| GET download-download.store/dL8r8DWs |  45.147.176.33 | 302 Found | 0 B |
URL User Request GET HTTP/1.1download-download.store/dL8r8DWs IP45.147.176.33:443
CertificateIssuerLet's Encrypt Subjectdownload-download.store Fingerprint6C:88:E8:78:89:69:E8:65:F0:BA:9B:E3:0C:AF:E5:F3:8D:C9:6E:1F ValidityMon, 16 Dec 2024 09:03:15 GMT - Sun, 16 Mar 2025 09:03:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /dL8r8DWs HTTP/1.1
Host: download-download.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 Jan 2025 06:59:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 Jan 2025 06:59:19 GMT
Location: https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Set-Cookie: _subid=376l60ji0d8co; expires=Sat, 08 Feb 2025 06:59:19 GMT; path=/
cdd1a=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NTlcIjoxNzM2MzE5NTU5fSxcImNhbXBhaWduc1wiOntcIjEzMTFcIjoxNzM2MzE5NTU5fSxcInRpbWVcIjoxNzM2MzE5NTU5fSJ9.W1newk11MC1OaHphELIIL9ZNVCu9IRF5BQoo7SqwyUU; expires=Thu, 09 Jan 2025 06:59:19 GMT; path=/
_token=uuid_376l60ji0d8co_376l60ji0d8co677e2247a0c698.04484653; expires=Sat, 08 Feb 2025 06:59:19 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/dbb80ba394719d25-1735554159196.0157f5525bb5ad80.js |  104.18.0.227 | 200 OK | 6.0 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/dbb80ba394719d25-1735554159196.0157f5525bb5ad80.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typegzip compressed data, from Unix Hash5a3987862f225602302e1001637c72cb d01a149e55112bafcb3b61212dd3ecbcfd79997c 31dcf097afb7720083eadf02fc8c18566276ce866fc1cc1b7f5d41544016fb82
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/dbb80ba394719d25-1735554159196.0157f5525bb5ad80.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-3c86"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3533
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de3bc1e56b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/favicon.ico | 104.18.0.227 | 204 No Content | 0 B |
URL GET HTTP/2ipagnamsoodsu.com/favicon.ico IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=80faba02147d45d6908f386b1157b778; syncedCookie=true; oaidts=1736319560
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Wed, 08 Jan 2025 06:59:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fea4de58d9756b7-OSL
X-Firefox-Spdy: h2
|
|
| POST datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=50ade4f0-ea07-4d78-a94d-35334c420513 |  185.49.145.45 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=50ade4f0-ea07-4d78-a94d-35334c420513 IP185.49.145.45:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerSectigo Limited Subjectdatatechonert.com FingerprintED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72 ValidityWed, 11 Dec 2024 00:00:00 GMT - Tue, 23 Dec 2025 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=50ade4f0-ea07-4d78-a94d-35334c420513 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1424
Origin: https://ipagnamsoodsu.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Wed, 08 Jan 2025 06:59:20 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ipagnamsoodsu.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/1c02c3e681ea9f6d-1735554159196-ebf163de3da5e125.js | 104.18.0.227 | 200 OK | 10 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/1c02c3e681ea9f6d-1735554159196-ebf163de3da5e125.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typegzip compressed data, from Unix Hashf047c60b179e229c39b419230870e93e 08e1f89a9496edee63c7b2e908a6c624e998470c 7071fac095a0390c13b3bb922c300806b0e656c08d2a598e09603ac09a3eb57b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1c02c3e681ea9f6d-1735554159196-ebf163de3da5e125.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-682f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b1056b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/b2f7229dcd01aaab-1735554159196-efa9e113cfa48715.js | 104.18.0.227 | 200 OK | 15 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/b2f7229dcd01aaab-1735554159196-efa9e113cfa48715.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typegzip compressed data, from Unix Hash39c8063f5d1ec389cf90f6b8daac5b63 560ffe7e7c9b2ed3df6f71fddf53339cf1ba11a3 3ddd2d7d9e75ab064c54b47066a50dd22901ee85852aa986fbd14c89418c7702
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/b2f7229dcd01aaab-1735554159196-efa9e113cfa48715.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-6f9c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b0c56b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/27da6a71c55717fa-1735554159196.1f230f14e978af7b.js | 104.18.0.227 | 200 OK | 14 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/27da6a71c55717fa-1735554159196.1f230f14e978af7b.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typegzip compressed data, from Unix Hash9fba1a27aeadcac378dc8e6ca0400830 fecad3b4bf50865d2fe06fff79d8e871cb37bc4f 98b73ba8295a52553f33e8f708c410f9ce66740c7239e6a6fd40abe0f5c29598
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/27da6a71c55717fa-1735554159196.1f230f14e978af7b.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-36f1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de27b0656b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/css/0bc0cde260d08b97.css | 104.18.0.227 | 200 OK | 11 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/css/0bc0cde260d08b97.css IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typegzip compressed data, from Unix Hash90b3dfaf0128d70a2173c4714728aa7e a0e3b539695bf7117ef1e27498ea5b2419f0bf9e cec5ef3bccc849008ea072e184fae06e75ec829c0bf63a4b3b563b09ad0d97ec
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: text/css
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de27b0156b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/a464cebd2142d592-1735554159196.4a970f3d0366d83b.js | 104.18.0.227 | 200 OK | 14 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/a464cebd2142d592-1735554159196.4a970f3d0366d83b.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typeJavaScript source, ASCII text, with very long lines (14480), with no line terminators Hashdd812aef8c4fd0feb65fae71c34394d7 47cbf19bb67e01b50a6e1bbb2de6e72a0d3c635a 824c0ad4f3d9a566a5c43d0073c2c375ec6a5366223cce693cc7b8481a7514a7
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/a464cebd2142d592-1735554159196.4a970f3d0366d83b.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-3890"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b0b56b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/1df16f1638bb72b3-1735554159196-0767718f864fdd5f.js | 104.18.0.227 | 200 OK | 44 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/1df16f1638bb72b3-1735554159196-0767718f864fdd5f.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typeJavaScript source, ASCII text, with very long lines (43600), with no line terminators Hash75576c207c94685f082a01c22d9020a1 3b83fb7d8df52e6d7d6ec956738f657ab3db4b69 2ca384c7e458bff915f1a94003361d956e7b0aeffc340df2477f00048bf09f4d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1df16f1638bb72b3-1735554159196-0767718f864fdd5f.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-aa50"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b1656b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_ssgManifest.js | 104.18.0.227 | 200 OK | 160 B |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_ssgManifest.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typeASCII text, with no line terminators Hashec987e535717d417e4c20c3f19741a95 36c65d6370d55851e91e9f1ff1a76751a1140fed 409d2de41a27a5c819fc065c000aa9bdcbb56a5f69595a04fb0db8da10802d2c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/eJa1VYC0vjsRpy2RVncne/_ssgManifest.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-a0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de29b2656b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/265d60a91fd3d6b8-1735554159196.748820502fe4525b.js | 104.18.0.227 | 200 OK | 3.8 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/265d60a91fd3d6b8-1735554159196.748820502fe4525b.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typeJavaScript source, ASCII text, with very long lines (3857), with no line terminators Hash2179efc23a5f8de650f79461e68df75c 2e0131b91732b8510779d23f24d3a83b13b9819a 9fd8e9a18c6109daa8fee036cdfb3cb5fd780ddd17f50731e16be11412b4a816
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/265d60a91fd3d6b8-1735554159196.748820502fe4525b.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-ec3"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3531
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de3bc2256b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP188.114.97.1:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectcdntechone.com FingerprintC4:4A:E2:16:14:70:A8:3C:39:84:67:A6:B3:07:BF:A2:33:7A:6C:EA ValiditySat, 14 Dec 2024 05:16:32 GMT - Fri, 14 Mar 2025 06:15:04 GMT
File typeJavaScript source, ASCII text, with very long lines (15840) Hash80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4724
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujAGORlfOoBQIh7hJex35YQhO3u%2BihlewargOnd0QTC2lXpcrfs0LzryuotDghaVCOUkaSgB%2B2X%2FkBmFyuuXl9wwUKyUx9PUnILC4tuT0bj15Iw0nKHLuKgtk%2F8%2BYupDIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fea4de43cb1712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2213&min_rtt=470&rtt_var=3423&sent=14&recv=12&lost=0&retrans=0&sent_bytes=11618&recv_bytes=1237&delivery_rate=6304789&cwnd=253&unsent_bytes=0&cid=67ee68615c7c3b7c&ts=53&x=0"
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co | 104.18.0.227 | 200 OK | 32 kB |
URL User Request GET HTTP/2ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co IP104.18.0.227:443
CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typeHTML document, ASCII text, with very long lines (25119) Hashaa115c05277f3551636429934a42764d 7b86304dba1f2e8a5449cbd82d1ed9741ddc3925 af5c8f1afba2dbd58be94ed480b5e813da6397ac78a207fd888afe4b8b68d313
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:19 GMT
content-type: text/html
cf-ray: 8fea4de0394a56b7-OSL
cf-cache-status: HIT
age: 120
cache-control: public, max-age=14400
expires: Wed, 08 Jan 2025 10:59:19 GMT
last-modified: Mon, 30 Dec 2024 10:27:41 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_buildManifest.js | 104.18.0.227 | 200 OK | 1.3 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_buildManifest.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typeASCII text, with very long lines (1319), with no line terminators Hashe156deccc0eaa5594fd0a5781b1a9b86 49b12b601faecc5457d0eea02196ca634e0a261a 0f2ebda3ce9b5348647b0f9701f81bc327fb937c95fabbf770a28331e96c1c8f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/eJa1VYC0vjsRpy2RVncne/_buildManifest.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-4e5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de29b2456b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/e349ffdbb65d6c93-1735554159196-660e5b7e2e3b7996.js | 104.18.0.227 | 200 OK | 11 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/e349ffdbb65d6c93-1735554159196-660e5b7e2e3b7996.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typeJavaScript source, ASCII text, with very long lines (10752), with no line terminators Hash35fee35b460cf851bdf3beecb8b35f5a f6af853cbdfb476165846933aada6cc3b1419022 8670480720bc1d26b090cc475660907e07d42ea2dd14cbb860ca04add28ce9cc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/e349ffdbb65d6c93-1735554159196-660e5b7e2e3b7996.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-2a00"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b1d56b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/rotate?var=7045399&b=20281785&rhd=1&btz=UTC&bto=0&zz=7844247%3B7844247%3B7844247&var_3= | 104.18.0.227 | 200 OK | 994 B |
URL GET HTTP/2ipagnamsoodsu.com/rotate?var=7045399&b=20281785&rhd=1&btz=UTC&bto=0&zz=7844247%3B7844247%3B7844247&var_3= IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1013), with no line terminators Hash64ec313b39f48b5a7162b88337e1dd9a 0646167dafcc6eabbfc5ced1530194c16e63e727 5bb3ecd68cc46f53651e91bb96dea5931ea1fe332b983ef7747468306023d52a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /rotate?var=7045399&b=20281785&rhd=1&btz=UTC&bto=0&zz=7844247%3B7844247%3B7844247&var_3= HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: e5facc9669bd01f75ddd60e725110d45
pragma: no-cache
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-origin: https://ipagnamsoodsu.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=80faba02147d45d6908f386b1157b778; expires=Thu, 08 Jan 2026 06:59:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fea4de33bbb56b7-OSL
X-Firefox-Spdy: h2
|
|
| POST ipagnamsoodsu.com/sync-metrics | 104.18.0.227 | 200 OK | 17 B |
URL POST HTTP/2ipagnamsoodsu.com/sync-metrics IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash225f751e75610b98f8b287e79370be3a 9e29d2c966fb36f3d233dfb232be6eeeee8f1341 0b19f26f50f17771f6562e4cf8c7bead37ba5aeeeec7cbfaf2576a6647401569
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 294
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: c93c09cfba93f685753e96d8c8145d82
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fea4de3ec3e56b7-OSL
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/4d859cac5ba89327-1735554159196-7c9f685438bac6d8.js | 104.18.0.227 | 200 OK | 110 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/4d859cac5ba89327-1735554159196-7c9f685438bac6d8.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size110 kB (109702 bytes) Hashfa92e582b2c89be329fbc8ac7170c6ac bf03008752166780239d14094615f3d6f01d52ac fadd974a6921e24c69b0f37ad3cdc0f67424923522f2102b988fe11ec99a763f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4d859cac5ba89327-1735554159196-7c9f685438bac6d8.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-1ac86"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b1356b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/ac5595402e335eea-1735554159196.3cfdc57f0372e5e9.js | 104.18.0.227 | 200 OK | 7.0 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/ac5595402e335eea-1735554159196.3cfdc57f0372e5e9.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typeJavaScript source, ASCII text, with very long lines (7133), with no line terminators Hash309061ab74ca638f460078aad0676d38 469e0bfe32600b6b32af0def65a0c2c0d7ec7fc3 95b40ce23cb442d3ed6f0ec23e0a460e294e130a98be2dc84a20a8220dbd97be
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/ac5595402e335eea-1735554159196.3cfdc57f0372e5e9.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-1b79"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3533
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de3ac1756b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/f11a4c032471831f-1735554159196-df6b842f2183863b.js | 104.18.0.227 | 200 OK | 58 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/f11a4c032471831f-1735554159196-df6b842f2183863b.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typeJavaScript source, ASCII text, with very long lines (58038), with no line terminators Hashe30aa1c7e2e30e9983180dfaf2d4c5d3 b00507e6b353c718ab14283e3ac4778523d1b1d3 302840c70f64357290311c1c1605a9492c8a44c8d5e0a1a04693badfbb15cf04
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/f11a4c032471831f-1735554159196-df6b842f2183863b.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-e2b6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b2056b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/track-impression-applab?z=7045399&b=20281785&ymid=376l60ji0d8co&var=&os_version= | 104.18.0.227 | 200 OK | 250 B |
URL GET HTTP/2ipagnamsoodsu.com/track-impression-applab?z=7045399&b=20281785&ymid=376l60ji0d8co&var=&os_version= IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash447ce224a3ae652aaab880beebbbd87a ed0a7ce86f39be38847d16167b423c2fb46359a3 65f8209225e1bd078d7f7fa7da9cf531e6d49b3a06e4066c06724bde61ad30e9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /track-impression-applab?z=7045399&b=20281785&ymid=376l60ji0d8co&var=&os_version= HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=pa4qppdrar2h5s5kjc9pf112ww689jw; syncedCookie=true; oaidts=1736319560
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: d5f2bbf92e79bdf804df377d2f016965
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fea4de51d2d56b7-OSL
X-Firefox-Spdy: h2
|
|
| GET ipagnamsoodsu.com/_next/static/chunks/3cacc58ea516fe6f-1735554159196.4d666b3ce7dcd66f.js | 104.18.0.227 | 200 OK | 30 kB |
URL GET HTTP/2ipagnamsoodsu.com/_next/static/chunks/3cacc58ea516fe6f-1735554159196.4d666b3ce7dcd66f.js IP104.18.0.227:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectipagnamsoodsu.com Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7 ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT
File typeJavaScript source, ASCII text, with very long lines (30035), with no line terminators Hash0e650c6fbdbaea01c64c59f71ecbe089 75d3aef97713ed867eb35e87cb91d4a6ad74ac3b 08800a958ef86e09d5001801f2f8645ae0a14002a8610f38a883b747e73cb544
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3cacc58ea516fe6f-1735554159196.4d666b3ce7dcd66f.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-7553"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de27b0456b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| GET my.rtmark.net/gid.js?userId=pa4qppdrar2h5s5kjc9pf112ww689jw | 188.114.96.1 | 200 OK | 64 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=pa4qppdrar2h5s5kjc9pf112ww689jw IP188.114.96.1:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectmy.rtmark.net Fingerprint56:7F:53:10:57:2F:C3:F4:06:8B:DB:2F:C1:F7:6A:1D:68:59:14:3F ValiditySat, 04 Jan 2025 10:02:11 GMT - Fri, 04 Apr 2025 11:00:33 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashebfdefcc3ce5674feec9fc457002b0e1 9c6143ef9118d2e4dd07bad327712260eb240665 d9da486b8b722a8d75911542380160778d982fa8de810d81a15989ab898d419d
GET /gid.js?userId=pa4qppdrar2h5s5kjc9pf112ww689jw HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipagnamsoodsu.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ipagnamsoodsu.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=pa4qppdrar2h5s5kjc9pf112ww689jw; expires=Thu, 08 Jan 2026 06:59:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtGPxrhP0h3CPy45TwXA76I5ZsLZqFdDBwdlufJ%2B1bFo4zxDfVfHjpWxAU%2BJ1%2Bszftq5UsFCXkYpxkRSUNVeBGjxXUhY1sLuExLGpSVkeMw6lqiNK7BkLjtXfpLEmx%2FB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fea4de3eb7656c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=528&min_rtt=508&rtt_var=76&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3205&recv_bytes=1088&delivery_rate=8059369&cwnd=254&unsent_bytes=0&cid=76be5e74fbeca0c2&ts=53&x=0"
X-Firefox-Spdy: h2
|
|
| GET cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP188.114.97.1:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectcdntechone.com FingerprintC4:4A:E2:16:14:70:A8:3C:39:84:67:A6:B3:07:BF:A2:33:7A:6C:EA ValiditySat, 14 Dec 2024 05:16:32 GMT - Fri, 14 Mar 2025 06:15:04 GMT
File typeJavaScript source, ASCII text, with very long lines (15840) Hash80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4724
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jMO0%2FksC9aQ2lFCIeN%2Bitmj%2FoJz9k6RMB5t91a75l6Sp4%2FA3uCpoeyw4izDXy%2Bj2v053WEDy9vxGGRGfSduspP3fHVCRK953ZQ9krkNzbl8C%2Bwax0GlvET%2FQ9t9T%2BF%2Bk3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fea4de41c99712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=675&min_rtt=470&rtt_var=461&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3280&recv_bytes=1164&delivery_rate=6304789&cwnd=253&unsent_bytes=0&cid=67ee68615c7c3b7c&ts=37&x=0"
X-Firefox-Spdy: h2
|
|
| GET cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3cdntechone.com/stattag.js IP188.114.97.1:443
Requested byhttps://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co CertificateIssuerGoogle Trust Services Subjectcdntechone.com FingerprintC4:4A:E2:16:14:70:A8:3C:39:84:67:A6:B3:07:BF:A2:33:7A:6C:EA ValiditySat, 14 Dec 2024 05:16:32 GMT - Fri, 14 Mar 2025 06:15:04 GMT
File typeJavaScript source, ASCII text, with very long lines (15840) Hash80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4724
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUkkVpawz5Fbgq94p4vAkse1AMkRc6YxFosY3wtB5gmNSa%2BVIXOknm5v4Wz0TU1uXN5CMOQtfLdPMxTn924%2BwIJLaTXfss3CSnkxQQqoooPiC3%2BTRBgm585vTVf3rWC5ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fea4de51f80b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4160&min_rtt=4093&rtt_var=1668&sent=16&recv=10&lost=0&retrans=0&sent_bytes=4283&recv_bytes=1242&delivery_rate=126379&cwnd=12000&unsent_bytes=0&cid=044433abb8587a8b&ts=84&x=1", cfExtPri, cfHdrFlush;dur=0
|
|