| datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=ccc19bb5-f64e-4979-b33d-2b337e3304d5 | 139.45.195.253 | 200 OK | 2 B |
URL POST HTTP/1.1datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=ccc19bb5-f64e-4979-b33d-2b337e3304d5 IP139.45.195.253:443
Requested byhttps://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5441428&axcusid1=8&clid={ymid}&r=http://gtoonfd.com/link?z=5441428&var=8&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=7380 CertificateIssuerSectigo Limited Subjectdatatechone.com FingerprintFD:AA:8A:21:49:9F:48:59:78:C7:B2:00:75:4F:CD:2C:AF:49:2C:37 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853&ruid=ccc19bb5-f64e-4979-b33d-2b337e3304d5 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1519
Origin: https://cdntechone.com
DNT: 1
Connection: keep-alive
Referer: https://cdntechone.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 09 May 2024 13:02:22 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://cdntechone.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
| gtoonfd.com/link?z=5441428&var=8&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=7380 | 139.45.197.239 | 204 No Content | 0 B |
URL User Request GET HTTP/2gtoonfd.com/link?z=5441428&var=8&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=7380 IP139.45.197.239:443
CertificateIssuerLet's Encrypt Subjectgtoonfd.com Fingerprint85:B9:D5:4C:37:54:B1:2B:23:9E:AA:1E:A4:5E:20:26:DA:80:B6:89 ValidityFri, 12 Apr 2024 05:10:38 GMT - Thu, 11 Jul 2024 05:10:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /link?z=5441428&var=8&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=7380 HTTP/1.1
Host: gtoonfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Thu, 09 May 2024 13:02:23 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=04805731bb1245edef5949908aab94ce; expires=Fri, 09 May 2025 13:02:23 GMT
oaidts=1715259743; expires=Fri, 09 May 2025 13:02:23 GMT
allcnt=1; expires=Fri, 09 May 2025 13:02:23 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
|
IP139.45.197.239:0
CertificateIssuerLet's Encrypt Subjectgtoonfd.com Fingerprint85:B9:D5:4C:37:54:B1:2B:23:9E:AA:1E:A4:5E:20:26:DA:80:B6:89 ValidityFri, 12 Apr 2024 05:10:38 GMT - Thu, 11 Jul 2024 05:10:37 GMT
File typeASCII text, with no line terminators Hash7feadfe891c04432562e6d2b4d35f38a fc25b473cdcdf8551d51bed416dd604f3e1d158f e836cf151c055c64b3b2991de7067f3d9e925b51d1050e57ff93a7b88667031f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: gtoonfd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 09 May 2024 13:02:26 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 16
Connection: keep-alive
|
| cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5441428&axcusid1=8&clid={ymid}&r=http://gtoonfd.com/link?z=5441428&var=8&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=7380 | 188.114.96.1 | 200 OK | 23 kB |
URL User Request GET HTTP/2cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5441428&axcusid1=8&clid={ymid}&r=http://gtoonfd.com/link?z=5441428&var=8&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=7380 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com Fingerprint3D:20:D4:11:5D:06:B3:63:9C:08:BF:D9:D9:16:22:D5:DC:3B:9A:CB ValidityMon, 22 Apr 2024 03:33:58 GMT - Sun, 21 Jul 2024 03:33:57 GMT
File typeHTML document, ASCII text, with very long lines (18452) Hashbb831dd6d50f6c8b53353103ec9a3703 9d78eba98e3da16601fb5492a7d66030865293e0 785c9ae55eb9710019f4b32060731514e6bf11d2fb96e0c5bc5dec7d2bfc9319
GET /r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5441428&axcusid1=8&clid={ymid}&r=http://gtoonfd.com/link?z=5441428&var=8&acb=proxy-smart-link&axcusid2=&axadvid=0&axcamid=7380 HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 13:02:22 GMT
content-type: text/html
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TasljMVNb7QnVKvlxDNuAD6VBzJKFPYbUSOJq57J3bLYbTJ2P0JqUVzXf1j3HcMyd23pnunjFT%2B8pgw1GTOZbStZTCtDiOHWIYiyKgaoFmTS1K3nvl9S7WEIGT%2FPoD6qyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8811e22c7a7d0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|