Report - seecesrsve.onmypc.net/login.php

Report Overview

Visited public
2025-03-09 22:39:42
Tags
dyndns
URL
seecesrsve.onmypc.net/login.php
Finishing URL
www.allbiseed.com/login.php
IP / ASN
144.208.124.215
#395092 SHOCK-1
Title
البسيط دوت كوم
Suspicious - DynDNS domain

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.no	25607	2001-02-26	2012-06-26	2025-03-05	2.4 kB	1.7 kB	142.250.74.131
www.allbiseed.com	unknown	2024-09-16	2024-10-13	2024-10-13	8.1 kB	312 kB	144.208.124.215
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-03-05	2.1 kB	1.4 MB	142.250.74.72
www.seecesrsve.onmypc.net	unknown	2012-07-12	2023-02-21	2023-03-01	1.0 kB	7.6 kB	144.208.124.215
seecesrsve.onmypc.net	unknown	2012-07-12	2019-02-19	2023-03-26	914 B	247 B	144.208.124.215
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2025-03-05	2.9 kB	2.6 kB	216.239.34.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	From	Size	First Seen	Last Seen
	www.allbiseed.com/qa-content/jquery-3.3.1.min.js	ScriptElement	87 kB	2023-03-07	2025-04-24
Pretty URL www.allbiseed.com/qa-content/jquery-3.3.1.min.js IP 144.208.124.215 ASN #395092 SHOCK-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-04-24 12:39 Times Seen1796 Hash 378087a64e1394fc51f300bb9c11878c 0c3192b500a4fd550e483cf77a49806a5872185b 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de Loading...

	www.allbiseed.com/sandbox%20eval%20code		147 B	2023-04-11	2025-04-26
Pretty URL www.allbiseed.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-04-26 00:22 Times Seen337985 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/js?id=G-QH2N770GXP&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837	ScriptElement	397 kB	2025-03-09	2025-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-QH2N770GXP&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-09 22:39 Last Seen2025-03-09 22:39 Times Seen1 Hash cefe238970edcfe9f932f2646c4887e7 b9f31eac7b512401f4ba25276d57e10de0969a28 5e4beb1f24b9ea19ae6361ee79c2c10c02156c9f49bb336ef17c60acf59c9dc2 Loading...

	about:certerror?e=nssBadCert&u=https%3A//www.seecesrsve.onmypc.net/login.php&c=UTF-8&d=%20	ScriptElement	111 B	2025-03-02	2025-04-26
Pretty URL about:certerror?e=nssBadCert&u=https%3A//www.seecesrsve.onmypc.net/login.php&c=UTF-8&d=%20 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-02 08:59 Last Seen2025-04-26 00:22 Times Seen21893 Hash 1fc778fb81973516c7df9ee7caca05e6 7953945d192422cc2b1d8610d1b0fa1469bb5b7f a09c624476cbe1462a188d07d0ce0a20e258a5e9b7890f44b3c8b68a0a3b26eb Loading...

	www.allbiseed.com/login.php	ScriptElement	155 B	2025-03-09	2025-03-09
Pretty URL www.allbiseed.com/login.php IP 144.208.124.215 ASN #395092 SHOCK-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-09 22:39 Last Seen2025-03-09 22:39 Times Seen2 Hash 8fcd45651e3fc2754147c54b073e7af9 84464750f85905af403dd7c6b995099912ae37ca 1ad9007f447edf7c4bb337e2ca02cfc5344ec6a360793b726108e4f710eea457 Loading...

	www.allbiseed.com/qa-content/qa-global.js?1.8.3	ScriptElement	21 kB	2023-03-07	2025-03-09
Pretty URL www.allbiseed.com/qa-content/qa-global.js?1.8.3 IP 144.208.124.215 ASN #395092 SHOCK-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:16 Last Seen2025-03-09 22:39 Times Seen19 Hash b6f852cae19679734f83fe8bee19b07b 47792047a18e574b36b001c98d48eb314cc396e8 b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3 Loading...

	www.allbiseed.com/qa-theme/SnowFlat/js/snow-core.js?1.8.3	ScriptElement	2.4 kB	2023-03-07	2025-03-09
Pretty URL www.allbiseed.com/qa-theme/SnowFlat/js/snow-core.js?1.8.3 IP 144.208.124.215 ASN #395092 SHOCK-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:16 Last Seen2025-03-09 22:39 Times Seen17 Hash ac6f25c1056ff56c67d11c7edc4843a0 6ec45dee7a7e62c088267f7e63b30fe1f8837d5d 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa Loading...

	www.googletagmanager.com/gtag/js?id=UA-136468182-1	ScriptElement	256 kB	2025-03-09	2025-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=UA-136468182-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-09 22:39 Last Seen2025-03-09 22:39 Times Seen1 Hash 02cf93548617cab96735b1753615a0a7 47922bfafefa2ba26dcbc74c6d4b65bdb228a8ce b6f44abec761423baca8a7de07fe18853e442a5efba564d18da6a8e848a038ab Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-04-26
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-04-26 00:22 Times Seen337190 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-V4FESH8Y86&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837	ScriptElement	315 kB	2025-03-09	2025-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-V4FESH8Y86&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-09 22:39 Last Seen2025-03-09 22:39 Times Seen1 Hash d227a3e7a9f9789f755b9ef0b906777c 4a710cb8af2aee7a5f908d9d156c53c4be771e32 bb25da849be2db474fd93d18f62d70fc82b5548ae3632bbb618fad9637553a57 Loading...

	www.googletagmanager.com/gtag/js?id=G-R7RE6Z97GH&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837	ScriptElement	398 kB	2025-03-09	2025-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-R7RE6Z97GH&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-09 22:39 Last Seen2025-03-09 22:39 Times Seen1 Hash 16a18ed13868443ba36fd5a0421876e1 1f9b56ed9470f5b97e2cfa4812db70b489ea5b30 5d996dca52528dfec8510fb4f5fdbe95ca51154ebff215bb486b94de1c9fdedd Loading...

	www.allbiseed.com/login.php	ScriptElement	52 B	2025-03-09	2025-03-09
Pretty URL www.allbiseed.com/login.php IP 144.208.124.215 ASN #395092 SHOCK-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-09 22:39 Last Seen2025-03-09 22:39 Times Seen1 Hash 99d9607f43f3c1b4108229779e827c43 b99a2e0f8fb4371e0c02d8696aef081053907adc fd3288262d05426e2bb83ca90585267530c6a47768ee14db4d593228fa31be40 Loading...

	www.allbiseed.com/login.php	ScriptElement	121 B	2023-03-07	2025-03-09
Pretty URL www.allbiseed.com/login.php IP 144.208.124.215 ASN #395092 SHOCK-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:30 Last Seen2025-03-09 22:39 Times Seen19 Hash b8bd4fac761e19c783a8c68d5d212e0f b506f020e5ad73523b3633bb01946d90cde1a786 f293815ada08c34617a85d148783cad5f75517ac591c685005022b4aa7745052 Loading...

HTTP Transactions (28)

URL IP Response Size

region1.analytics.google.com/g/collect?v=2&tid=G-V4FESH8Y86&gtm=45je5362v9138363725za200&_p=1741559966357&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&cid=632352630.1741559967&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1741559967&sct=1&seg=0&dl=https%3A%2F%2Fwww.allbiseed.com%2Flogin.php&dt=%D8%A7%D9%84%D8%A8%D8%B3%D9%8A%D8%B7%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3984

216.239.34.36

204 No Content

0 B

URL POST
region1.analytics.google.com/g/collect?v=2&tid=G-V4FESH8Y86&gtm=45je5362v9138363725za200&_p=1741559966357&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&cid=632352630.1741559967&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1741559967&sct=1&seg=0&dl=https%3A%2F%2Fwww.allbiseed.com%2Flogin.php&dt=%D8%A7%D9%84%D8%A8%D8%B3%D9%8A%D8%B7%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3984
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-V4FESH8Y86&gtm=45je5362v9138363725za200&_p=1741559966357&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&cid=632352630.1741559967&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1741559967&sct=1&seg=0&dl=https%3A%2F%2Fwww.allbiseed.com%2Flogin.php&dt=%D8%A7%D9%84%D8%A8%D8%B3%D9%8A%D8%B7%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3984 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.allbiseed.com/
Origin: https://www.allbiseed.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.allbiseed.com
date: Sun, 09 Mar 2025 22:39:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:136:0
report-to: {"group":"ascnsrsggc:136:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R7RE6Z97GH&cid=632352630.1741559967&gtm=45je5362v9136452912za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102825837&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102825837&z=351067713

142.250.74.131

200 OK

42 B

URL GET
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R7RE6Z97GH&cid=632352630.1741559967&gtm=45je5362v9136452912za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102825837&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102825837&z=351067713
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerGoogle Trust Services
Subject*.google.no
Fingerprint26:B7:26:CB:C6:A9:06:E9:C0:85:18:1A:20:54:87:E3:8B:35:EC:7C
ValidityWed, 26 Feb 2025 15:35:45 GMT - Wed, 21 May 2025 15:35:44 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R7RE6Z97GH&cid=632352630.1741559967&gtm=45je5362v9136452912za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102825837&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102825837&z=351067713 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 09 Mar 2025 22:39:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.allbiseed.com/login.php

144.208.124.215

404 Not Found

7.2 kB

URL User Request GET
www.allbiseed.com/login.php
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (7345), with no line terminators
Size
7.2 kB (7205 bytes)
Hash
1f603240707f538a2c8f81593d738f85
fc1eedb88e1209c4ef8e60f852b4bedb32a92365
8f9dff5980a66457719b35649dbb2e40a2be247725af85546e71bdfaf5032511

HTTP Headers

GET /login.php HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; path=/; secure
qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09; expires=Tue, 11-Mar-2025 22:39:25 GMT; Max-Age=172800; path=/; HttpOnly; secure
content-type: text/html; charset=utf-8
content-length: 2241
content-encoding: br
vary: Accept-Encoding
date: Sun, 09 Mar 2025 22:39:25 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

www.allbiseed.com/qa-theme/SnowFlat/qa-styles.css?1.8.3

144.208.124.215

200 OK

72 kB

URL GET
www.allbiseed.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
ASCII text, with CRLF line terminators
Size
72 kB (72433 bytes)
Hash
90bb96f9ad2264e31fe14a5fb845efc1
20ea1e4c0327fd277ddee24c54f56f22302c0900
f5802a6a61b055db582426e1a8d9f9d0a9808480baaffb710e57a8f1fa941830

HTTP Headers

GET /qa-theme/SnowFlat/qa-styles.css?1.8.3 HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/login.php
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Sat, 12 Jan 2019 20:22:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11478
date: Sun, 09 Mar 2025 22:39:26 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.allbiseed.com/qa-theme/SnowFlat/fonts/ubuntu-italic.woff2

144.208.124.215

200 OK

25 kB

URL GET
www.allbiseed.com/qa-theme/SnowFlat/fonts/ubuntu-italic.woff2
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24808, version 1.0
Size
25 kB (24808 bytes)
Hash
5d7f3d1466e3a11a8b8efc09ff61cf2e
f5a1612b04cc49ebad65192db33a7cc498ef2409
1f1c7364ef5f163cddba63301931db5e1eff87ecc1cd2e9704c10c6f92417b54

HTTP Headers

GET /qa-theme/SnowFlat/fonts/ubuntu-italic.woff2 HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/login.php
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff2
last-modified: Sat, 12 Jan 2019 20:15:15 GMT
accept-ranges: bytes
content-length: 24808
date: Sun, 09 Mar 2025 22:39:26 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-V4FESH8Y86&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837

142.250.74.72

200 OK

315 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-V4FESH8Y86&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type
JavaScript source, ASCII text, with very long lines (5960)
Size
315 kB (314559 bytes)
Hash
d227a3e7a9f9789f755b9ef0b906777c
4a710cb8af2aee7a5f908d9d156c53c4be771e32
bb25da849be2db474fd93d18f62d70fc82b5548ae3632bbb618fad9637553a57

HTTP Headers

GET /gtag/js?id=G-V4FESH8Y86&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 09 Mar 2025 22:39:26 GMT
expires: Sun, 09 Mar 2025 22:39:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 109807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.allbiseed.com/qa-theme/SnowFlat/fonts/ubuntu-regular.woff2

144.208.124.215

200 OK

22 kB

URL GET
www.allbiseed.com/qa-theme/SnowFlat/fonts/ubuntu-regular.woff2
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22388, version 1.0
Size
22 kB (22388 bytes)
Hash
15b31ac9865cf59ee66305ceae84eeca
a7dc7a8504e47449000ea52f24ec10b34526b60c
02e4551debbf743ff34d013ba7b0a5440fa88958b9c406105a55612721cba16c

HTTP Headers

GET /qa-theme/SnowFlat/fonts/ubuntu-regular.woff2 HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/login.php
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff2
last-modified: Sat, 12 Jan 2019 20:15:15 GMT
accept-ranges: bytes
content-length: 22388
date: Sun, 09 Mar 2025 22:39:27 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V4FESH8Y86&cid=632352630.1741559967&gtm=45je5362v9138363725za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&z=732773944

142.250.74.131

200 OK

42 B

URL GET
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V4FESH8Y86&cid=632352630.1741559967&gtm=45je5362v9138363725za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&z=732773944
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerGoogle Trust Services
Subject*.google.no
Fingerprint26:B7:26:CB:C6:A9:06:E9:C0:85:18:1A:20:54:87:E3:8B:35:EC:7C
ValidityWed, 26 Feb 2025 15:35:45 GMT - Wed, 21 May 2025 15:35:44 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V4FESH8Y86&cid=632352630.1741559967&gtm=45je5362v9138363725za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&z=732773944 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 09 Mar 2025 22:39:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.seecesrsve.onmypc.net/login.php

144.208.124.215

301 Moved Permanently

7.2 kB

URL User Request GET
www.seecesrsve.onmypc.net/login.php
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type

Size
7.2 kB (7205 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /login.php HTTP/1.1
Host: www.seecesrsve.onmypc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 795
date: Sun, 09 Mar 2025 22:39:24 GMT
server: LiteSpeed
location: https://www.allbiseed.com/login.php
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

www.allbiseed.com/qa-theme/SnowFlat/js/snow-core.js?1.8.3

144.208.124.215

200 OK

2.4 kB

URL GET
www.allbiseed.com/qa-theme/SnowFlat/js/snow-core.js?1.8.3
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
JavaScript source, ASCII text, with very long lines (2646), with no line terminators
Size
2.4 kB (2383 bytes)
Hash
505e0402af8a4cc3d4c33cefd5f33c02
787353175c3798624e0ec50e7a925c4c3f850a4e
cb7527c702cfc2d0974c9f8a8258ab57f07e4d69b5aec2571a50d068ff69621f

HTTP Headers

GET /qa-theme/SnowFlat/js/snow-core.js?1.8.3 HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/login.php
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 12 Jan 2019 20:22:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 885
date: Sun, 09 Mar 2025 22:39:26 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.allbiseed.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067

144.208.124.215

200 OK

7.2 kB

URL GET
www.allbiseed.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
Web Open Font Format, TrueType, length 7200, version 1.0
Size
7.2 kB (7200 bytes)
Hash
032102e77ed40c63761279956b30f59f
b40bfc143f60a96b35a760a73f18dd3934eebc08
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

HTTP Headers

GET /qa-theme/SnowFlat/fonts/fontello.woff?70015067 HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff
last-modified: Mon, 25 Jul 2016 20:01:58 GMT
accept-ranges: bytes
content-length: 7200
date: Sun, 09 Mar 2025 22:39:26 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-R7RE6Z97GH&gtm=45je5362v9136452912za200&_p=1741559966357&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102825837&cid=632352630.1741559967&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1741559967&sct=1&seg=0&dl=https%3A%2F%2Fwww.allbiseed.com%2Flogin.php&dt=%D8%A7%D9%84%D8%A8%D8%B3%D9%8A%D8%B7%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85&en=page_view&_fv=1&_ss=1&tfd=4108

216.239.34.36

204 No Content

0 B

URL POST
region1.analytics.google.com/g/collect?v=2&tid=G-R7RE6Z97GH&gtm=45je5362v9136452912za200&_p=1741559966357&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102825837&cid=632352630.1741559967&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1741559967&sct=1&seg=0&dl=https%3A%2F%2Fwww.allbiseed.com%2Flogin.php&dt=%D8%A7%D9%84%D8%A8%D8%B3%D9%8A%D8%B7%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85&en=page_view&_fv=1&_ss=1&tfd=4108
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-R7RE6Z97GH&gtm=45je5362v9136452912za200&_p=1741559966357&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102308675~102482433~102539968~102587591~102640600~102717422~102788824~102825837&cid=632352630.1741559967&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1741559967&sct=1&seg=0&dl=https%3A%2F%2Fwww.allbiseed.com%2Flogin.php&dt=%D8%A7%D9%84%D8%A8%D8%B3%D9%8A%D8%B7%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85&en=page_view&_fv=1&_ss=1&tfd=4108 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.allbiseed.com/
Origin: https://www.allbiseed.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.allbiseed.com
date: Sun, 09 Mar 2025 22:39:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:136:0
report-to: {"group":"ascnsrsggc:136:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

seecesrsve.onmypc.net/login.php

144.208.124.215

301 Moved Permanently

0 B

URL User Request GET
seecesrsve.onmypc.net/login.php
IP
144.208.124.215:80
ASN
#395092 SHOCK-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /login.php HTTP/1.1
Host: seecesrsve.onmypc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 795
date: Sun, 09 Mar 2025 22:39:22 GMT
server: LiteSpeed
location: https://www.seecesrsve.onmypc.net/login.php

www.allbiseed.com/qa-theme/SnowFlat/images/search-icon-white.png

144.208.124.215

200 OK

1.4 kB

URL GET
www.allbiseed.com/qa-theme/SnowFlat/images/search-icon-white.png
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
PNG image data, 36 x 36, 8-bit/color RGBA, interlaced
Size
1.4 kB (1412 bytes)
Hash
d7bb9c767a3d489bb312bf0edec2bd62
74d64044c075c6f1055b87bfbadb6311e5d702b7
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

HTTP Headers

GET /qa-theme/SnowFlat/images/search-icon-white.png HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
last-modified: Sat, 12 Jan 2019 20:15:15 GMT
accept-ranges: bytes
content-length: 1412
date: Sun, 09 Mar 2025 22:39:26 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.allbiseed.com/qa-theme/SnowFlat/fonts/ubuntu-italic.woff2

144.208.124.215

200 OK

25 kB

URL GET
www.allbiseed.com/qa-theme/SnowFlat/fonts/ubuntu-italic.woff2
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24808, version 1.0
Size
25 kB (24808 bytes)
Hash
5d7f3d1466e3a11a8b8efc09ff61cf2e
f5a1612b04cc49ebad65192db33a7cc498ef2409
1f1c7364ef5f163cddba63301931db5e1eff87ecc1cd2e9704c10c6f92417b54

HTTP Headers

GET /qa-theme/SnowFlat/fonts/ubuntu-italic.woff2 HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/login.php
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff2
last-modified: Sat, 12 Jan 2019 20:15:15 GMT
accept-ranges: bytes
content-length: 24808
date: Sun, 09 Mar 2025 22:39:27 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.seecesrsve.onmypc.net/login.php

0.0.0.0

0 B

URL User Request GET
www.seecesrsve.onmypc.net/login.php
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /login.php HTTP/1.1
Host: www.seecesrsve.onmypc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.allbiseed.com/qa-content/jquery-3.3.1.min.js

144.208.124.215

200 OK

87 kB

URL GET
www.allbiseed.com/qa-content/jquery-3.3.1.min.js
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
JavaScript source, ASCII text, with very long lines (65450), with CRLF line terminators
Size
87 kB (86929 bytes)
Hash
378087a64e1394fc51f300bb9c11878c
0c3192b500a4fd550e483cf77a49806a5872185b
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

HTTP Headers

GET /qa-content/jquery-3.3.1.min.js HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/login.php
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 12 Jan 2019 20:22:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29665
date: Sun, 09 Mar 2025 22:39:26 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

seecesrsve.onmypc.net/login.php

0.0.0.0

0 B

URL User Request GET
seecesrsve.onmypc.net/login.php
IP
0.0.0.0:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

GET /login.php HTTP/1.1
Host: seecesrsve.onmypc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.allbiseed.com/qa-theme/SnowFlat/qa-styles-rtl.css?1.8.3

144.208.124.215

200 OK

7.5 kB

URL GET
www.allbiseed.com/qa-theme/SnowFlat/qa-styles-rtl.css?1.8.3
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
ASCII text, with very long lines (8711), with no line terminators
Size
7.5 kB (7514 bytes)
Hash
b64630a4344b83b91b69e0abfa5d8b1a
201145511a43f726e14974aa85c5ff6858e1b539
c9ba9485af1b7ed2be622c7099d33e07a06d275d9a392b47fc92b3ae30cf391c

HTTP Headers

GET /qa-theme/SnowFlat/qa-styles-rtl.css?1.8.3 HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/login.php
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Sat, 12 Jan 2019 20:22:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1556
date: Sun, 09 Mar 2025 22:39:26 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.allbiseed.com/qa-content/qa-global.js?1.8.3

144.208.124.215

200 OK

21 kB

URL GET
www.allbiseed.com/qa-content/qa-global.js?1.8.3
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
21 kB (20550 bytes)
Hash
b6f852cae19679734f83fe8bee19b07b
47792047a18e574b36b001c98d48eb314cc396e8
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

HTTP Headers

GET /qa-content/qa-global.js?1.8.3 HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/login.php
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 12 Jan 2019 20:22:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4765
date: Sun, 09 Mar 2025 22:39:26 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-QH2N770GXP&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837

142.250.74.72

200 OK

397 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-QH2N770GXP&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type
JavaScript source, ASCII text, with very long lines (17272)
Size
397 kB (396981 bytes)
Hash
cefe238970edcfe9f932f2646c4887e7
b9f31eac7b512401f4ba25276d57e10de0969a28
5e4beb1f24b9ea19ae6361ee79c2c10c02156c9f49bb336ef17c60acf59c9dc2

HTTP Headers

GET /gtag/js?id=G-QH2N770GXP&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 09 Mar 2025 22:39:26 GMT
expires: Sun, 09 Mar 2025 22:39:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 132346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-QH2N770GXP&gtm=45je5362v9138364115za200&_p=1741559966357&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&cid=632352630.1741559967&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1741559967&sct=1&seg=0&dl=https%3A%2F%2Fwww.allbiseed.com%2Flogin.php&dt=%D8%A7%D9%84%D8%A8%D8%B3%D9%8A%D8%B7%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85&en=page_view&_fv=1&_ss=1&tfd=4194

216.239.34.36

204 No Content

0 B

URL POST
region1.analytics.google.com/g/collect?v=2&tid=G-QH2N770GXP&gtm=45je5362v9138364115za200&_p=1741559966357&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&cid=632352630.1741559967&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1741559967&sct=1&seg=0&dl=https%3A%2F%2Fwww.allbiseed.com%2Flogin.php&dt=%D8%A7%D9%84%D8%A8%D8%B3%D9%8A%D8%B7%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85&en=page_view&_fv=1&_ss=1&tfd=4194
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-QH2N770GXP&gtm=45je5362v9138364115za200&_p=1741559966357&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&cid=632352630.1741559967&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1741559967&sct=1&seg=0&dl=https%3A%2F%2Fwww.allbiseed.com%2Flogin.php&dt=%D8%A7%D9%84%D8%A8%D8%B3%D9%8A%D8%B7%20%D8%AF%D9%88%D8%AA%20%D9%83%D9%88%D9%85&en=page_view&_fv=1&_ss=1&tfd=4194 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.allbiseed.com/
Origin: https://www.allbiseed.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.allbiseed.com
date: Sun, 09 Mar 2025 22:39:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:136:0
report-to: {"group":"ascnsrsggc:136:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QH2N770GXP&cid=632352630.1741559967&gtm=45je5362v9138364115za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&z=627232413

142.250.74.131

200 OK

42 B

URL GET
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QH2N770GXP&cid=632352630.1741559967&gtm=45je5362v9138364115za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&z=627232413
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerGoogle Trust Services
Subject*.google.no
Fingerprint26:B7:26:CB:C6:A9:06:E9:C0:85:18:1A:20:54:87:E3:8B:35:EC:7C
ValidityWed, 26 Feb 2025 15:35:45 GMT - Wed, 21 May 2025 15:35:44 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QH2N770GXP&cid=632352630.1741559967&gtm=45je5362v9138364115za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837&z=627232413 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 09 Mar 2025 22:39:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-R7RE6Z97GH&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837

142.250.74.72

200 OK

398 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-R7RE6Z97GH&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type
JavaScript source, ASCII text, with very long lines (17272)
Size
398 kB (398525 bytes)
Hash
16a18ed13868443ba36fd5a0421876e1
1f9b56ed9470f5b97e2cfa4812db70b489ea5b30
5d996dca52528dfec8510fb4f5fdbe95ca51154ebff215bb486b94de1c9fdedd

HTTP Headers

GET /gtag/js?id=G-R7RE6Z97GH&l=dataLayer&cx=c&gtm=457e5362za200&tag_exp=102067808~102482433~102539968~102587591~102640600~102717422~102788824~102825837 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 09 Mar 2025 22:39:26 GMT
expires: Sun, 09 Mar 2025 22:39:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 133079
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-136468182-1

142.250.74.72

200 OK

256 kB

URL GET
www.googletagmanager.com/gtag/js?id=UA-136468182-1
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type
JavaScript source, ASCII text, with very long lines (5268)
Size
256 kB (256256 bytes)
Hash
02cf93548617cab96735b1753615a0a7
47922bfafefa2ba26dcbc74c6d4b65bdb228a8ce
b6f44abec761423baca8a7de07fe18853e442a5efba564d18da6a8e848a038ab

HTTP Headers

GET /gtag/js?id=UA-136468182-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 09 Mar 2025 22:39:26 GMT
expires: Sun, 09 Mar 2025 22:39:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
server: Google Tag Manager
content-length: 90719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.allbiseed.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644

144.208.124.215

200 OK

7.8 kB

URL GET
www.allbiseed.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
GIF image data, version 89a, 14 x 14
Size
7.8 kB (7781 bytes)
Hash
baa90f5e1a366d64a56c6bdc20463880
a5fc4c07afc4c856ff09a4ed6cee0a26487946a9
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

HTTP Headers

GET /qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644 HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/gif
last-modified: Sat, 12 Jan 2019 20:15:15 GMT
accept-ranges: bytes
content-length: 7781
date: Sun, 09 Mar 2025 22:39:26 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.allbiseed.com/qa-theme/SnowFlat/fonts/ubuntu-regular.woff2

144.208.124.215

200 OK

22 kB

URL GET
www.allbiseed.com/qa-theme/SnowFlat/fonts/ubuntu-regular.woff2
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22388, version 1.0
Size
22 kB (22388 bytes)
Hash
15b31ac9865cf59ee66305ceae84eeca
a7dc7a8504e47449000ea52f24ec10b34526b60c
02e4551debbf743ff34d013ba7b0a5440fa88958b9c406105a55612721cba16c

HTTP Headers

GET /qa-theme/SnowFlat/fonts/ubuntu-regular.woff2 HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/login.php
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/woff2
last-modified: Sat, 12 Jan 2019 20:15:15 GMT
accept-ranges: bytes
content-length: 22388
date: Sun, 09 Mar 2025 22:39:26 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.allbiseed.com/favicon.ico

144.208.124.215

404 Not Found

796 B

URL GET
www.allbiseed.com/favicon.ico
IP
144.208.124.215:443
ASN
#395092 SHOCK-1

Requested by
https://www.allbiseed.com/login.php
Certificate
IssuerLet's Encrypt
Subjectalbsseds.com
Fingerprint94:22:C4:53:A8:81:8A:63:F3:8D:69:C6:86:7B:62:F9:15:B1:4E:58
ValidityMon, 17 Feb 2025 19:14:56 GMT - Sun, 18 May 2025 19:14:55 GMT

File type
HTML document, ASCII text, with very long lines (827), with no line terminators
Size
796 B (796 bytes)
Hash
ba278b4b4bd7abdc1006afafa87c076c
d5e52393da72c10ff4dff4e321f3fb07fad69a00
f8ebaa071d9024e80bb3c48681326ca17bb3b8f88ea2e7872b98b9f3459b73f2

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.allbiseed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.allbiseed.com/login.php
Cookie: PHPSESSID=7793abeae982e81a9abc06949a6cb52b; qa_key=1ve45ge8gy478ufmzjq839dkeqepwm09
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 796
date: Sun, 09 Mar 2025 22:39:27 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML