fc6e3cc1920adc17 978277c7385002bbd8eca4f51d7bdac7424ef8c6d267066e36b018b25bf88f7a Loading...

	a.omappapi.com/app/js/0.3271ac0a.min.js	7.5 kB	2024-03-12	2024-05-20
Pretty URL a.omappapi.com/app/js/0.3271ac0a.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:05:17 Last Seen2024-05-20 11:53:10 Times Seen100 Hash 3538c9c5ce56b35fdc0efeee1777feae fea9ec368ec32ef1e5dbaad29ed8a50e55ce75bd 7ce730c88c3e9b94213f122d60df45837854975bb99a738f5a1c6890dd897fa5 Loading...

	ats.io/	703 B	2024-05-10	2024-05-15
Pretty URL ats.io/ IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 15:15:13 Last Seen2024-05-15 15:48:34 Times Seen2 Hash b4f02fdf6e9fee2277e8168a790baea5 7a30e4c61789928076ef91f724c24aafc003fe16 de1ffa15a996476c5b306152d33e5f0e4e112609b1eb1ad3a30eaa905bdbdb3a Loading...

	ats.io/wp-content/themes/ats-reskin/plugins/mm-menu/mmenu-light.js	5.5 kB	2024-05-10	2024-05-15
Pretty URL ats.io/wp-content/themes/ats-reskin/plugins/mm-menu/mmenu-light.js IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 15:15:13 Last Seen2024-05-15 15:48:35 Times Seen4 Hash a46630c63fb7822f24c09a3fcd566698 28fb0a4d0e9878a702a3ccf49f2a06e8427d22c7 edcc68fefeab4037e756dc3379f6bf08f4d195bf3351d406bcec2eb685eb0760 Loading...

	ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/legal-map/script.js	836 B	2024-05-10	2024-05-15
Pretty URL ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/legal-map/script.js IP 167.71.81.63 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 15:15:13 Last Seen2024-05-15 15:48:35 Times Seen4 Hash 78cb4e18ea61b2d5dc2e3471676f5046 d034ed88348e534efe69e72ab998603ca40cc499 4483df25a2559e0400b5721c82748d73a0c228051277285c9b1fc0d3cbd585bd Loading...

	a.omappapi.com/app/js/4.d8754c5b.min.js	49 kB	2024-04-17	2024-05-20
Pretty URL a.omappapi.com/app/js/4.d8754c5b.min.js IP 194.242.11.186 ASN #34989 ServeTheWorld AS Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 15:50:14 Last Seen2024-05-20 11:53:11 Times Seen96 Hash 4e296a8509946bf75c3f1f6c87b09116 43ff933f8c5f6310729dc3c17491e20494b125d4 0419af108684c7be468d5b2e8813d0f8c6a8dfe6e903f321fb5fb94b538f3f41 Loading...

HTTP Transactions (142)

URL IP Response Size

ats.io/

167.71.81.63

200 OK

63 kB

URL User Request GET HTTP/1.1
ats.io/
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
HTML document, ASCII text, with very long lines (8586)
Size
63 kB (62811 bytes)
Hash
3922cfac3396398b4f64ca21095cf2f7
09907c9b5c503ff7ec2aa2140286a0b6fbcd5f40
cc58ecf4b67e90388ac420812a89c415b00b81d7b61ab35c2d5c1a5683709b28

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:43 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-store, no-cache, must-revalidate
X-Nitro-Cache: MISS
X-Nitro-Disabled-Reason: page type not allowed (home)
X-Nitro-Disabled: 1
Set-Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Link: <https://ats.io/wp-json/>; rel="https://api.w.org/", <https://ats.io/wp-json/wp/v2/pages/121173>; rel="alternate"; type="application/json", <https://ats.io/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ats.io/wp-includes/css/dist/block-library/style.min.css

167.71.81.63

200 OK

15 kB

URL GET HTTP/1.1
ats.io/wp-includes/css/dist/block-library/style.min.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text, with very long lines (59701)
Size
15 kB (14991 bytes)
Hash
51a8390b47aa0582cf2d9c96c5addee2
b16a640874025d085c38119a1a02a3460f83f2de
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 05 Apr 2024 13:17:14 GMT
ETag: "1bae5-61559463b1908-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 14991
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/plugins/writenow/public/css/eva-frontend.css

167.71.81.63

200 OK

574 B

URL GET HTTP/1.1
ats.io/wp-content/plugins/writenow/public/css/eva-frontend.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text
Size
574 B (574 bytes)
Hash
e11748218ec57aa10af76cbec9507a67
542cef722c827ff9dfbe7cdd95b7e80ee73c2056
7f9e9210850d9fa93cacb6acd31030d97934707b8cc3635d7389ee4c33dcd9d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/writenow/public/css/eva-frontend.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "800-617c950f7fd82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 574
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/plugins/mm-menu/mmenu-light.css

167.71.81.63

200 OK

1.6 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/plugins/mm-menu/mmenu-light.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text, with very long lines (6265)
Size
1.6 kB (1558 bytes)
Hash
14dcb86139df3bcba7bcdd958a5eb4dd
93463042e2876e7923a569bcb88c37defced793a
acf0e44bef0125341e563676bdb0281716f6a8b22514738e18eeaa36f58ec7a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/plugins/mm-menu/mmenu-light.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "192c-617c950fbf523-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 1558
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css

167.71.81.63

200 OK

725 B

URL GET HTTP/1.1
ats.io/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text, with very long lines (2782), with no line terminators
Size
725 B (725 bytes)
Hash
78b10b5ab3274275e3ad29a5182c5053
67f4e3e6619d2a1aac209876d35e1eb74ef703b2
0d5f949fcf84560d013b596b51856d6bc487bedc510bc712e82458f00b2506e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "ade-617c950efa0de-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 725
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/css/beckman.css

167.71.81.63

200 OK

133 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/css/beckman.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text
Size
133 B (133 bytes)
Hash
ce53d79da8e699d9cffcd258206dd493
ed2e5da639d585faf98f7274a080306bc303a942
4c80723d40ba8df21bdce66d87eec66ff9cdf41839a666efc50022e9d2826139

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/css/beckman.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "10d-617c950f81cc2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 133
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/plugins/tiny-slider/style.css

167.71.81.63

200 OK

738 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/plugins/tiny-slider/style.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text, with very long lines (2121)
Size
738 B (738 bytes)
Hash
afcf365e904cab0605984cb0e73114aa
d362d2d6f372813e6e66009f005b459e40bbab1d
e9b8906a8b7540b8accfd2a491c0821d6bd6d8ccbd4ab53a56da8906ff028423

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/plugins/tiny-slider/style.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "882-617c950fbf523-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/layouts/bootstrap/css/bootstrap.css

167.71.81.63

200 OK

3.8 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/layouts/bootstrap/css/bootstrap.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text
Size
3.8 kB (3782 bytes)
Hash
edcd6bc73efb58eeee2d01273a367ce9
39a67ea2af2e1f452745ce65ee126a4b82dee8de
c5991c57d1561ae941915c231fbcb6a27828cc87af4e3f93178efa796173a7c4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/layouts/bootstrap/css/bootstrap.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "51fa-617c950fbb6a3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 3782
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/css/desktop.css

167.71.81.63

200 OK

0 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/css/desktop.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/css/desktop.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "0-617c950f81cc2"
Accept-Ranges: bytes
Content-Length: 0
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/plugins/fontawesome/css/all.min.css

167.71.81.63

200 OK

13 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/plugins/fontawesome/css/all.min.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text, with very long lines (58392)
Size
13 kB (12674 bytes)
Hash
76cb46c10b6c0293433b371bae2414b2
0038dc97c79451578b7bd48af60ba62282b4082b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/plugins/fontawesome/css/all.min.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "e4d2-617c950fbb6a3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 12674
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/css/reskin_global.css

167.71.81.63

200 OK

5.1 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/css/reskin_global.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
assembler source, ASCII text
Size
5.1 kB (5065 bytes)
Hash
a05f73c73bbcd7ffde74252884d66ad6
17a96e1e85eaf45c02fcf4ee9389aef1d335e905
d384b3651181a83af2aaee5ae6f1b7caa666bbf9043d533faf9bc4e86454f41d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/css/reskin_global.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "6342-617c950f81cc2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 5065
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/todays-best/style.css

167.71.81.63

200 OK

600 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/todays-best/style.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text
Size
600 B (600 bytes)
Hash
a347e746a8d4dacbd9c39bf498ca16a0
481ef5ba5828616d8d872beb3333569208fa4f7f
102a836931aa542a24924d315e43c939bec796ac308dc3d8d82299c1f1d48c3e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/template-parts/reskin-blocks/todays-best/style.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "604-617c950fc1464-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 600
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/featured-post/style.css

167.71.81.63

200 OK

641 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/featured-post/style.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text
Size
641 B (641 bytes)
Hash
0f80e79c620dbae292ce2d987e1b3b4d
e35e47c54866daf05eb5aeed359e53f6543066c7
459f9b1e89c23a0075ad9fc115887c523f0260671eeb9b09a391bd5db86a07b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/template-parts/reskin-blocks/featured-post/style.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "798-617c950fc04c3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 641
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/sports-picks-and-predictions/style.css

167.71.81.63

200 OK

1.2 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/sports-picks-and-predictions/style.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text
Size
1.2 kB (1183 bytes)
Hash
37c23ecf0c83121f69bb6a8e54355508
1645f96bae329184cc35e43fed4e158258f74a46
88f8ce2c2ee9d044108d96a548faee4435fcd0f57f59005112aee10ad6180dee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/template-parts/reskin-blocks/sports-picks-and-predictions/style.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "134c-617c950fc1464-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 1183
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/list-of-posts/style.css

167.71.81.63

200 OK

640 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/list-of-posts/style.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text
Size
640 B (640 bytes)
Hash
790f3ee4c8e9b9e3a4e29bfea1b49f70
f02bd3b0d8d5ae86ed76e45a1763ddff18c163b0
fb0ac3f89d35ae6bd2953d2637aa3473f4b6fd6a80c38ca2a3b99dd937e0eb0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/template-parts/reskin-blocks/list-of-posts/style.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "7b1-617c950fc04c3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 640
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.googletagmanager.com/gtag/js?id=G-K0VX0N7KWX

142.250.74.168

200 OK

105 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-K0VX0N7KWX
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ats.io/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
105 kB (105076 bytes)
Hash
655517ba52331cbf21043eb8253cc322
119c151697baf2c3fd7e4713547e37542a840d85
bf03e836b4a2a461df05bb419b740ae479f50c2c646c823d2debb241dc583832

HTTP Headers

GET /gtag/js?id=G-K0VX0N7KWX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 13:14:44 GMT
expires: Fri, 10 May 2024 13:14:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 105076
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/legal-map/style.css

167.71.81.63

200 OK

1.1 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/legal-map/style.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text
Size
1.1 kB (1068 bytes)
Hash
3280445e31730228a289e61376b91b09
c38e46543fc8998eeea8e7be836a8878f9e42ea3
3165503a3458486cfee58c9b6cfe7b65a7ce149fd461fa991425ba3e4e885a84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/template-parts/reskin-blocks/legal-map/style.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "db6-617c950fc04c3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 1068
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/text/style.css

167.71.81.63

200 OK

428 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/text/style.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
assembler source, ASCII text
Size
428 B (428 bytes)
Hash
a4087c1027400de360771d9163dd750e
47a6ba4c121192c7578af360ac1885e085620243
0cc67de2c2cc8a8afab3291d54107a993343800d385130fe22bc495f4065fde4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/template-parts/reskin-blocks/text/style.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "3ce-617c950fc1464-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 428
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/title/style.css

167.71.81.63

200 OK

258 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/title/style.css
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text
Size
258 B (258 bytes)
Hash
13bcc6fe41ba90e23ba9b5dc1e85b5a1
d1c8f72a52950c3108c972946d34795660178763
a8804150f77b3b9a09a2239fb12779514cbf12e68c77e841ab4262cb3a55e221

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/template-parts/reskin-blocks/title/style.css HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "1e6-617c950fc1464-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 258
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

ats.io/wp-content/themes/ats-reskin/js/lazysizes.js

167.71.81.63

200 OK

3.9 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/js/lazysizes.js
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
JavaScript source, ASCII text, with very long lines (8826), with no line terminators
Size
3.9 kB (3854 bytes)
Hash
2911eb297afe3c9144258747d32b0847
c860be2f0c452421882de5a409c3d2f951a5b333
7bb10289aacbb7de45faf7a85415dbed800fc492eceb1e05e210f96386916a12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/js/lazysizes.js HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "227a-617c950fbb6a3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 3854
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

ats.io/wp-content/themes/ats-reskin/plugins/mm-menu/mmenu-light.js

167.71.81.63

200 OK

1.9 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/plugins/mm-menu/mmenu-light.js
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5206)
Size
1.9 kB (1853 bytes)
Hash
a46630c63fb7822f24c09a3fcd566698
28fb0a4d0e9878a702a3ccf49f2a06e8427d22c7
edcc68fefeab4037e756dc3379f6bf08f4d195bf3351d406bcec2eb685eb0760

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/plugins/mm-menu/mmenu-light.js HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "1581-617c950fbf523-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 1853
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

ats.io/wp-content/themes/ats-reskin/plugins/tiny-slider/script.js

167.71.81.63

200 OK

13 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/plugins/tiny-slider/script.js
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
JavaScript source, ASCII text, with very long lines (31683)
Size
13 kB (12808 bytes)
Hash
290c5d756d24ec52d0b6e279735dbc15
1820adb8183a5d097c48e8173212b9485c979fe4
ba90e5516ba309ff8b4538a4e5c66edbda3cc34c21646904dad1e6991d281b1a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/plugins/tiny-slider/script.js HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "7d03-617c950fbf523-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 12808
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

ats.io/wp-content/themes/ats-reskin/js/jquery.js

167.71.81.63

200 OK

33 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/js/jquery.js
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
33 kB (33276 bytes)
Hash
6ca14ab7d643b39ce6ace2fd4742e28f
73d71bf2a7b3d9b71d80e7ed1d35e9a571b4bde3
28b3bfd75a9d6849e5e0f1ea65df296c737cc52233105b3bd96bd40b12b29493

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/js/jquery.js HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "17bb6-617c950fba703-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 33276
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript

ats.io/wp-content/themes/ats-reskin/layouts/bootstrap/js/carousel.js

167.71.81.63

200 OK

5.5 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/layouts/bootstrap/js/carousel.js
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
JavaScript source, ASCII text
Size
5.5 kB (5453 bytes)
Hash
3189cb7218a01f4285a27266b10add87
e1011cf67072608711f8fd7587324f4f9b6752b0
8b31db52eb59200ae6fc29c4ff731a33174c2d20be22eee8ca3954aad7019038

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/layouts/bootstrap/js/carousel.js HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "54fc-617c950fbb6a3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 5453
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

ats.io/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js

167.71.81.63

200 OK

10 kB

URL GET HTTP/1.1
ats.io/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
JavaScript source, ASCII text, with very long lines (40430), with no line terminators
Size
10 kB (10547 bytes)
Hash
684ba0b36cb26363cf696e27eac0cf08
574ee20736ef0f3093d9565658ff453cea82113a
e48afa0ca2fdaed77ef3d14202f805ab16829b42e321b71635d538f9e9efa4e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "9dee-617c950f117df-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 10547
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/sports-picks-and-predictions/script.js

167.71.81.63

200 OK

183 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/sports-picks-and-predictions/script.js
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
JavaScript source, ASCII text
Size
183 B (183 bytes)
Hash
4752b36e19f304390cf0a74f84648649
017e2c79a1bfe604a17878d4e07d13a54f8711ff
b54ef5b46a35b3ff3113948d74baed2e0640402efdfe3bb87fd94446b33796b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/template-parts/reskin-blocks/sports-picks-and-predictions/script.js HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "14c-617c950fc1464-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 183
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/legal-map/script.js

167.71.81.63

200 OK

405 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/legal-map/script.js
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
JavaScript source, ASCII text
Size
405 B (405 bytes)
Hash
78cb4e18ea61b2d5dc2e3471676f5046
d034ed88348e534efe69e72ab998603ca40cc499
4483df25a2559e0400b5721c82748d73a0c228051277285c9b1fc0d3cbd585bd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/template-parts/reskin-blocks/legal-map/script.js HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:44 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "344-617c950fc04c3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 405
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

ats.io/wp-content/uploads/2023/06/logo-366x226.png

167.71.81.63

200 OK

6.7 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/logo-366x226.png
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
6.7 kB (6652 bytes)
Hash
f5975253ca91b8bf4ce9522ddff690a4
8b5e7d0ce44268d0b72cf00724fca3ad3b6849ed
41def34f5e39fe448296b8fbe18bec3109e36086611eb6096fd9bd2c4c9e6e2a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/logo-366x226.png HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept
Last-Modified: Wed, 21 Jun 2023 13:10:09 GMT
ETag: "19fc-5fea37cb64e40"
Accept-Ranges: bytes
Content-Length: 6652
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/themes/ats-reskin/images/time.svg

167.71.81.63

200 OK

781 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/images/time.svg
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
SVG Scalable Vector Graphics image
Size
781 B (781 bytes)
Hash
e0c3ac6811b29fc9f552a729b238fc94
920c23230a40aa82e67b8bee0aafefd5ee0292c6
5837c7be8726b6d3b4e7a55316481e7b020c2ba31d076b36df0020ab003401e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/images/time.svg HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "30d-617c950fb9763"
Accept-Ranges: bytes
Content-Length: 781
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml

www.googletagmanager.com/gtm.js?id=GTM-PNFQC5P

142.250.74.168

200 OK

72 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-PNFQC5P
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ats.io/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4826)
Size
72 kB (71642 bytes)
Hash
7b89a6c30a2095130ac74732b5a143ce
598c4b33aafb1641c16f8caf1014391099db3170
98f0b7f2ca81176c136b27a4482cb2721294070838dba97b6116d02d21ecadee

HTTP Headers

GET /gtm.js?id=GTM-PNFQC5P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 13:14:45 GMT
expires: Fri, 10 May 2024 13:14:45 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71642
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ats.io/wp-content/themes/ats-reskin/images/odds-icon-fanduel.png

167.71.81.63

200 OK

658 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/images/odds-icon-fanduel.png
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
658 B (658 bytes)
Hash
cb0e9c6f57f222e006896538db5a0c07
b6e01219a9c4ffe06f9d7890d5fdf14b471b9a48
4c4c560bf1a25c592362555de0da97cfe0f969b45f0584cecb3e624660dbe4e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/images/odds-icon-fanduel.png HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "292-617c950fb58e3"
Accept-Ranges: bytes
Content-Length: 658
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/themes/ats-reskin/fonts/beckman/beckman.woff

167.71.81.63

200 OK

11 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/fonts/beckman/beckman.woff
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
Web Open Font Format, TrueType, length 11068, version 0.0
Size
11 kB (11068 bytes)
Hash
cab3d55aac59b66ef3ecda4bceba3b49
03779a9a5d0872e7b6ca7e8eeafea41db9a0fd4f
a2205fb0e1bc6aa2d3c689f850a6a01d0b78fc2d37d68a2db8b435071e3b5ce1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/fonts/beckman/beckman.woff HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ats.io/wp-content/themes/ats-reskin/css/beckman.css
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "2b3c-617c950f81cc2"
Accept-Ranges: bytes
Content-Length: 11068
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff

ats.io/wp-content/uploads/2024/05/denver_nuggetsvsminnesota_timberwolves.png

167.71.81.63

200 OK

222 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2024/05/denver_nuggetsvsminnesota_timberwolves.png
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 1200x420, components 3
Size
222 kB (221637 bytes)
Hash
ef04716e27c851de78f05348e3734cab
7a33c035aff4addfb0c0db9e54e4f207ef8cd11d
f9610475066cca75d5068b3ad4b09bdeeedc0aa2390939cd080906bd643310c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/05/denver_nuggetsvsminnesota_timberwolves.png HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 10 May 2024 11:21:40 GMT
ETag: "361c5-61817bd5ba3ce"
Accept-Ranges: bytes
Content-Length: 221637
Access-Control-Allow-Origin: *
Vary: Accept
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2

167.71.81.63

200 OK

16 kB

URL GET HTTP/1.1
ats.io/wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:51:22 GMT
ETag: "3d80-617c95d5d0ad1"
Accept-Ranges: bytes
Content-Length: 15744
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2

ats.io/?fd-action=get-logo&sport=mlb&team=chc&w=18

167.71.81.63

200 OK

840 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=chc&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
840 B (840 bytes)
Hash
836d5546104e26302720965eadfd08cb
075f75dde8426e755fe13adba2a86c95ae25af2f
c11b5ffd839f8f86b7b8e440acec1584091086eb302fa7b187ddb2e057a06bc5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=chc&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 840
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/themes/ats-reskin/images/odds-icon-draft-king.png

167.71.81.63

200 OK

386 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/images/odds-icon-draft-king.png
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
386 B (386 bytes)
Hash
7e26699ea8567e27473f02db398f7072
76a8ab375ac1bc2be4fdf5031534c9330880c6b0
32073cf1d3b55ad76612acc46efc81fb5a21e31a3fd4041e38795be6a867083b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/images/odds-icon-draft-king.png HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "182-617c950fb58e3"
Accept-Ranges: bytes
Content-Length: 386
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/webp

ats.io/?fd-action=get-logo&sport=mlb&team=pit&w=18

167.71.81.63

200 OK

396 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=pit&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
396 B (396 bytes)
Hash
e186771a1fea529d5437bb7eedbdd576
e0468f076ccfd019997a0ee97f8360f7cee2df49
00bc4a445b865372750a69e98c6e80e8ec2f1dbdfeb1ebb0874335aa35c3f06c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=pit&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 396
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/themes/ats-reskin/plugins/fontawesome/webfonts/fa-solid-900.woff2

167.71.81.63

200 OK

79 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/plugins/fontawesome/webfonts/fa-solid-900.woff2
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 79444, version 331.524
Size
79 kB (79444 bytes)
Hash
b15db15f746f29ffa02638cb455b8ec0
75a88815c47a249eadb5f0edc1675957f860cca7
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/plugins/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://ats.io/wp-content/themes/ats-reskin/plugins/fontawesome/css/all.min.css
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "13654-617c950fbf523"
Accept-Ranges: bytes
Content-Length: 79444
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2

ats.io/wp-content/themes/ats-reskin/images/home/dropdown-arrow.svg

167.71.81.63

200 OK

508 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/images/home/dropdown-arrow.svg
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
SVG Scalable Vector Graphics image
Size
508 B (508 bytes)
Hash
3e80eda2977c68410a51e2242d1a0e9c
02b825b8b6449464e8c63cd9521bf78788388723
c699c8873a85bf6652de82b2cacca3b8f050f495849a30569bcc5e2d631befb5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/images/home/dropdown-arrow.svg HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/wp-content/themes/ats-reskin/template-parts/reskin-blocks/legal-map/style.css
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "1fc-617c950f84ba2"
Accept-Ranges: bytes
Content-Length: 508
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml

www.googletagmanager.com/gtm.js?id=

142.250.74.168

400 Bad Request

1.6 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ats.io/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1555 bytes)
Hash
fbe36eb2eecf1b90451a3a72701e49d2
ae56ea57c52d1153cec33cef91cf935d2d3af14d
e8f2ded5d74c0ee5f427a20b6715e65bc79ed5c4fc67fb00d89005515c8efe63

HTTP Headers

GET /gtm.js?id= HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 400 Bad Request
date: Fri, 10 May 2024 13:14:45 GMT
content-type: text/html; charset=UTF-8
server: Google Tag Manager
content-length: 1555
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ats.io/?fd-action=get-logo&sport=mlb&team=hou&w=18

167.71.81.63

200 OK

897 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=hou&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
897 B (897 bytes)
Hash
47c2584bf3200b7b0307ad79f5d5e513
622564b07a0a48af41130355a43a69f6d70a2a32
ba13e4ccfb29bc87b04759f92b51f51252147ee29e31915273f22652d58d066b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=hou&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 897
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=det&w=18

167.71.81.63

200 OK

668 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=det&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
668 B (668 bytes)
Hash
52040c87018adc347c111fbcdbb77b53
612f5b173ffa44cf8d6754b1bb03d7ee92e1cfc9
99c429fd352e7fe2b8300089d0ba5df317ada6ad501ef9ccf2659a55e1c14961

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=det&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 668
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/uploads/complianz/css/banner-1-optout.css?v=19

167.71.81.63

200 OK

3.0 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/complianz/css/banner-1-optout.css?v=19
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
ASCII text, with very long lines (16177), with no line terminators
Size
3.0 kB (2957 bytes)
Hash
a2c806faa68b78723eff3ce4ea0a68fd
0136f41c99ad4b03dc532253f437b52288929254
ed25b53bb6bbc9cc54dbabf4fe177ebf37143ca03049a8324152868b947662bd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/complianz/css/banner-1-optout.css?v=19 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 12 Apr 2024 07:47:12 GMT
ETag: "3f31-615e17acfe9e4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 2957
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

ats.io/?fd-action=get-logo&sport=mlb&team=tb&w=18

167.71.81.63

200 OK

559 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=tb&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
559 B (559 bytes)
Hash
2f40f01f5333965ecd1a62d7c8b68158
aa7e94fad5e79abf337c88b74c0e476718436ea8
8e4a19b3a602306df6344f69dd470150d0e2fac7525d9589f29398ce0e5151c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=tb&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 559
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=nyy&w=18

167.71.81.63

200 OK

846 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=nyy&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
846 B (846 bytes)
Hash
be8a7a45ced06fc8d3c619de08d06bbc
bac532f8d0e4e8bbdde8d863bbfaef914610c45c
e0b2c07d04c5087a79cc116f932a0b0ecc2f7e265fac9ffb448e33adad9a92e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=nyy&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 846
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=bal&w=18

167.71.81.63

200 OK

805 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=bal&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
805 B (805 bytes)
Hash
42c5865b3b2692cc7f6177cd433e6771
e75af5904353af222d0fe176ed38cda19e57e190
bc4c21abbd2baa43dc3ed18e886c99cd04b8452aaea18d18eb39f1ae6e2006a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=bal&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 805
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=ari&w=18

167.71.81.63

200 OK

666 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=ari&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
666 B (666 bytes)
Hash
081073d0d4d06cebad044039cf19e539
11d0cf75a55a0b06def99ab6f4158ae0085be891
4b7fc5715ca4364e0704a4cd07917b2bd89945df69ea84209f20a89b8fb3c48d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=ari&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 666
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/uploads/2023/03/BetMGM-Bet-Get-Promo-570x198.webp

167.71.81.63

200 OK

22 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/03/BetMGM-Bet-Get-Promo-570x198.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 570x198, Scaling: [none]x[none], YUV color, decoders should clamp
Size
22 kB (21796 bytes)
Hash
e36fa605500dcecd4e27a44ad305d320
dedf08c5272218eec4c498e2e222c366eaedc2e5
8cab51fa739cd8f36c368d4f30126ec70f8215b3bcd8816c9b45fdd9ed177bb1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/03/BetMGM-Bet-Get-Promo-570x198.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:15:32 GMT
ETag: "5524-5ff3060da8500"
Accept-Ranges: bytes
Content-Length: 21796
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/webp

ats.io/?fd-action=get-logo&sport=mlb&team=phi&w=18

167.71.81.63

200 OK

500 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=phi&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
500 B (500 bytes)
Hash
e6ba9cb19c8a9b427ca112452d2e1242
448e8226299b45ddb2b0114bc249f43f28c2dbe5
f9a0629c574e28ab9f55f78236ec38d140e3c074688cf84bb441bad1d1955d4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=phi&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 500
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=mia&w=18

167.71.81.63

200 OK

818 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=mia&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
818 B (818 bytes)
Hash
05c88163fc0b591eb5bfec803f528bc5
9d1a9de89757c9e5c531786e5c55c2e9cb6c5b49
89725d46a7c6dd815a8ed0544360e11b67253a4c1f1a987621f7358f6ec1213f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=mia&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 818
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/uploads/2024/02/Logo-bg-black.png

167.71.81.63

200 OK

806 B

URL GET HTTP/1.1
ats.io/wp-content/uploads/2024/02/Logo-bg-black.png
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
806 B (806 bytes)
Hash
586880b4d529503154d76d227ac24fb4
761bceed6e74771183de87b1e11d963679acbcc6
0b827e7963d5a629d3af0d193b310d51e7929bbb1e667eb80c67422b19364bce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2024/02/Logo-bg-black.png HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept
Last-Modified: Thu, 29 Feb 2024 14:12:24 GMT
ETag: "326-61285d92fc200"
Accept-Ranges: bytes
Content-Length: 806
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/webp

ats.io/?fd-action=get-logo&sport=mlb&team=bos&w=18

167.71.81.63

200 OK

695 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=bos&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
695 B (695 bytes)
Hash
17622ede97665bee9994991cbb59f7bb
36f29b5198665c0bb7ed59b426e2cefddcbda79f
5cb085fec7f5972f995091cf8519767dd8e134ecc5a01e8cb3598d5532f03d51

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=bos&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 695
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=wsh&w=18

167.71.81.63

200 OK

865 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=wsh&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
865 B (865 bytes)
Hash
f4aa5b647aa9d557c9c39775cc17299f
f4b796259a6a33eef2fa543a6d077fe78fbfe51c
8ce1ffd0d942ca963aa31942741b63bf0740247935b3202c48e09a24c3a85e3e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=wsh&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 865
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=atl&w=18

167.71.81.63

200 OK

693 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=atl&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
693 B (693 bytes)
Hash
d2ccb7c411a9f4f0f43b7596430d94c4
d0336243ba5165b7c64c4442af86b4403420da46
e068431e218878f3d26f00de6833972043c51b65461fc6c7071d69eaa2cfe8a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=atl&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 693
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/uploads/2023/06/Draftkings-1200x200-gold-medal-1024x171.webp

167.71.81.63

200 OK

8.3 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/Draftkings-1200x200-gold-medal-1024x171.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x171, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.3 kB (8334 bytes)
Hash
3324c56a22dd32983f43a798421b0a08
3f77b7cf97644312a9fa08d364ea28ac0e91cfad
49bffce884c7b6ca5a725315d20bf78682186260aca75fd693775f468d013898

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/Draftkings-1200x200-gold-medal-1024x171.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:16:30 GMT
ETag: "208e-5ff30644f8780"
Accept-Ranges: bytes
Content-Length: 8334
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/06/Caesars-sportsbook-silver-medal-1024x171.webp

167.71.81.63

200 OK

9.8 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/Caesars-sportsbook-silver-medal-1024x171.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x171, Scaling: [none]x[none], YUV color, decoders should clamp
Size
9.8 kB (9798 bytes)
Hash
3aadfe9b58511947566dbb0d5cba67e5
d9a4649b050c4c3de90a34e4ff81bfed1811819c
44e238924965bff24df295a092991086037f9a61326f5ecd460029eb045a2449

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/Caesars-sportsbook-silver-medal-1024x171.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:16:29 GMT
ETag: "2646-5ff3064404540"
Accept-Ranges: bytes
Content-Length: 9798
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/06/Bet365-1200x200-bronze-medal-1024x171.webp

167.71.81.63

200 OK

6.8 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/Bet365-1200x200-bronze-medal-1024x171.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x171, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.8 kB (6760 bytes)
Hash
02317a31708ae657104f9e7bd3a427a4
8cf65308f7b614f585b9d2fbb5fd6695912939cc
3ab8d09b11e8b4d41f86b0db5e9cbf809b35f913bce11988e69e5d884708510a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/Bet365-1200x200-bronze-medal-1024x171.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:16:29 GMT
ETag: "1a68-5ff3064404540"
Accept-Ranges: bytes
Content-Length: 6760
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/webp

region1.analytics.google.com/g/collect?v=2&tid=G-K0VX0N7KWX&gtm=45je4580v9106052545za200&_p=1715346884945&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=634407881.1715346885&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715346885&sct=1&seg=0&dl=https%3A%2F%2Fats.io%2F&dt=ATS%20Sports%20Picks%2C%20Predictions%20%26%20Best%20Bets%20-%20ATS.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2704

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-K0VX0N7KWX&gtm=45je4580v9106052545za200&_p=1715346884945&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=634407881.1715346885&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715346885&sct=1&seg=0&dl=https%3A%2F%2Fats.io%2F&dt=ATS%20Sports%20Picks%2C%20Predictions%20%26%20Best%20Bets%20-%20ATS.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2704
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://ats.io/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-K0VX0N7KWX&gtm=45je4580v9106052545za200&_p=1715346884945&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=634407881.1715346885&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715346885&sct=1&seg=0&dl=https%3A%2F%2Fats.io%2F&dt=ATS%20Sports%20Picks%2C%20Predictions%20%26%20Best%20Bets%20-%20ATS.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2704 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ats.io
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://ats.io
date: Fri, 10 May 2024 13:14:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ats.io/?fd-action=get-logo&sport=mlb&team=cle&w=18

167.71.81.63

200 OK

794 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=cle&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
794 B (794 bytes)
Hash
ea60e72b57a31ee63c436fa94fbe249b
dbcb71f3ccdc7422303ec62704c645139ccee5be
cfc37775061254b1f59428f443f2e8489426b4d7c1d9f13c1a77e1a8bea6c75e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=cle&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 794
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=nym&w=18

167.71.81.63

200 OK

818 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=nym&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
818 B (818 bytes)
Hash
edcea1e26c702f655706a35752cea810
9039ae4bee677ac68a150bfb226be77cfd70aacf
d0ef58e8f5a89611a2a0ffb48d8f7e0d453738f9176383eceafefaa5ab8c3116

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=nym&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 818
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=chw&w=18

167.71.81.63

200 OK

803 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=chw&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
803 B (803 bytes)
Hash
980215599a1c8d5310a191bd5389de5e
f798fc607adf5af46810f3bbd036df58c56bc172
f96036000318095452ca4b32874209af730569eb6d9b25c076719c342ea4da8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=chw&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:45 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 803
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=stl&w=18

167.71.81.63

200 OK

791 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=stl&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
791 B (791 bytes)
Hash
c44e20efbd649339dc89fd9cc6e87465
3c99a5c5c3e67d888513f59e419fb63630837370
0d424d915fd8974aa75a09348055894cfe691446bbbdf86d97ff1560a8e657a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=stl&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 791
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=mil&w=18

167.71.81.63

200 OK

812 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=mil&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
812 B (812 bytes)
Hash
ef446d74bd41299a904ba97be55a054b
ab9ab30074eb34959751fb591bdf62d0f964c915
4f1e921735b960e21e96eb5d864c34146196fb8547225428d70b0937e6a517c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=mil&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 812
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=tex&w=18

167.71.81.63

200 OK

486 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=tex&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
486 B (486 bytes)
Hash
14d25f50cb2f15144bd95a4515101a69
18b63630f82f2f2f7c37c8b1be8535522da4eed5
3ed731e0fe9ad00fa1b48688236858c6c7c65d80bbc0b8855c8e40e1978aac47

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=tex&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 486
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=col&w=18

167.71.81.63

200 OK

564 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=col&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
564 B (564 bytes)
Hash
809c87cf3a6bf734f09ca8ca52d89b83
ca914755866552fcf6fb359d1bbf3872b3620538
1e96a69cc8112da6449c9ceaebfb4dbcaf7121754f8893b6bda8f604ba229dfa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=col&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 564
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=kc&w=18

167.71.81.63

200 OK

711 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=kc&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
711 B (711 bytes)
Hash
218487f3f3332a2d80bec7c79087bf40
3368e88acc343839bb1f32830e19f634f2e2d6a4
d5ec6426d17c76339ef22499288f4983668e65f2e10f88972939cd2d777247a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=kc&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 711
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=laa&w=18

167.71.81.63

200 OK

584 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=laa&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
584 B (584 bytes)
Hash
44ccb8fdbc68adbe28a51b88bca9b77f
a52e5a430d47dacb99ed086276aebcc14137e333
3c1ff10837e3fe3cd0d5b21d846f4af5dfb696106edc29f1f54b52302faaa364

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=laa&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 584
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=sea&w=18

167.71.81.63

200 OK

729 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=sea&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
729 B (729 bytes)
Hash
e17113d2f9b89e2ca8ff52600f3187c4
86337125eb6f13c4c6378232cf4a0bbc2fe8dcca
aa397194ec832449637134a35e77988ba9442a5282a423336df4171be88a48fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=sea&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 729
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=oak&w=18

167.71.81.63

200 OK

728 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=oak&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
728 B (728 bytes)
Hash
9aa64264fd5607c1d14f684a4c365a82
1eb05db4081fc7e689d1585cc7b73a212c986660
a56cf21a59004b77c0e5f41c058d5b5f9c12c4067e5756c849ed4e372e46d975

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=oak&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 728
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=lad&w=18

167.71.81.63

200 OK

556 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=lad&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
556 B (556 bytes)
Hash
ed90c5d0dc26fc276a8c7e2a2f2825a8
c66398914866f78758017870cc9ee910c56f45de
7992f52afe5d36aceef269bb54ef9ed86a048a0676a7c5dadca0a33926f7f36b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=lad&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 556
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=sd&w=18

167.71.81.63

200 OK

567 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=sd&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
567 B (567 bytes)
Hash
c527e9f2e65a5954074b8c7ee861decc
e6b4e2730ad281409c993a1b5d5c3579b76b2750
ff564ffd5059556879f204af50d0a3267918b9257d1a83c4954ab4cb30922929

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=sd&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 567
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=cin&w=18

167.71.81.63

200 OK

582 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=cin&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
582 B (582 bytes)
Hash
8ef461c9e6faa7b142c027387a419b0b
78acf05f6834025c6eaf296af7ba8b77689a6f69
a4442ddc7c3cc16b50343b020ae8c73636799ba6ae25cbe5566a77eff0f850e4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=cin&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 582
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=nba&team=ind&w=18

167.71.81.63

200 OK

653 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=nba&team=ind&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
653 B (653 bytes)
Hash
f41aa07c2821b86d46a573067552c865
38dabb059fff5e7eb959a80b370c44f61b6a4690
26a6a9b3945ef117619666dfc9edff13ca22959b649eab1e22e9d38f16c7e95b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=nba&team=ind&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 653
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=mlb&team=sf&w=18

167.71.81.63

200 OK

727 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=sf&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
727 B (727 bytes)
Hash
ba03220e51be2793cb3c619baa929041
2f9f87b9bcb0b5c3507eecb535b0198a4610520c
a4e01f17a452ec898eccf36a086dd43b82309b20411928100cbac9b6982cb0f9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=sf&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 727
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=nba&team=ny&w=18

167.71.81.63

200 OK

702 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=nba&team=ny&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
702 B (702 bytes)
Hash
0403cf5ab00e68afc643adbc658b2e68
9cc188fa48d479b40baa4043e81d6daf485cdd6f
40fb4aafbb19202e13f5ccbc60632272a00f10c7f03cc29d6ab8cfbc2d15443b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=nba&team=ny&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 702
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=nba&team=den&w=18

167.71.81.63

200 OK

870 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=nba&team=den&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
870 B (870 bytes)
Hash
15a7f5c350a011751405496b10e1512e
b7db89d1142bc71db3a0ff86d9fe4acfe8d7b439
d240b032c93dc613f45165dac0d585341709fe6621798b1b2f3f0d8b64b92cf6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=nba&team=den&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 870
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/uploads/2023/06/Wow-vegas-casino-gold-medal-1024x171.webp

167.71.81.63

200 OK

7.6 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/Wow-vegas-casino-gold-medal-1024x171.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x171, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.6 kB (7628 bytes)
Hash
e02b677373907fee09fcdb7527fd48a7
92ecd169a41d280e7a696fcb1d78355d1f65f3e1
528bb687de111a808df5c251d4b9a70120706d2bba391b462035b7ea8229d69a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/Wow-vegas-casino-gold-medal-1024x171.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:16:17 GMT
ETag: "1dcc-5ff3063892a40"
Accept-Ranges: bytes
Content-Length: 7628
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/webp

ats.io/?fd-action=get-logo&sport=nba&team=min&w=18

167.71.81.63

200 OK

779 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=nba&team=min&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
779 B (779 bytes)
Hash
6994ea94274af7127ee3bad58b899ae7
84acc8b89709d9f5923665f140d78ac2507f9f9a
d25460bc798764fd999f94637c37191d61c8f29669b0bad8bb78838da68a2468

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=nba&team=min&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 779
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=nhl&team=fla&w=18

167.71.81.63

200 OK

876 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=nhl&team=fla&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
876 B (876 bytes)
Hash
09780366fb20ef25f820993eb6b6ce29
dad73af092f92cd16836a2ac17ffe49a3d98473e
9e5fd617f1a74e69260a01e047005f72d368abd130ff2b30d2e1b5f5d88dc6d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=nhl&team=fla&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 876
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/uploads/2023/06/Stake.us-silver-medal-1024x171.webp

167.71.81.63

200 OK

6.4 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/Stake.us-silver-medal-1024x171.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x171, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.4 kB (6352 bytes)
Hash
eaf93e6bc7853b8898381e942f455d8d
c82962f4993a39bfc962601401d282b8aee4fa65
d8d3e3a8050c7323cba219faad86efed02b564a574a84df0d3bc81e0d5caac8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/Stake.us-silver-medal-1024x171.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:16:18 GMT
ETag: "18d0-5ff3063986c80"
Accept-Ranges: bytes
Content-Length: 6352
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/06/Pulsz-Casino-bronze-medal-1024x171.webp

167.71.81.63

200 OK

5.2 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/Pulsz-Casino-bronze-medal-1024x171.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x171, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.2 kB (5158 bytes)
Hash
663a1f132523f6c7bb1f642678b1b670
b6530a3810b34a5cfaf1d0250d7a73a6a6ba6e0d
e4cbd593189dcd2d7ebfca8c1a2f20648d747d9e7d45977ae9cd65a41c110e66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/Pulsz-Casino-bronze-medal-1024x171.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:16:20 GMT
ETag: "1426-5ff3063b6f100"
Accept-Ranges: bytes
Content-Length: 5158
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/webp

ats.io/?fd-action=get-logo&sport=nhl&team=bos&w=18

167.71.81.63

200 OK

687 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=nhl&team=bos&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
687 B (687 bytes)
Hash
90295a99a4d2d368147ea1e902effacd
a63633ae5f5699dbcdac403df5d011c09691794b
9ba320e52d9bf049c24e4f3d7e3d91b5f76b446bd80bd57a3c5475e2ca01be7f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=nhl&team=bos&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 687
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/uploads/2023/06/Caesars-Casino-gold-medal-1024x171.webp

167.71.81.63

200 OK

8.6 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/Caesars-Casino-gold-medal-1024x171.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x171, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.6 kB (8628 bytes)
Hash
b0f79d859b3e0e48c4154b7ac0c3e370
806479d919fd7096ec9dfd4915402b64ad4787f5
a713aa2b411d1c0ca5c4852309c76559083ff2071ec9474bb4ee1e5dbc81c01b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/Caesars-Casino-gold-medal-1024x171.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:16:23 GMT
ETag: "21b4-5ff3063e4b7c0"
Accept-Ranges: bytes
Content-Length: 8628
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/webp

ats.io/?fd-action=get-logo&sport=nhl&team=edm&w=18

167.71.81.63

200 OK

838 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=nhl&team=edm&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
838 B (838 bytes)
Hash
67d4ffc767b18e9e0181d191fd696d8f
ea8067217b910473a6a3f2c39a1761ae068ebd2c
37ff96c7c9f7b239240053bce64f129d2ad89ba44e6d2984aa855ed347e499ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=nhl&team=edm&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 838
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png

ats.io/?fd-action=get-logo&sport=nhl&team=van&w=18

167.71.81.63

200 OK

819 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=nhl&team=van&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
819 B (819 bytes)
Hash
b05f66537cd6cd4f68b4d8fc5ad8051a
7fb5da09eb6d6663791bce9dfd7756cb8ac7990e
4594e3e5061f553d731602d99a85d0e6f2a216649f8a1bf78e8b657ddaa6fe5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=nhl&team=van&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:46 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 819
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/uploads/2023/06/Betmgm-Casino-Silver-medal-1024x171.webp

167.71.81.63

200 OK

7.0 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/Betmgm-Casino-Silver-medal-1024x171.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x171, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.0 kB (7028 bytes)
Hash
8a43b56ffb4f3e9824561235ec46f491
b4cdac5bf28f911fa4f11f34b10837ee0272cda3
ed61b33c88012897039116c415127ce1ddfa1badd4d9efbf10f9e9b52ea6c572

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/Betmgm-Casino-Silver-medal-1024x171.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:16:24 GMT
ETag: "1b74-5ff3063f3fa00"
Accept-Ranges: bytes
Content-Length: 7028
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/12/Draftkings-casino-1-1024x171.png

167.71.81.63

200 OK

13 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/12/Draftkings-casino-1-1024x171.png
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
13 kB (13184 bytes)
Hash
c8f354dad18a985e2e26e13d2590ec92
c10512c97437325d3b107df5bbc0d6f647d95ba5
55059ee8e60fe2658c75fdc11f96de446bce256327a81aed84d57921201338ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/12/Draftkings-casino-1-1024x171.png HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept
Last-Modified: Sat, 30 Dec 2023 16:26:32 GMT
ETag: "3380-60dbc9c909e00"
Accept-Ranges: bytes
Content-Length: 13184
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/09/parlay-plus-logo-1024x171.webp

167.71.81.63

200 OK

7.8 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/09/parlay-plus-logo-1024x171.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x171, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.8 kB (7840 bytes)
Hash
b37be6170da88f6c6df09c8ec1814c73
0ae7220afdefab96bc2253a54ef9653bf7dc79b0
58db6b64030d33ae8e58139465323332a0d84127dfe502aa9a1c9c6a22a1ab66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/09/parlay-plus-logo-1024x171.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 26 Sep 2023 10:43:45 GMT
ETag: "1ea0-60640bfc07a40"
Accept-Ranges: bytes
Content-Length: 7840
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/09/ownersbox-dfs-logo-1024x171.webp

167.71.81.63

200 OK

6.7 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/09/ownersbox-dfs-logo-1024x171.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x171, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.7 kB (6678 bytes)
Hash
88d4c9762eaa125ad150b3de3862c397
54efedd6310e305795db865a88035e842dc4c8ac
355e35da6f17cb14e1c8e680761bd4345083f51462ed4a016e53204cb1a1c924

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/09/ownersbox-dfs-logo-1024x171.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 26 Sep 2023 10:43:55 GMT
ETag: "1a16-60640c05910c0"
Accept-Ranges: bytes
Content-Length: 6678
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/09/Underdog-fantasy-dfs-1024x171.webp

167.71.81.63

200 OK

7.2 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/09/Underdog-fantasy-dfs-1024x171.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x171, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.2 kB (7154 bytes)
Hash
a85880521b532c8cc4d28f37fc814d75
ce0ca9889463e5bc8a54dacfbd38d3c6b2c840be
c4ba3b648116aa25a18757086910636b8c2e0b3a642694d24cb32723f97aee38

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/09/Underdog-fantasy-dfs-1024x171.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 26 Sep 2023 10:44:03 GMT
ETag: "1bf2-60640c0d322c0"
Accept-Ranges: bytes
Content-Length: 7154
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/06/MLB-Best-Bets-Today-257x90.webp

167.71.81.63

200 OK

6.1 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/MLB-Best-Bets-Today-257x90.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 257x90, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.1 kB (6144 bytes)
Hash
2f26a6747756e4769d097d6a76a795d6
46e66bf61b72b66696eab56f85517fb1effc7e41
5d897063666ae7b0e6c896244e8fd9a3055279b3c2f907d1d0f0c432cab5bff1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/MLB-Best-Bets-Today-257x90.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:25:20 GMT
ETag: "1800-5ff3083e6b000"
Accept-Ranges: bytes
Content-Length: 6144
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/06/MLB-NRFI-Bets-257x90.webp

167.71.81.63

200 OK

4.4 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/MLB-NRFI-Bets-257x90.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 257x90, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.4 kB (4424 bytes)
Hash
fe1cd66cab5d103526002a15b2f12ab0
63b81a6dad3282ce1b9b6467db2a8f2ca6c9f5db
d89b33a19ed64d982c4b8afe21ee81e58b825233f3b80c03c9360f0e32e8ef13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/MLB-NRFI-Bets-257x90.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:20:09 GMT
ETag: "1148-5ff30715d3440"
Accept-Ranges: bytes
Content-Length: 4424
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/06/mlb-parlay-of-the-day-257x90.webp

167.71.81.63

200 OK

5.8 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/mlb-parlay-of-the-day-257x90.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 257x90, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.8 kB (5772 bytes)
Hash
3e00ae6480291b3cf32fc2e98f27d9d7
0565d5b61842f749d7e05ba2ec122a8028d99ad7
95385f58792131053324f1b322dc9c04d2658344096c39343afedb6f5948227f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/mlb-parlay-of-the-day-257x90.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:24:48 GMT
ETag: "168c-5ff3081fe6800"
Accept-Ranges: bytes
Content-Length: 5772
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/06/nhl-best-bets-257x90.webp

167.71.81.63

200 OK

6.0 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/nhl-best-bets-257x90.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 257x90, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.0 kB (6004 bytes)
Hash
e09ff551843dbca732bf36e9837ce3ab
08b15250cc7731c72996c0be4abb4789c36a1955
2b568917f36e13925c1556abf53d011ebf377542a90987dc86389be59baa75fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/nhl-best-bets-257x90.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:24:42 GMT
ETag: "1774-5ff3081a2da80"
Accept-Ranges: bytes
Content-Length: 6004
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/06/nba-best-bets-257x90.webp

167.71.81.63

200 OK

6.3 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/nba-best-bets-257x90.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 257x90, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.3 kB (6284 bytes)
Hash
6b568c68fa8cc9d05c3ed5ff25be8d7d
8c3fdf33038c92ba152ffaa4e65ff95b25030d99
99db6c6dbf346bf0bb85f6afa33e9b4a7deedf8dcb45ae493a59700c709991e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/nba-best-bets-257x90.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:24:47 GMT
ETag: "188c-5ff3081ef25c0"
Accept-Ranges: bytes
Content-Length: 6284
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/06/nba-props-257x90.webp

167.71.81.63

200 OK

6.2 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/nba-props-257x90.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 257x90, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.2 kB (6156 bytes)
Hash
19deead36f17df953af3464f23a48bc6
cf5e2940faae5b3e321af6840fd8ea67c2293db7
11f3458e253ff3e3f45b2a0ecbd02250c1766fe3f6de12142fe24720d4a6a4ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/nba-props-257x90.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:24:43 GMT
ETag: "180c-5ff3081b21cc0"
Accept-Ranges: bytes
Content-Length: 6156
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/06/nba-first-baskets-257x90.webp

167.71.81.63

200 OK

7.6 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/nba-first-baskets-257x90.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 257x90, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.6 kB (7552 bytes)
Hash
c041564140db382ce56eeda60d456cf8
e2f0c4c93d067ece921df7591181d53649cf748d
d20bfa097aa9b75a4afd2879a83b406cd4c2803c98dd61aebbec808b33296b92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/nba-first-baskets-257x90.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:24:46 GMT
ETag: "1d80-5ff3081dfe380"
Accept-Ranges: bytes
Content-Length: 7552
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/webp

ats.io/?fd-action=get-logo&sport=mlb&team=min&w=18

167.71.81.63

200 OK

827 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=min&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
827 B (827 bytes)
Hash
90b44d2346424b6b3b919d075e788be5
4fdfa5b973ff803acd2f5ecc0bf754deb78be86a
1bd4cec8bbb8a8da4df25979afc89ca5b081d73579ac5288e1d6ca39d3b7cfb2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=min&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 827
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/uploads/2023/06/nba-parlay-of-the-day-257x90.webp

167.71.81.63

200 OK

6.8 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/nba-parlay-of-the-day-257x90.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 257x90, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.8 kB (6796 bytes)
Hash
e187c3ec5323b81c6f606f456fbe9b17
bc191851610665c21a873b65d0eb0e065d39e7a3
4e5014853ae451d4337c0f22cf07a4340f95bb15d5fdcf01003ff367b8218d3e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/nba-parlay-of-the-day-257x90.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:24:44 GMT
ETag: "1a8c-5ff3081c15f00"
Accept-Ranges: bytes
Content-Length: 6796
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/03/Bet365-Bet-Get-Promo-570x198.webp

167.71.81.63

200 OK

17 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/03/Bet365-Bet-Get-Promo-570x198.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 570x198, Scaling: [none]x[none], YUV color, decoders should clamp
Size
17 kB (17286 bytes)
Hash
c6cacdf30d8657c8a550a517e789a584
7907b9b67c36553eb996cc976f75e84dffc8e98e
e7d548d23e4fe2276ad3dacc656fd8c65a114ad87f01fb3bafeebb2f87611139

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/03/Bet365-Bet-Get-Promo-570x198.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:15:33 GMT
ETag: "4386-5ff3060e9c740"
Accept-Ranges: bytes
Content-Length: 17286
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/09/Caesars-Palace-casino-no-deposit-bonus-570x198.webp

167.71.81.63

200 OK

20 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/09/Caesars-Palace-casino-no-deposit-bonus-570x198.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 570x198, Scaling: [none]x[none], YUV color, decoders should clamp
Size
20 kB (19732 bytes)
Hash
94fa9ba7f187f7bb28a51359f631e02f
bd7ea192c9128e1cb3939bc1bbda23e8982a9fbf
148231ceb63c26b0fab4e1b587e29f09b60d61208115fc86f1983a40541ce85a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/09/Caesars-Palace-casino-no-deposit-bonus-570x198.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 25 Sep 2023 14:32:52 GMT
ETag: "4d14-6062fd54bad00"
Accept-Ranges: bytes
Content-Length: 19732
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/webp

ats.io/?fd-action=get-logo&sport=mlb&team=tor&w=18

167.71.81.63

200 OK

554 B

URL GET HTTP/1.1
ats.io/?fd-action=get-logo&sport=mlb&team=tor&w=18
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced
Size
554 B (554 bytes)
Hash
c860baa6c5b641a984c619ba466f8255
e2f4d84159813d81819e5b6861997bb75ac8f897
51dbf7890cca4300de98caa6ef72478c2712e39f0c52492e7f2341101de857d7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fd-action=get-logo&sport=mlb&team=tor&w=18 HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 554
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png

ats.io/wp-content/uploads/2023/06/BetMGM-Casino-No-Deposit-Bonus-570x198.webp

167.71.81.63

200 OK

18 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/06/BetMGM-Casino-No-Deposit-Bonus-570x198.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 570x198, Scaling: [none]x[none], YUV color, decoders should clamp
Size
18 kB (17848 bytes)
Hash
95aaf349899c177620f51ef754d84984
56688d88b6ca91aa0b7c00f4ec1f42d5f8443bcb
18377473ff0ed241f811cae61e2689200ff40b04b299237fe01fc3d3abf862ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/BetMGM-Casino-No-Deposit-Bonus-570x198.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:15:27 GMT
ETag: "45b8-5ff30608e39c0"
Accept-Ranges: bytes
Content-Length: 17848
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/themes/ats-reskin/images/social-media-facebook.svg

167.71.81.63

200 OK

548 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/images/social-media-facebook.svg
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
SVG Scalable Vector Graphics image
Size
548 B (548 bytes)
Hash
bcc69a3f2d5f52d200004dfd28b13f25
b34b334e3b1cb7b94aed690447fba888a3b55e31
45cd58a13f8c79a1cca93484630eceeb93fa63636703a8460bb32a8a2d885975

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/images/social-media-facebook.svg HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/wp-content/themes/ats-reskin/css/reskin_global.css
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "224-617c950fb6883"
Accept-Ranges: bytes
Content-Length: 548
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/svg+xml

ats.io/wp-content/themes/ats-reskin/images/social-media-instagram.svg

167.71.81.63

200 OK

1.8 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/images/social-media-instagram.svg
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1770 bytes)
Hash
a3e4f7b0c7d4d7b319c411000b004040
7d2395b37a0ac68e25815fcc9a3b4ebb57410628
cd5032e2e38a620af356fd9c8f2a00687083fb6e0a1248535a0993330fd59f26

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/images/social-media-instagram.svg HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/wp-content/themes/ats-reskin/css/reskin_global.css
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "6ea-617c950fb6883"
Accept-Ranges: bytes
Content-Length: 1770
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/svg+xml

ats.io/wp-content/themes/ats-reskin/images/social-media-tiktok.svg

167.71.81.63

200 OK

634 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/images/social-media-tiktok.svg
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
SVG Scalable Vector Graphics image
Size
634 B (634 bytes)
Hash
62f8f16e4f509fc0de2013d7d9b4530c
145a233d6d49498d9b6e3388271afc1171e34e74
1a70484e0ae18dc81734014b66a0639e6bab2399b7ea812d6366452e02aadfa0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/images/social-media-tiktok.svg HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/wp-content/themes/ats-reskin/css/reskin_global.css
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "27a-617c950fb6883"
Accept-Ranges: bytes
Content-Length: 634
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/svg+xml

ats.io/wp-content/themes/ats-reskin/images/social-media-x.svg

167.71.81.63

200 OK

557 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/images/social-media-x.svg
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
SVG Scalable Vector Graphics image
Size
557 B (557 bytes)
Hash
6886db579c4a281aea351ea8d3108b37
a399b53bcffe50ef0121907cdbc20abb5287ce23
4604322d602189ae86011dc80a53c9ec0c10c6ff90ea94eef0d86e3150fbe6fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/images/social-media-x.svg HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/wp-content/themes/ats-reskin/css/reskin_global.css
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "22d-617c950fb6883"
Accept-Ranges: bytes
Content-Length: 557
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/svg+xml

ats.io/wp-content/themes/ats-reskin/images/social-media-youtube.svg

167.71.81.63

200 OK

717 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/images/social-media-youtube.svg
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
SVG Scalable Vector Graphics image
Size
717 B (717 bytes)
Hash
7787c9fa6f142c5bbb344d353c3f1053
c525ca3270bb7b8bb1cb4c6a8aa9dd90fc6efc16
713db4306fd7791599e1d33f4f2a3c5930fb8289083dc68d8280d9f0e46c9f0d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/images/social-media-youtube.svg HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/wp-content/themes/ats-reskin/css/reskin_global.css
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "2cd-617c950fb6883"
Accept-Ranges: bytes
Content-Length: 717
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/svg+xml

ats.io/wp-content/themes/ats-reskin/images/social-media-threads.svg

167.71.81.63

200 OK

2.1 kB

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/images/social-media-threads.svg
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
SVG Scalable Vector Graphics image
Size
2.1 kB (2095 bytes)
Hash
9b30371248717f133e13490620afba64
68f7b0a48a50bc631b1f4073f853fa40364cbc08
d197dcd825e429212fc54944ea8a204512244357c97f12fed89f45ce4d4c1903

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/images/social-media-threads.svg HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/wp-content/themes/ats-reskin/css/reskin_global.css
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "82f-617c950fb6883"
Accept-Ranges: bytes
Content-Length: 2095
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/svg+xml

a.omappapi.com/app/js/4.d8754c5b.min.js

194.242.11.186

200 OK

15 kB

URL GET HTTP/2
a.omappapi.com/app/js/4.d8754c5b.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (49194)
Size
15 kB (15191 bytes)
Hash
4e296a8509946bf75c3f1f6c87b09116
43ff933f8c5f6310729dc3c17491e20494b125d4
0419af108684c7be468d5b2e8813d0f8c6a8dfe6e903f321fb5fb94b538f3f41

HTTP Headers

GET /app/js/4.d8754c5b.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:45 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"661cddb4-c05a"
last-modified: Mon, 15 Apr 2024 07:56:36 GMT
cdn-storageserver: SE-582
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: e63a13d7df5419246c174046003820e0
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K0VX0N7KWX&cid=634407881.1715346885&gtm=45je4580v9106052545za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=195061498

142.250.74.131

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K0VX0N7KWX&cid=634407881.1715346885&gtm=45je4580v9106052545za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=195061498
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ats.io/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97
ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K0VX0N7KWX&cid=634407881.1715346885&gtm=45je4580v9106052545za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=195061498 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 10 May 2024 13:14:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ats.io/wp-content/uploads/2023/05/favicon-1.png

167.71.81.63

200 OK

422 B

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/05/favicon-1.png
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
422 B (422 bytes)
Hash
5eb41dc5edc3a2e0f87efcf2a852f040
6b0cc68b3def5edbeda5b1c0333f2e0d08fc204f
d729cbdb2acb2f87c1a0098e42fd14b69b9204268df8364e75ff364ea9aa42ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/05/favicon-1.png HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept
Last-Modified: Wed, 31 May 2023 03:42:55 GMT
ETag: "1a6-5fcf51d75cdc0"
Accept-Ranges: bytes
Content-Length: 422
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/05/favicon-1.png

167.71.81.63

200 OK

422 B

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/05/favicon-1.png
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
422 B (422 bytes)
Hash
5eb41dc5edc3a2e0f87efcf2a852f040
6b0cc68b3def5edbeda5b1c0333f2e0d08fc204f
d729cbdb2acb2f87c1a0098e42fd14b69b9204268df8364e75ff364ea9aa42ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/05/favicon-1.png HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept
Last-Modified: Wed, 31 May 2023 03:42:55 GMT
ETag: "1a6-5fcf51d75cdc0"
Accept-Ranges: bytes
Content-Length: 422
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/03/Caesars-First-Bet-on-Caesar-Promo-570x198.webp

167.71.81.63

200 OK

22 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/03/Caesars-First-Bet-on-Caesar-Promo-570x198.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 570x198, Scaling: [none]x[none], YUV color, decoders should clamp
Size
22 kB (21466 bytes)
Hash
bfb254b3f17785237997a90fec6368da
68d78708faaacea3f9a7e5a7c31ed39f8293e65b
a4ea50353997cb2ebbcbecd8d58b58242488352346b13e43dec97d428a2adfc3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/03/Caesars-First-Bet-on-Caesar-Promo-570x198.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:15:31 GMT
ETag: "53da-5ff3060cb42c0"
Accept-Ranges: bytes
Content-Length: 21466
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/08/stake-us-no-deposit-bonus-570x198.webp

167.71.81.63

200 OK

22 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/08/stake-us-no-deposit-bonus-570x198.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 570x198, Scaling: [none]x[none], YUV color, decoders should clamp
Size
22 kB (21754 bytes)
Hash
9b2c8e570cc4839156b10b9d1dfa6e37
e95cb93328a16543413630cee61c197a5463f763
ff2c877d7327944e716973db84ca2b531fe6eded4a355e4eb74b50aad62df771

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/08/stake-us-no-deposit-bonus-570x198.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 21 Aug 2023 14:45:34 GMT
ETag: "54fa-6036fee44bf80"
Accept-Ranges: bytes
Content-Length: 21754
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/webp

ats.io/wp-content/uploads/2023/03/DraftKings-Bet-Get-Promo-570x198.webp

167.71.81.63

200 OK

20 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/03/DraftKings-Bet-Get-Promo-570x198.webp
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 570x198, Scaling: [none]x[none], YUV color, decoders should clamp
Size
20 kB (20022 bytes)
Hash
d23386c9aedbd415b019fb18ab1e1872
e80ef32afcf10e33257cd41f86114dfe0877d4d8
076ea4666a5367cee8a86a0cd16d2f95c8169d1aa5cb8624b1c094770c057f4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/03/DraftKings-Bet-Get-Promo-570x198.webp HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 28 Jun 2023 13:15:30 GMT
ETag: "4e36-5ff3060bc0080"
Accept-Ranges: bytes
Content-Length: 20022
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/webp

a.omappapi.com/app/js/16.f8b2cea4.min.js

194.242.11.186

200 OK

36 kB

URL GET HTTP/2
a.omappapi.com/app/js/16.f8b2cea4.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (1264)
Size
36 kB (35669 bytes)
Hash
9eb031009c9fe89225eec208d6bd89e2
2aee95835dee95b0cfffebb26cfad4d8ffa27284
a6117ff5cc0820717586d0f2ca8695cad42bf4194bcd64bcfb089c868dd9f292

HTTP Headers

GET /app/js/16.f8b2cea4.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65f08c8b-51f"
last-modified: Tue, 12 Mar 2024 17:10:35 GMT
cdn-storageserver: SE-583
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: bc18eb151453d760ebe814f8b8fc0f37
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

to.getnitropack.com/ub

172.64.150.163

200 OK

20 B

URL POST HTTP/2
to.getnitropack.com/ub
IP
172.64.150.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ats.io/
Certificate
IssuerCloudflare, Inc.
Subjectgetnitropack.com
Fingerprint89:57:01:C8:ED:F6:B9:A1:87:A4:CD:61:26:BC:50:B8:92:DA:D3:03
ValiditySat, 13 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
c23d32bc84330ad96c990858c2eb1235
3e5b07d19cb12ba27e5777030db284a0abe5209e
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4

HTTP Headers

POST /ub HTTP/1.1
Host: to.getnitropack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 338
Origin: https://ats.io
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:47 GMT
content-type: text/plain; charset=utf-8
content-length: 20
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 881a31c0ebbbb50c-OSL
X-Firefox-Spdy: h2

ats.io/wp-content/themes/ats-reskin/images/home/states/Arizona.svg

167.71.81.63

200 OK

658 B

URL GET HTTP/1.1
ats.io/wp-content/themes/ats-reskin/images/home/states/Arizona.svg
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
SVG Scalable Vector Graphics image
Size
658 B (658 bytes)
Hash
14bb27247014771a80e116ab0917d987
ccdd70b00aa2356d705aa428791e87f60e7e73e7
9c481d5429cfc061e6208ac766d97a56b42177e70d401911b5e3146524763c8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ats-reskin/images/home/states/Arizona.svg HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 06 May 2024 13:47:54 GMT
ETag: "292-617c950f85b42"
Accept-Ranges: bytes
Content-Length: 658
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: image/svg+xml

a.omappapi.com/app/js/5.ad5ae419.min.js

194.242.11.186

200 OK

10 kB

URL GET HTTP/2
a.omappapi.com/app/js/5.ad5ae419.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (16730)
Size
10 kB (10179 bytes)
Hash
3f585aa58b9495b3807256e46d072aea
b65631e1fbe4b6a76cbcac88e196bc314eded80c
5fd85023d4b7e68daa580930db825421c34ce8a005748eca44c2396922b2402e

HTTP Headers

GET /app/js/5.ad5ae419.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:45 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65f08f03-418b"
last-modified: Tue, 12 Mar 2024 17:21:07 GMT
cdn-storageserver: SE-583
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:21
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d40b2bdf89fda294bf42047e30ac1fce
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

to.getnitropack.com/ux

172.64.150.163

200 OK

20 B

URL POST HTTP/2
to.getnitropack.com/ux
IP
172.64.150.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ats.io/
Certificate
IssuerCloudflare, Inc.
Subjectgetnitropack.com
Fingerprint89:57:01:C8:ED:F6:B9:A1:87:A4:CD:61:26:BC:50:B8:92:DA:D3:03
ValiditySat, 13 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
c23d32bc84330ad96c990858c2eb1235
3e5b07d19cb12ba27e5777030db284a0abe5209e
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4

HTTP Headers

POST /ux HTTP/1.1
Host: to.getnitropack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1714
Origin: https://ats.io
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:53 GMT
content-type: text/plain; charset=utf-8
content-length: 20
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 881a31e62eb7b50c-OSL
X-Firefox-Spdy: h2

ats.io/sportsbook-promos/bet365-promo-code/107478/

167.71.81.63

200 OK

8.1 kB

URL GET HTTP/1.1
ats.io/sportsbook-promos/bet365-promo-code/107478/
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
gzip compressed data, from Unix
Size
8.1 kB (8126 bytes)
Hash
8ef004c09131fce324b7645ebf46b3d5
1f553a4112af61821f531b70215accaccc5dbf00
786334e377f2d7a32d64f3740c17c5caf4485454b73e544db09af19f794c8b3a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sportsbook-promos/bet365-promo-code/107478/ HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:57 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
X-Nitro-Cache: HIT
X-Nitro-Cache-From: drop-in
vary: user-agent,Accept-Encoding
x-nitro-rev: df26af2
link: <https://cdn-ddanh.nitrocdn.com>; rel=preconnect, <https://ats.io/wp-json/>; rel="https://api.w.org/", <https://ats.io/wp-json/wp/v2/posts/107478>; rel="alternate"; type="application/json", <https://ats.io/?p=107478>; rel=shortlink
x-cache-ctime: 1715278262
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

to.getnitropack.com/ux

172.64.150.163

200 OK

20 B

URL POST HTTP/2
to.getnitropack.com/ux
IP
172.64.150.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ats.io/
Certificate
IssuerCloudflare, Inc.
Subjectgetnitropack.com
Fingerprint89:57:01:C8:ED:F6:B9:A1:87:A4:CD:61:26:BC:50:B8:92:DA:D3:03
ValiditySat, 13 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
c23d32bc84330ad96c990858c2eb1235
3e5b07d19cb12ba27e5777030db284a0abe5209e
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4

HTTP Headers

POST /ux HTTP/1.1
Host: to.getnitropack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1630
Origin: https://ats.io
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 13:15:03 GMT
content-type: text/plain; charset=utf-8
content-length: 20
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 881a3224991eb50c-OSL
X-Firefox-Spdy: h2

a.omappapi.com/app/js/32.b9065693.min.js

194.242.11.186

200 OK

11 kB

URL GET HTTP/2
a.omappapi.com/app/js/32.b9065693.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type

Size
11 kB (11329 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/js/32.b9065693.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65088832-2c41"
last-modified: Mon, 18 Sep 2023 17:26:10 GMT
cdn-storageserver: SE-583
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3c04db1e3d71c02af1b66ce0bc750358
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

a.omappapi.com/app/js/11.f24aae20.min.js

194.242.11.186

200 OK

2.6 kB

URL GET HTTP/2
a.omappapi.com/app/js/11.f24aae20.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (2717), with no line terminators
Size
2.6 kB (2624 bytes)
Hash
8efaddca43a361b2064be10f8dfe366c
5b1b91b529e1af4308fa41516ab68af2a06a4374
0f1093577234fd2ebadca5469bda48137712b56d37aae2d5c9d38e2f67e0e8f8

HTTP Headers

GET /app/js/11.f24aae20.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65f08abf-a40"
last-modified: Tue, 12 Mar 2024 17:02:55 GMT
cdn-storageserver: SE-582
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8553feb1db982378d618134110efb228
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

a.omappapi.com/app/js/19.b4e5b44b.min.js

194.242.11.186

200 OK

4.3 kB

URL GET HTTP/2
a.omappapi.com/app/js/19.b4e5b44b.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (4362), with no line terminators
Size
4.3 kB (4272 bytes)
Hash
931683ac4ae3c3e7a749d2c16fed8669
60e6a816bc83d614cd658831ca508398e7b78539
631900ae8835dfc3e3e1b14f9ec8038ccc68d98697bcc2dbd671d60efcf77279

HTTP Headers

GET /app/js/19.b4e5b44b.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65f08aac-10b0"
last-modified: Tue, 12 Mar 2024 17:02:36 GMT
cdn-storageserver: SE-582
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5be39eaa9c521a55c471dbab68b4a30d
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

a.omappapi.com/app/js/1.b1faf420.min.js

194.242.11.186

200 OK

11 kB

URL GET HTTP/2
a.omappapi.com/app/js/1.b1faf420.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (11094)
Size
11 kB (11143 bytes)
Hash
1cb7e2d19c93b8b8fe259e58c02647f8
d13574d19e437e6029d00e5555f5f7ec10e93f46
8bea43a9ea37aa3cb1e00bdb138fb4d55b2f3b469914a3e6920b77d1eb114954

HTTP Headers

GET /app/js/1.b1faf420.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6620879a-2b87"
last-modified: Thu, 18 Apr 2024 02:38:18 GMT
cdn-storageserver: SE-582
cdn-requestpullsuccess: True
cdn-fileserver: 385
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ea04c3d1e337b3dddec6736ba5d5a2fe
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

a.omappapi.com/app/js/api.min.css

194.242.11.186

200 OK

9.8 kB

URL GET HTTP/2
a.omappapi.com/app/js/api.min.css
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
ASCII text, with very long lines (9802), with no line terminators
Size
9.8 kB (9796 bytes)
Hash
0860b4e110eb4822f875676289eab4e4
fb666dcffa9edf836120af4545166be86121b20c
33514e7c1452c8b71049e611f198de6e284e79405a585face7932a41946f7448

HTTP Headers

GET /app/js/api.min.css HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:45 GMT
content-type: text/css
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"662183d2-2644"
last-modified: Thu, 18 Apr 2024 20:34:26 GMT
cdn-storageserver: SE-582
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:21
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 47132f49ceb9bc964b23ecf713e6a02c
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ats.io/sportsbook-promos/caesars-sportsbook-risk-free-bet/96024/

167.71.81.63

200 OK

32 kB

URL GET HTTP/1.1
ats.io/sportsbook-promos/caesars-sportsbook-risk-free-bet/96024/
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
HTML document, ASCII text, with very long lines (32301), with no line terminators
Size
32 kB (32301 bytes)
Hash
970f5532c2aa7d82f1967c3388317889
4f18e808bdac9e6ca26b8e04cef5c5b5adf60e90
9b35a35312aa9e8201052c42eacc8805fc3e6e1c748fe443797aa230827b13a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sportsbook-promos/caesars-sportsbook-risk-free-bet/96024/ HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:58 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache
X-Nitro-Cache: HIT
X-Nitro-Cache-From: drop-in
vary: user-agent,Accept-Encoding
x-nitro-rev: df26af2
link: <https://cdn-ddanh.nitrocdn.com>; rel=preconnect, <https://ats.io/wp-json/>; rel="https://api.w.org/", <https://ats.io/wp-json/wp/v2/posts/96024>; rel="alternate"; type="application/json", <https://ats.io/?p=96024>; rel=shortlink
x-cache-ctime: 1715302484
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

a.omappapi.com/app/js/api.min.js

194.242.11.186

200 OK

52 kB

URL GET HTTP/2
a.omappapi.com/app/js/api.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (52320), with no line terminators
Size
52 kB (52320 bytes)
Hash
346c4463d12bd2609a4bdc9618431927
491755fcfa8b0692945c325585a2a86c11eca97c
99142e3048ff980fa6ac618f8f99305efdf4bd1afa17aa842ae535a59716936d

HTTP Headers

GET /app/js/api.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:45 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6620879b-cc60"
last-modified: Thu, 18 Apr 2024 02:38:19 GMT
cdn-storageserver: SE-583
cdn-requestpullsuccess: True
cdn-fileserver: 385
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: aba1904989a293f2d1121e77280253a4
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

api.omappapi.com/v2/embed/292963?d=ats.io

172.66.41.8

200 OK

41 kB

URL GET HTTP/2
api.omappapi.com/v2/embed/292963?d=ats.io
IP
172.66.41.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ats.io/
Certificate
IssuerGoogle Trust Services LLC
Subjectomappapi.com
Fingerprint73:15:DD:61:58:FC:DE:E1:9B:67:96:79:4F:81:BE:43:86:B1:15:1A
ValidityThu, 18 Apr 2024 16:45:24 GMT - Wed, 17 Jul 2024 16:45:23 GMT

File type
JSON text data
Size
41 kB (40552 bytes)
Hash
d952921ae0a85b7e631f94268e5b897f
7a2e8b03a5a34727386684353d3003dabba8dc49
0828fe04776ae3829234b7f5ca35654bc49c582ef5638654d35f3f028481a04e

HTTP Headers

GET /v2/embed/292963?d=ats.io HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ats.io
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:45 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Fri, 10 May 2024 13:14:45 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Wed, 24 Apr 2024 13:39:08 GMT
etag: W/"61a72399b9b977032681767dcc39148c"
x-optinmonster-account: 311119
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sl5Oj8THIPYgjE1l_1TkogJH4sDbtWgOQdeLkfW4Vn4BWZGOKjlkAQ==
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 881a31b30a06b4fd-OSL
X-Firefox-Spdy: h2

a.omappapi.com/app/js/28.b1a68bf1.min.js

194.242.11.186

200 OK

3.5 kB

URL GET HTTP/2
a.omappapi.com/app/js/28.b1a68bf1.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (3637), with no line terminators
Size
3.5 kB (3451 bytes)
Hash
46fdc1e2eac7f23705e84ebfafeff223
1fc7868ac808306e4cbf0f908bb713a099ce323c
ddc5cb8f8de79936ebd259f4de91280a7d7af7fe8a3390dc575ae596e60ac3fb

HTTP Headers

GET /app/js/28.b1a68bf1.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65f08c8b-d7b"
last-modified: Tue, 12 Mar 2024 17:10:35 GMT
cdn-storageserver: SE-582
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 503ec6a3dca956a376b65696cff1dc78
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

a.omappapi.com/app/js/20.41293cba.min.js

194.242.11.186

200 OK

4.2 kB

URL GET HTTP/2
a.omappapi.com/app/js/20.41293cba.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (4315), with no line terminators
Size
4.2 kB (4194 bytes)
Hash
83e5dc53b807336f13f63acdbcb1e7f5
5df9ff792fa0b8f5f15f1f108e69555eb0210936
b0232122a2e2425b9cd09dd55053feade0275ea0c563b2f670adb7badba9b55f

HTTP Headers

GET /app/js/20.41293cba.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:45 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65f08aac-1062"
last-modified: Tue, 12 Mar 2024 17:02:36 GMT
cdn-storageserver: SE-583
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6c2823630b8b849d94b80c8408526551
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

nitroscripts.com/NBqRUzkcDFZyLbulDYSKKJaCHobbQKNs

172.64.154.248

200 OK

44 kB

URL GET HTTP/2
nitroscripts.com/NBqRUzkcDFZyLbulDYSKKJaCHobbQKNs
IP
172.64.154.248:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ats.io/
Certificate
IssuerGoogle Trust Services LLC
Subjectnitroscripts.com
Fingerprint51:9F:F4:40:37:31:96:96:73:25:5B:92:D5:ED:F9:5C:03:F1:23:0E
ValidityWed, 01 May 2024 17:28:46 GMT - Tue, 30 Jul 2024 17:28:45 GMT

File type
JavaScript source, ASCII text, with very long lines (44290)
Size
44 kB (44291 bytes)
Hash
f504e649c9f3753d1bb836f9c907a429
5b5015e889e51dd36d26ce6b50f327132cb8b9e0
e63afec0e14a703312f354e5e69169d2429184578d95dc625eca46adccfd72d9

HTTP Headers

GET /NBqRUzkcDFZyLbulDYSKKJaCHobbQKNs HTTP/1.1
Host: nitroscripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:45 GMT
content-type: text/javascript
cache-control: max-age=600, stale-while-revalidate=31536000
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 10 May 2024 13:14:36 GMT
cf-cache-status: HIT
vary: Accept-Encoding
access-control-expose-headers: X-Request-Timestamp
x-request-timestamp: 1715346885
server: cloudflare
cf-ray: 881a31af9e5356b5-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

api.omappapi.com/v3/geolocate/json

172.66.41.8

200 OK

449 B

URL GET HTTP/2
api.omappapi.com/v3/geolocate/json
IP
172.66.41.8:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ats.io/
Certificate
IssuerGoogle Trust Services LLC
Subjectomappapi.com
Fingerprint73:15:DD:61:58:FC:DE:E1:9B:67:96:79:4F:81:BE:43:86:B1:15:1A
ValidityThu, 18 Apr 2024 16:45:24 GMT - Wed, 17 Jul 2024 16:45:23 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (507), with no line terminators
Size
449 B (449 bytes)
Hash
9ba65aa19cc2d37807bcad6e096c0789
41a36bf5cda85a263e6d2c302069e5cedf772f89
271f73b829ca7cb43718daa4ec9a1fd573777ccd59e7adb5706aad269e84ba13

HTTP Headers

GET /v3/geolocate/json HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ats.io
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/json
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1715346946
x-user-agent: standard--
x-cache-config: 0 0
x-cache-status: BYPASS
x-pagely-debug: mainblock
access-control-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AWuyQMR2F5BdbEMq9V8HzzA7AolTxJ5KrvEyXj_ma48Dqd5GZ_UD4Q==
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 881a31b53dd5b4fd-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

a.omappapi.com/app/js/0.3271ac0a.min.js

194.242.11.186

200 OK

7.5 kB

URL GET HTTP/2
a.omappapi.com/app/js/0.3271ac0a.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (7700), with no line terminators
Size
7.5 kB (7497 bytes)
Hash
b65657b7d8a7e7d96b2574e9ec27c039
b672e957380cc55099174ccab293a4f7d461862d
b280311bc361ce236aff666ee1da509b166845a49a3b46c059c01427855e5378

HTTP Headers

GET /app/js/0.3271ac0a.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65f08c8b-1d49"
last-modified: Tue, 12 Mar 2024 17:10:35 GMT
cdn-storageserver: SE-583
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1e29db0e19a23b7752d8804bea859609
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

a.omappapi.com/app/js/27.b5b10bd4.min.js

194.242.11.186

200 OK

6.5 kB

URL GET HTTP/2
a.omappapi.com/app/js/27.b5b10bd4.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (6764), with no line terminators
Size
6.5 kB (6545 bytes)
Hash
5ca515d493a62516b9a42dfa43f7b731
44cf5d16dedc20f8385637e500ccc79842f7caeb
012422b22a5b3b11eae70d96df19b38f58a8e2f9004c60e290979f8c940c1a1c

HTTP Headers

GET /app/js/27.b5b10bd4.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6621f137-1991"
last-modified: Fri, 19 Apr 2024 04:21:11 GMT
cdn-storageserver: SE-582
cdn-requestpullsuccess: True
cdn-fileserver: 584
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 86bd0bbeb33cad8a2fc06492d91dacf8
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

a.omappapi.com/app/js/10.d6ea746c.min.js

194.242.11.186

200 OK

34 kB

URL GET HTTP/2
a.omappapi.com/app/js/10.d6ea746c.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type

Size
34 kB (34069 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/js/10.d6ea746c.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65f08c8c-8515"
last-modified: Tue, 12 Mar 2024 17:10:36 GMT
cdn-storageserver: SE-582
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 86b034eff3a00c946bf71d439da31e83
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

a.omappapi.com/app/js/26.ece538f7.min.js

194.242.11.186

200 OK

1.7 kB

URL GET HTTP/2
a.omappapi.com/app/js/26.ece538f7.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (1759), with no line terminators
Size
1.7 kB (1718 bytes)
Hash
bcf4550d355dd645c86a5e57aefddb50
945066708f6efa246c7f83d07144754c3d52e18c
4ecf972065b2b9958b1a2c77472a932646f09843d89865b2e4490bac4b41971a

HTTP Headers

GET /app/js/26.ece538f7.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65f08c8b-6b6"
last-modified: Tue, 12 Mar 2024 17:10:35 GMT
cdn-storageserver: SE-582
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9ec806dcc82a9f2f59d32b0094800071
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

a.omappapi.com/app/js/9.09463684.min.js

194.242.11.186

200 OK

2.2 kB

URL GET HTTP/2
a.omappapi.com/app/js/9.09463684.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (2267), with no line terminators
Size
2.2 kB (2169 bytes)
Hash
ceba1b89987508625b59a8e6916d81f5
e5b121a3bd5431df3c2c89294bc7ba790a314e5b
ec9f329299343bc038c6efd95f9a0ad6f084a24b7ae4c7450e82fb92bb45d20f

HTTP Headers

GET /app/js/9.09463684.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65f08c8b-879"
last-modified: Tue, 12 Mar 2024 17:10:35 GMT
cdn-storageserver: SE-582
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a0b01e47b451da60d4ce10bd871b56c9
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ats.io/wp-content/uploads/2023/07/High-5-Casino-App-570x198.jpg

167.71.81.63

200 OK

35 kB

URL GET HTTP/1.1
ats.io/wp-content/uploads/2023/07/High-5-Casino-App-570x198.jpg
IP
167.71.81.63:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjectats.io
FingerprintBD:78:ED:60:80:57:8F:EE:53:A3:62:35:09:9E:7B:FA:BE:47:64:8D
ValidityWed, 01 May 2024 00:11:00 GMT - Tue, 30 Jul 2024 00:10:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 570x198, Scaling: [none]x[none], YUV color, decoders should clamp
Size
35 kB (34890 bytes)
Hash
0764072806f884a255d36cb2872a936a
761c81c4612555d3f55dbaafd2dc793d8a4c2585
e857231a081e0415bd8aeb6a6e20f5c44e92f0b059d99555d026251d566cdb56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/07/High-5-Casino-App-570x198.jpg HTTP/1.1
Host: ats.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Cookie: PHPSESSID=737fh8sfip3fnts4c56v1hm77a; nitroCachedPage=0; _ga_K0VX0N7KWX=GS1.1.1715346885.1.0.1715346885.60.0.0; _ga=GA1.1.634407881.1715346885; _omappvp=143EScq8pw7GpHdQFBLhAH63gVhE5yV4c8jWzgCc3mt6lTXJwjLIVpGJOfisblmJt5ACmPF2QimAczTkyushwStGqEFAP1sC; _omappvs=1715346885565
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 13:14:47 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept
Last-Modified: Tue, 11 Jul 2023 13:28:00 GMT
ETag: "884a-60036115ff800"
Accept-Ranges: bytes
Content-Length: 34890
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/webp

a.omappapi.com/app/js/21.40afa0f2.min.js

194.242.11.186

200 OK

2.1 kB

URL GET HTTP/2
a.omappapi.com/app/js/21.40afa0f2.min.js
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://ats.io/
Certificate
IssuerLet's Encrypt
Subjecta.omappapi.com
FingerprintFF:39:2A:B3:5F:60:19:2C:80:46:80:C3:D0:EA:C4:F9:E6:CD:5B:E0
ValidityFri, 29 Mar 2024 17:14:58 GMT - Thu, 27 Jun 2024 17:14:57 GMT

File type
JavaScript source, ASCII text, with very long lines (2148), with no line terminators
Size
2.1 kB (2079 bytes)
Hash
b8542568b2996f577ffcbec8bb04671d
c3cd1b2eb86265f1db02f81e3983733c13c9ee98
2abc9cc79123e968eef5d23dee94e6007fa3a3eae0edda46b802dde0a68f076c

HTTP Headers

GET /app/js/21.40afa0f2.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ats.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 13:14:46 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"65f08aac-81f"
last-modified: Tue, 12 Mar 2024 17:02:36 GMT
cdn-storageserver: SE-582
cdn-requestpullsuccess: True
cdn-fileserver: 585
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 05/09/2024 17:28:22
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4a0eabc4ef4ca032079cb6b7b62fab34
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML