Report - wudyxaatie.live/

Report Overview

Submitted URL
wudyxaatie.live/
IP
104.21.21.238
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-09 19:18:54
Access
public
Website Title
O czym powinien wiedzieć początkujący inwestor na giełdzie?
Final URL
wudyxaatie.live/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
wudyxaatie.live	unknown	unknown	No data	No data	1.9 kB	95 kB	172.67.201.107

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	wudyxaatie.live	Sinkholed
2024-05-09	medium	wudyxaatie.live	Sinkholed
2024-05-09	medium	wudyxaatie.live	Sinkholed
2024-05-09	medium	wudyxaatie.live	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

wudyxaatie.live/styles/style.css

172.67.201.107

200 OK

572 B

URL GET HTTP/3
wudyxaatie.live/styles/style.css
IP
172.67.201.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wudyxaatie.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectwudyxaatie.live
FingerprintB7:68:1D:ED:C0:80:03:82:FA:D6:45:B2:44:B9:7A:CC:78:F6:F5:62
ValidityWed, 24 Apr 2024 12:36:17 GMT - Tue, 23 Jul 2024 12:36:16 GMT

File type
ASCII text
Size
572 B (572 bytes)
Hash
498a29a95f7d2824fd39195e9aaaecd6
33cb94293b9ebc204c3188a77c7d3cdde797afa8
b3b67ddc0adb6a25017499eaca2d4940acfeaddbb43bdb6bf9b94db608df2dc8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /styles/style.css HTTP/1.1
Host: wudyxaatie.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wudyxaatie.live/
Cookie: PHPSESSID=8324ea6d3d06773b82dedc8913820867
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:18:25 GMT
content-type: text/css
content-length: 572
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 09 May 2024 19:18:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRexGlSaDciI4U5jQhc3YFvkh%2FmT20RI7KtDvegg%2BmWbDafK5askIo2F3djKjGBz9QWdGz16nacRgVDtSx8sdxiGrJz%2FZ7%2BOS%2Bndl69aqocrbHs92TqG3IKzCazGRlDsYHc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881409091a847128-OSL
alt-svc: h3=":443"; ma=86400

wudyxaatie.live/1.webp

172.67.201.107

200 OK

86 kB

URL GET HTTP/3
wudyxaatie.live/1.webp
IP
172.67.201.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wudyxaatie.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectwudyxaatie.live
FingerprintB7:68:1D:ED:C0:80:03:82:FA:D6:45:B2:44:B9:7A:CC:78:F6:F5:62
ValidityWed, 24 Apr 2024 12:36:17 GMT - Tue, 23 Jul 2024 12:36:16 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 2048x1536, Scaling: [none]x[none], YUV color, decoders should clamp
Size
86 kB (85840 bytes)
Hash
338d9b0ac4aed1253377feb4edb786bf
ce2343203332f2433f4c0921f1f5cb0707211d2d
c5228a0ccfd873d5e3df781ebe952183ceed869770b3f4ac9ad33b6f4bedeeca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1.webp HTTP/1.1
Host: wudyxaatie.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wudyxaatie.live/
Cookie: PHPSESSID=8324ea6d3d06773b82dedc8913820867
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 19:18:25 GMT
content-type: image/webp
content-length: 85840
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 09 May 2024 19:18:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WwMme%2FxQ50WaAoKVLTinACoQJaV6abwUFQ%2BcblxnQ4zca92qLZi7tJJqySG6AEHEJVbI0TIpNopjBv3QM9ozOzOa2MoiOACHnitJEoXARMH3wK8uo5vEdVJervgRtuOMgng%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881409091a8b7128-OSL
alt-svc: h3=":443"; ma=86400

wudyxaatie.live/favicon.ico

172.67.201.107

404 Not Found

146 B

URL GET HTTP/3
wudyxaatie.live/favicon.ico
IP
172.67.201.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wudyxaatie.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectwudyxaatie.live
FingerprintB7:68:1D:ED:C0:80:03:82:FA:D6:45:B2:44:B9:7A:CC:78:F6:F5:62
ValidityWed, 24 Apr 2024 12:36:17 GMT - Tue, 23 Jul 2024 12:36:16 GMT

File type
HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: wudyxaatie.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wudyxaatie.live/
Cookie: PHPSESSID=8324ea6d3d06773b82dedc8913820867
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 09 May 2024 19:18:25 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADDi7vad66NFYToN8Ebw9Him3BdlZDoaAAiC73enWziNz3b9mUbSWrkiZOBbXEactmxsN3B6AKT1QOIECUFvc3E%2Fu%2FAob9rJb3B8xmcu08tyroQKCRG%2FomlJizR8K6luDPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8814090a7d1d7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

wudyxaatie.live/

172.67.201.107

200 OK

5.9 kB

URL User Request GET HTTP/2
wudyxaatie.live/
IP
172.67.201.107:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectwudyxaatie.live
FingerprintB7:68:1D:ED:C0:80:03:82:FA:D6:45:B2:44:B9:7A:CC:78:F6:F5:62
ValidityWed, 24 Apr 2024 12:36:17 GMT - Tue, 23 Jul 2024 12:36:16 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (5871), with no line terminators
Size
5.9 kB (5910 bytes)
Hash
e06c565587c2e6660a1ba5d8d6a08be7
596639535cd2a907600e1fa3f5d246847b568276
1f52e78ecdaff14948219bc1ac4eaf8186cb2651d5bb4bcea72b0518b60882af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: wudyxaatie.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 19:18:25 GMT
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: PHPSESSID=8324ea6d3d06773b82dedc8913820867; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVfjTNoHL2iP4pnkjqsUjiN3OZcttYTffXs2l6b2mJknWCLwIIh5CtNHp%2B5uWLs4wXcXRyWavDcTwrG%2BAJSo8TDJmFAXfJmw1fawLZQ6hBQ1xJhBKlyqVKEpnTX3JVRRh9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881409061e8b0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers