Report - download-download.store/dL8r8DWs

Report Overview

Visited public
2025-01-08 06:59:45
Tags
URL
download-download.store/dL8r8DWs
Finishing URL
ipagnamsoodsu.com/please-confirm/720/13649?z=7045399&b=20281785&var=&ymid=376l60ji0d8co&s=900751344978899823&is_sub_id_from_marker=true
IP / ASN
45.147.176.33
#198610 Beget LLC
Title
A Single Page, Endless Inspiration

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
datatechonert.com	46154	2021-12-24	2021-12-24	2025-01-04	541 B	484 B	185.49.145.45
cdntechone.com	64371	2021-12-24	2021-12-24	2025-01-04	1.1 kB	53 kB	188.114.97.1
my.rtmark.net	9054	2014-10-29	2015-02-04	2025-01-01	431 B	1.4 kB	188.114.96.1
download-download.store	unknown	2024-12-16	2025-01-06	2025-01-06	486 B	872 B	45.147.176.33
ipagnamsoodsu.com	unknown	2024-11-05	2024-12-20	2025-01-04	8.9 kB	379 kB	104.18.0.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-07	medium	download-download.store	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed
2025-01-07	medium	ipagnamsoodsu.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co	57 B	2024-11-08 15:40	2025-02-06 06:35
Pretty URL ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-08 15:40 Last Seen2025-02-06 06:35 Times Seen4039 Hash 5f20dadfa6c65e87a6f3ba9a64111a9f ce907e2c96765332a6f202c630d8f0579fd5b79e 8a55ffd3a9013ed6bbb3354b1c20e08c378782a734e0ec8d94db9991888a9043 Loading...

	ipagnamsoodsu.com/_next/static/chunks/a464cebd2142d592-1735554159196.4a970f3d0366d83b.js	14 kB	2024-12-14 07:36	2025-01-08 10:01
Pretty URL ipagnamsoodsu.com/_next/static/chunks/a464cebd2142d592-1735554159196.4a970f3d0366d83b.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-14 07:36 Last Seen2025-01-08 10:01 Times Seen84 Hash dd812aef8c4fd0feb65fae71c34394d7 47cbf19bb67e01b50a6e1bbb2de6e72a0d3c635a 824c0ad4f3d9a566a5c43d0073c2c375ec6a5366223cce693cc7b8481a7514a7 Loading...

	ipagnamsoodsu.com/_next/static/chunks/1df16f1638bb72b3-1735554159196-0767718f864fdd5f.js	44 kB	2024-12-30 11:34	2025-01-08 10:01
Pretty URL ipagnamsoodsu.com/_next/static/chunks/1df16f1638bb72b3-1735554159196-0767718f864fdd5f.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-30 11:34 Last Seen2025-01-08 10:01 Times Seen442 Hash 75576c207c94685f082a01c22d9020a1 3b83fb7d8df52e6d7d6ec956738f657ab3db4b69 2ca384c7e458bff915f1a94003361d956e7b0aeffc340df2477f00048bf09f4d Loading...

	cdntechone.com/stattag.js	16 kB	2024-07-11 14:08	2025-02-23 22:56
Pretty URL cdntechone.com/stattag.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-11 14:08 Last Seen2025-02-23 22:56 Times Seen4984 Hash 80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251 Loading...

	ipagnamsoodsu.com/_next/static/chunks/4d859cac5ba89327-1735554159196-7c9f685438bac6d8.js	110 kB	2024-12-12 15:49	2025-02-23 07:37
Pretty URL ipagnamsoodsu.com/_next/static/chunks/4d859cac5ba89327-1735554159196-7c9f685438bac6d8.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-02-23 07:37 Times Seen3710 Hash fa92e582b2c89be329fbc8ac7170c6ac bf03008752166780239d14094615f3d6f01d52ac fadd974a6921e24c69b0f37ad3cdc0f67424923522f2102b988fe11ec99a763f Loading...

	ipagnamsoodsu.com/_next/static/chunks/e349ffdbb65d6c93-1735554159196-660e5b7e2e3b7996.js	11 kB	2024-12-12 15:49	2025-02-23 09:08
Pretty URL ipagnamsoodsu.com/_next/static/chunks/e349ffdbb65d6c93-1735554159196-660e5b7e2e3b7996.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-02-23 09:08 Times Seen1235 Hash 35fee35b460cf851bdf3beecb8b35f5a f6af853cbdfb476165846933aada6cc3b1419022 8670480720bc1d26b090cc475660907e07d42ea2dd14cbb860ca04add28ce9cc Loading...

	ipagnamsoodsu.com/_next/static/chunks/265d60a91fd3d6b8-1735554159196.748820502fe4525b.js	3.8 kB	2024-12-12 15:49	2025-01-08 10:01
Pretty URL ipagnamsoodsu.com/_next/static/chunks/265d60a91fd3d6b8-1735554159196.748820502fe4525b.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-01-08 10:01 Times Seen1022 Hash 46900b66e876de517a3f8a42da508506 e1d252b2dbe22ee02fc4003d00b792009386c701 a8e5253c00f250e260197f5a4d5ffef49f1538e2d44fb5f493e8e40fb79b4307 Loading...

	ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co	1.6 kB	2024-12-20 17:59	2025-01-22 06:52
Pretty URL ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-20 17:59 Last Seen2025-01-22 06:52 Times Seen36 Hash 3016c3b28829417ac1118bebf3bcbc59 20b830ba2d7aa14b94ba8dffd59e38a5757a2cfc 28ec9fe454575da7f940df750b05e1e5a657be350a5d9b90d355efe7b3d98590 Loading...

	ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co	1.9 kB	2024-11-08 15:12	2025-02-23 07:37
Pretty URL ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-08 15:12 Last Seen2025-02-23 07:37 Times Seen4215 Hash 09851c9ecbfed34957566907c59d1855 988103bc346a45ef275aa2df5f8b0bb252996239 a4d230332f15781164cd54ef61717b7b237c054644c222e4913e89ed6823f025 Loading...

	ipagnamsoodsu.com/_next/static/chunks/f11a4c032471831f-1735554159196-df6b842f2183863b.js	58 kB	2024-12-30 11:34	2025-01-10 09:21
Pretty URL ipagnamsoodsu.com/_next/static/chunks/f11a4c032471831f-1735554159196-df6b842f2183863b.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-30 11:34 Last Seen2025-01-10 09:21 Times Seen282 Hash e30aa1c7e2e30e9983180dfaf2d4c5d3 b00507e6b353c718ab14283e3ac4778523d1b1d3 302840c70f64357290311c1c1605a9492c8a44c8d5e0a1a04693badfbb15cf04 Loading...

	ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_ssgManifest.js	160 B	2024-10-31 10:31	2025-02-23 07:37
Pretty URL ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_ssgManifest.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-31 10:31 Last Seen2025-02-23 07:37 Times Seen4198 Hash d7c1624b8c3c5724789430e3ee0f99cd f537b81dfb15b4b4c8c48edb112ca607563ae8e0 3064462069623e8ee6a6f553b03b85af446f6a83797c5b7df5ab4745b3e7dac1 Loading...

	ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_buildManifest.js	1.3 kB	2024-12-30 11:34	2025-01-08 10:01
Pretty URL ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_buildManifest.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-30 11:34 Last Seen2025-01-08 10:01 Times Seen439 Hash 40ec39789396a5cacb035bf323f169b9 facb499db94869638d8ad0c3a069ff04af999ad1 5e29d37447cb2c03931877c2a93e8cf29390097fd3800d6e2e748f7443efcb45 Loading...

	ipagnamsoodsu.com/_next/static/chunks/ac5595402e335eea-1735554159196.3cfdc57f0372e5e9.js	7.0 kB	2024-12-12 15:49	2025-02-12 10:16
Pretty URL ipagnamsoodsu.com/_next/static/chunks/ac5595402e335eea-1735554159196.3cfdc57f0372e5e9.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-02-12 10:16 Times Seen1187 Hash 0423e9f04482fb5515f7847ead11974c 0c68534f158d022aa558877a2822591ccad45a05 5aee159618a68108c36f251495310ddd1380c4c9055c727b8b723c297a113f67 Loading...

	ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co	20 kB	2024-12-14 07:36	2025-01-21 10:25
Pretty URL ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-14 07:36 Last Seen2025-01-21 10:25 Times Seen426 Hash c6f08da2486f52670b916356f4d1bcc5 c889fda527682123489766d1fb43fb6f237cc694 a46b8123be415c9c01c6e6c92e36b54649230c64b1ea13d19862cf345ac002cd Loading...

	ipagnamsoodsu.com/_next/static/chunks/3cacc58ea516fe6f-1735554159196.4d666b3ce7dcd66f.js	30 kB	2024-12-12 15:49	2025-02-23 09:08
Pretty URL ipagnamsoodsu.com/_next/static/chunks/3cacc58ea516fe6f-1735554159196.4d666b3ce7dcd66f.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-02-23 09:08 Times Seen3687 Hash 0e650c6fbdbaea01c64c59f71ecbe089 75d3aef97713ed867eb35e87cb91d4a6ad74ac3b 08800a958ef86e09d5001801f2f8645ae0a14002a8610f38a883b747e73cb544 Loading...

	ipagnamsoodsu.com/_next/static/chunks/27da6a71c55717fa-1735554159196.1f230f14e978af7b.js	14 kB	2024-12-26 11:23	2025-01-20 04:08
Pretty URL ipagnamsoodsu.com/_next/static/chunks/27da6a71c55717fa-1735554159196.1f230f14e978af7b.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-26 11:23 Last Seen2025-01-20 04:08 Times Seen639 Hash f45de52b71ffbaab0af7b835959fe830 7044c236f92eb3e1732adfeb4ba7e9607204edf3 025e230cdbe76d6d9bdac4b557c17599f9eb0a519bc7f7ffc216e44afcd37dc2 Loading...

	ipagnamsoodsu.com/_next/static/chunks/b2f7229dcd01aaab-1735554159196-efa9e113cfa48715.js	29 kB	2024-12-30 11:34	2025-01-08 10:01
Pretty URL ipagnamsoodsu.com/_next/static/chunks/b2f7229dcd01aaab-1735554159196-efa9e113cfa48715.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-30 11:34 Last Seen2025-01-08 10:01 Times Seen441 Hash 910daf3316e1b27a64b9d641cc7d5d50 1cb1cf20f4be5eb785eec53fba9d41862b7f8b10 d2be94395a6a87478a4eebf5c59b2654d6f3a021ceb155009a3fdda6ad1d10df Loading...

	ipagnamsoodsu.com/_next/static/chunks/1c02c3e681ea9f6d-1735554159196-ebf163de3da5e125.js	27 kB	2024-12-12 15:49	2025-02-23 09:08
Pretty URL ipagnamsoodsu.com/_next/static/chunks/1c02c3e681ea9f6d-1735554159196-ebf163de3da5e125.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-02-23 09:08 Times Seen3705 Hash 46319da25b781d320119bb919f754f17 f469c209ac6ece789afc95873888de04b0268eea 99199d4c9b8e1653af1ea901b3f856fe9537a6ff869abad68ca5c5f8d253eda5 Loading...

	ipagnamsoodsu.com/_next/static/chunks/dbb80ba394719d25-1735554159196.0157f5525bb5ad80.js	16 kB	2024-12-12 15:49	2025-02-20 14:49
Pretty URL ipagnamsoodsu.com/_next/static/chunks/dbb80ba394719d25-1735554159196.0157f5525bb5ad80.js IP 104.18.0.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-02-20 14:49 Times Seen1172 Hash 246c62a01ca76c5e64b7879c01635219 faa25c8618c4adc07d9e2619aa386782d21e2c7a e0e4a9f620af9b0283ad84377bfedc59ec8091dbed06d8f32f37a59d0cb30721 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6c2875f1a9aa4e7aea000433b300f345	17 B	2024-12-03 18:23	2025-02-23 22:56
Pretty Observations First Seen2024-12-03 18:23 Last Seen2025-02-23 22:56 Times Seen1616 Hash 6c2875f1a9aa4e7aea000433b300f345 19ada7d0dfde6c8f5e91f79429fedb4c7c2c07e8 faff5a60a2c4aa315bd6d15ef5da1b81098a7b034d3a76acb8fcfffdce74153f Loading...

HTTP Transactions (26)

URL IP Response Size

download-download.store/dL8r8DWs

45.147.176.33

302 Found

0 B

URL User Request GET HTTP/1.1
download-download.store/dL8r8DWs
IP
45.147.176.33:443
ASN
#198610 Beget LLC

Certificate
IssuerLet's Encrypt
Subjectdownload-download.store
Fingerprint6C:88:E8:78:89:69:E8:65:F0:BA:9B:E3:0C:AF:E5:F3:8D:C9:6E:1F
ValidityMon, 16 Dec 2024 09:03:15 GMT - Sun, 16 Mar 2025 09:03:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dL8r8DWs HTTP/1.1
Host: download-download.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 Jan 2025 06:59:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Wed, 08 Jan 2025 06:59:19 GMT
Location: https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Set-Cookie: _subid=376l60ji0d8co; expires=Sat, 08 Feb 2025 06:59:19 GMT; path=/
cdd1a=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NTlcIjoxNzM2MzE5NTU5fSxcImNhbXBhaWduc1wiOntcIjEzMTFcIjoxNzM2MzE5NTU5fSxcInRpbWVcIjoxNzM2MzE5NTU5fSJ9.W1newk11MC1OaHphELIIL9ZNVCu9IRF5BQoo7SqwyUU; expires=Thu, 09 Jan 2025 06:59:19 GMT; path=/
_token=uuid_376l60ji0d8co_376l60ji0d8co677e2247a0c698.04484653; expires=Sat, 08 Feb 2025 06:59:19 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

ipagnamsoodsu.com/_next/static/chunks/dbb80ba394719d25-1735554159196.0157f5525bb5ad80.js

104.18.0.227

200 OK

6.0 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/dbb80ba394719d25-1735554159196.0157f5525bb5ad80.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
gzip compressed data, from Unix
Size
6.0 kB (5965 bytes)
Hash
5a3987862f225602302e1001637c72cb
d01a149e55112bafcb3b61212dd3ecbcfd79997c
31dcf097afb7720083eadf02fc8c18566276ce866fc1cc1b7f5d41544016fb82

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/dbb80ba394719d25-1735554159196.0157f5525bb5ad80.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-3c86"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3533
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de3bc1e56b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/favicon.ico

104.18.0.227

204 No Content

0 B

URL GET HTTP/2
ipagnamsoodsu.com/favicon.ico
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=80faba02147d45d6908f386b1157b778; syncedCookie=true; oaidts=1736319560
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Wed, 08 Jan 2025 06:59:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fea4de58d9756b7-OSL
X-Firefox-Spdy: h2

datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=50ade4f0-ea07-4d78-a94d-35334c420513

185.49.145.45

200 OK

12 B

URL POST HTTP/1.1
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=50ade4f0-ea07-4d78-a94d-35334c420513
IP
185.49.145.45:443
ASN
#35415 Webzilla B.V.

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerSectigo Limited
Subjectdatatechonert.com
FingerprintED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72
ValidityWed, 11 Dec 2024 00:00:00 GMT - Tue, 23 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=50ade4f0-ea07-4d78-a94d-35334c420513 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1424
Origin: https://ipagnamsoodsu.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Wed, 08 Jan 2025 06:59:20 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ipagnamsoodsu.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

ipagnamsoodsu.com/_next/static/chunks/1c02c3e681ea9f6d-1735554159196-ebf163de3da5e125.js

104.18.0.227

200 OK

10 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/1c02c3e681ea9f6d-1735554159196-ebf163de3da5e125.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
gzip compressed data, from Unix
Size
10 kB (10252 bytes)
Hash
f047c60b179e229c39b419230870e93e
08e1f89a9496edee63c7b2e908a6c624e998470c
7071fac095a0390c13b3bb922c300806b0e656c08d2a598e09603ac09a3eb57b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/1c02c3e681ea9f6d-1735554159196-ebf163de3da5e125.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-682f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b1056b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/chunks/b2f7229dcd01aaab-1735554159196-efa9e113cfa48715.js

104.18.0.227

200 OK

15 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/b2f7229dcd01aaab-1735554159196-efa9e113cfa48715.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
gzip compressed data, from Unix
Size
15 kB (15384 bytes)
Hash
39c8063f5d1ec389cf90f6b8daac5b63
560ffe7e7c9b2ed3df6f71fddf53339cf1ba11a3
3ddd2d7d9e75ab064c54b47066a50dd22901ee85852aa986fbd14c89418c7702

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/b2f7229dcd01aaab-1735554159196-efa9e113cfa48715.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-6f9c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b0c56b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/chunks/27da6a71c55717fa-1735554159196.1f230f14e978af7b.js

104.18.0.227

200 OK

14 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/27da6a71c55717fa-1735554159196.1f230f14e978af7b.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
gzip compressed data, from Unix
Size
14 kB (13692 bytes)
Hash
9fba1a27aeadcac378dc8e6ca0400830
fecad3b4bf50865d2fe06fff79d8e871cb37bc4f
98b73ba8295a52553f33e8f708c410f9ce66740c7239e6a6fd40abe0f5c29598

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/27da6a71c55717fa-1735554159196.1f230f14e978af7b.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-36f1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de27b0656b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/css/0bc0cde260d08b97.css

104.18.0.227

200 OK

11 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/css/0bc0cde260d08b97.css
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
gzip compressed data, from Unix
Size
11 kB (10684 bytes)
Hash
90b3dfaf0128d70a2173c4714728aa7e
a0e3b539695bf7117ef1e27498ea5b2419f0bf9e
cec5ef3bccc849008ea072e184fae06e75ec829c0bf63a4b3b563b09ad0d97ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: text/css
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de27b0156b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/chunks/a464cebd2142d592-1735554159196.4a970f3d0366d83b.js

104.18.0.227

200 OK

14 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/a464cebd2142d592-1735554159196.4a970f3d0366d83b.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
JavaScript source, ASCII text, with very long lines (14480), with no line terminators
Size
14 kB (14480 bytes)
Hash
dd812aef8c4fd0feb65fae71c34394d7
47cbf19bb67e01b50a6e1bbb2de6e72a0d3c635a
824c0ad4f3d9a566a5c43d0073c2c375ec6a5366223cce693cc7b8481a7514a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/a464cebd2142d592-1735554159196.4a970f3d0366d83b.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-3890"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b0b56b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/chunks/1df16f1638bb72b3-1735554159196-0767718f864fdd5f.js

104.18.0.227

200 OK

44 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/1df16f1638bb72b3-1735554159196-0767718f864fdd5f.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
JavaScript source, ASCII text, with very long lines (43600), with no line terminators
Size
44 kB (43600 bytes)
Hash
75576c207c94685f082a01c22d9020a1
3b83fb7d8df52e6d7d6ec956738f657ab3db4b69
2ca384c7e458bff915f1a94003361d956e7b0aeffc340df2477f00048bf09f4d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/1df16f1638bb72b3-1735554159196-0767718f864fdd5f.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-aa50"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b1656b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_ssgManifest.js

104.18.0.227

200 OK

160 B

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_ssgManifest.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
ASCII text, with no line terminators
Size
160 B (160 bytes)
Hash
ec987e535717d417e4c20c3f19741a95
36c65d6370d55851e91e9f1ff1a76751a1140fed
409d2de41a27a5c819fc065c000aa9bdcbb56a5f69595a04fb0db8da10802d2c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/eJa1VYC0vjsRpy2RVncne/_ssgManifest.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-a0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de29b2656b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/chunks/265d60a91fd3d6b8-1735554159196.748820502fe4525b.js

104.18.0.227

200 OK

3.8 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/265d60a91fd3d6b8-1735554159196.748820502fe4525b.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
JavaScript source, ASCII text, with very long lines (3857), with no line terminators
Size
3.8 kB (3779 bytes)
Hash
2179efc23a5f8de650f79461e68df75c
2e0131b91732b8510779d23f24d3a83b13b9819a
9fd8e9a18c6109daa8fee036cdfb3cb5fd780ddd17f50731e16be11412b4a816

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/265d60a91fd3d6b8-1735554159196.748820502fe4525b.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-ec3"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3531
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de3bc2256b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

188.114.97.1

200 OK

16 kB

URL GET HTTP/2
cdntechone.com/stattag.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectcdntechone.com
FingerprintC4:4A:E2:16:14:70:A8:3C:39:84:67:A6:B3:07:BF:A2:33:7A:6C:EA
ValiditySat, 14 Dec 2024 05:16:32 GMT - Fri, 14 Mar 2025 06:15:04 GMT

File type
JavaScript source, ASCII text, with very long lines (15840)
Size
16 kB (16490 bytes)
Hash
80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4724
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujAGORlfOoBQIh7hJex35YQhO3u%2BihlewargOnd0QTC2lXpcrfs0LzryuotDghaVCOUkaSgB%2B2X%2FkBmFyuuXl9wwUKyUx9PUnILC4tuT0bj15Iw0nKHLuKgtk%2F8%2BYupDIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fea4de43cb1712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2213&min_rtt=470&rtt_var=3423&sent=14&recv=12&lost=0&retrans=0&sent_bytes=11618&recv_bytes=1237&delivery_rate=6304789&cwnd=253&unsent_bytes=0&cid=67ee68615c7c3b7c&ts=53&x=0"
X-Firefox-Spdy: h2

ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co

104.18.0.227

200 OK

32 kB

URL User Request GET HTTP/2
ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
HTML document, ASCII text, with very long lines (25119)
Size
32 kB (32436 bytes)
Hash
aa115c05277f3551636429934a42764d
7b86304dba1f2e8a5449cbd82d1ed9741ddc3925
af5c8f1afba2dbd58be94ed480b5e813da6397ac78a207fd888afe4b8b68d313

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:19 GMT
content-type: text/html
cf-ray: 8fea4de0394a56b7-OSL
cf-cache-status: HIT
age: 120
cache-control: public, max-age=14400
expires: Wed, 08 Jan 2025 10:59:19 GMT
last-modified: Mon, 30 Dec 2024 10:27:41 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_buildManifest.js

104.18.0.227

200 OK

1.3 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/eJa1VYC0vjsRpy2RVncne/_buildManifest.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
ASCII text, with very long lines (1319), with no line terminators
Size
1.3 kB (1253 bytes)
Hash
e156deccc0eaa5594fd0a5781b1a9b86
49b12b601faecc5457d0eea02196ca634e0a261a
0f2ebda3ce9b5348647b0f9701f81bc327fb937c95fabbf770a28331e96c1c8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/eJa1VYC0vjsRpy2RVncne/_buildManifest.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-4e5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de29b2456b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/chunks/e349ffdbb65d6c93-1735554159196-660e5b7e2e3b7996.js

104.18.0.227

200 OK

11 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/e349ffdbb65d6c93-1735554159196-660e5b7e2e3b7996.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
JavaScript source, ASCII text, with very long lines (10752), with no line terminators
Size
11 kB (10752 bytes)
Hash
35fee35b460cf851bdf3beecb8b35f5a
f6af853cbdfb476165846933aada6cc3b1419022
8670480720bc1d26b090cc475660907e07d42ea2dd14cbb860ca04add28ce9cc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/e349ffdbb65d6c93-1735554159196-660e5b7e2e3b7996.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-2a00"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b1d56b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/rotate?var=7045399&b=20281785&rhd=1&btz=UTC&bto=0&zz=7844247%3B7844247%3B7844247&var_3=

104.18.0.227

200 OK

994 B

URL GET HTTP/2
ipagnamsoodsu.com/rotate?var=7045399&b=20281785&rhd=1&btz=UTC&bto=0&zz=7844247%3B7844247%3B7844247&var_3=
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1013), with no line terminators
Size
994 B (994 bytes)
Hash
64ec313b39f48b5a7162b88337e1dd9a
0646167dafcc6eabbfc5ced1530194c16e63e727
5bb3ecd68cc46f53651e91bb96dea5931ea1fe332b983ef7747468306023d52a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rotate?var=7045399&b=20281785&rhd=1&btz=UTC&bto=0&zz=7844247%3B7844247%3B7844247&var_3= HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: e5facc9669bd01f75ddd60e725110d45
pragma: no-cache
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-origin: https://ipagnamsoodsu.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=80faba02147d45d6908f386b1157b778; expires=Thu, 08 Jan 2026 06:59:20 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fea4de33bbb56b7-OSL
X-Firefox-Spdy: h2

ipagnamsoodsu.com/sync-metrics

104.18.0.227

200 OK

17 B

URL POST HTTP/2
ipagnamsoodsu.com/sync-metrics
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
17 B (17 bytes)
Hash
225f751e75610b98f8b287e79370be3a
9e29d2c966fb36f3d233dfb232be6eeeee8f1341
0b19f26f50f17771f6562e4cf8c7bead37ba5aeeeec7cbfaf2576a6647401569

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /sync-metrics HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 294
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: c93c09cfba93f685753e96d8c8145d82
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fea4de3ec3e56b7-OSL
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/chunks/4d859cac5ba89327-1735554159196-7c9f685438bac6d8.js

104.18.0.227

200 OK

110 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/4d859cac5ba89327-1735554159196-7c9f685438bac6d8.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
110 kB (109702 bytes)
Hash
fa92e582b2c89be329fbc8ac7170c6ac
bf03008752166780239d14094615f3d6f01d52ac
fadd974a6921e24c69b0f37ad3cdc0f67424923522f2102b988fe11ec99a763f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4d859cac5ba89327-1735554159196-7c9f685438bac6d8.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-1ac86"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b1356b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/chunks/ac5595402e335eea-1735554159196.3cfdc57f0372e5e9.js

104.18.0.227

200 OK

7.0 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/ac5595402e335eea-1735554159196.3cfdc57f0372e5e9.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
JavaScript source, ASCII text, with very long lines (7133), with no line terminators
Size
7.0 kB (7033 bytes)
Hash
309061ab74ca638f460078aad0676d38
469e0bfe32600b6b32af0def65a0c2c0d7ec7fc3
95b40ce23cb442d3ed6f0ec23e0a460e294e130a98be2dc84a20a8220dbd97be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/ac5595402e335eea-1735554159196.3cfdc57f0372e5e9.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-1b79"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3533
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de3ac1756b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/chunks/f11a4c032471831f-1735554159196-df6b842f2183863b.js

104.18.0.227

200 OK

58 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/f11a4c032471831f-1735554159196-df6b842f2183863b.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
JavaScript source, ASCII text, with very long lines (58038), with no line terminators
Size
58 kB (58038 bytes)
Hash
e30aa1c7e2e30e9983180dfaf2d4c5d3
b00507e6b353c718ab14283e3ac4778523d1b1d3
302840c70f64357290311c1c1605a9492c8a44c8d5e0a1a04693badfbb15cf04

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/f11a4c032471831f-1735554159196-df6b842f2183863b.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-e2b6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de28b2056b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ipagnamsoodsu.com/track-impression-applab?z=7045399&b=20281785&ymid=376l60ji0d8co&var=&os_version=

104.18.0.227

200 OK

250 B

URL GET HTTP/2
ipagnamsoodsu.com/track-impression-applab?z=7045399&b=20281785&ymid=376l60ji0d8co&var=&os_version=
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
250 B (250 bytes)
Hash
447ce224a3ae652aaab880beebbbd87a
ed0a7ce86f39be38847d16167b423c2fb46359a3
65f8209225e1bd078d7f7fa7da9cf531e6d49b3a06e4066c06724bde61ad30e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /track-impression-applab?z=7045399&b=20281785&ymid=376l60ji0d8co&var=&os_version= HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=pa4qppdrar2h5s5kjc9pf112ww689jw; syncedCookie=true; oaidts=1736319560
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: d5f2bbf92e79bdf804df377d2f016965
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8fea4de51d2d56b7-OSL
X-Firefox-Spdy: h2

ipagnamsoodsu.com/_next/static/chunks/3cacc58ea516fe6f-1735554159196.4d666b3ce7dcd66f.js

104.18.0.227

200 OK

30 kB

URL GET HTTP/2
ipagnamsoodsu.com/_next/static/chunks/3cacc58ea516fe6f-1735554159196.4d666b3ce7dcd66f.js
IP
104.18.0.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectipagnamsoodsu.com
Fingerprint3D:15:3E:00:D3:03:E6:87:6E:CF:18:E4:B7:85:6E:F6:70:B5:76:F7
ValidityTue, 12 Nov 2024 13:19:13 GMT - Mon, 10 Feb 2025 14:19:07 GMT

File type
JavaScript source, ASCII text, with very long lines (30035), with no line terminators
Size
30 kB (30035 bytes)
Hash
0e650c6fbdbaea01c64c59f71ecbe089
75d3aef97713ed867eb35e87cb91d4a6ad74ac3b
08800a958ef86e09d5001801f2f8645ae0a14002a8610f38a883b747e73cb544

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3cacc58ea516fe6f-1735554159196.4d666b3ce7dcd66f.js HTTP/1.1
Host: ipagnamsoodsu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Mon, 30 Dec 2024 10:27:34 GMT
vary: Accept-Encoding
etag: W/"67727596-7553"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3563
expires: Wed, 08 Jan 2025 10:59:20 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 8fea4de27b0456b7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=pa4qppdrar2h5s5kjc9pf112ww689jw

188.114.96.1

200 OK

64 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=pa4qppdrar2h5s5kjc9pf112ww689jw
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint56:7F:53:10:57:2F:C3:F4:06:8B:DB:2F:C1:F7:6A:1D:68:59:14:3F
ValiditySat, 04 Jan 2025 10:02:11 GMT - Fri, 04 Apr 2025 11:00:33 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
64 B (64 bytes)
Hash
ebfdefcc3ce5674feec9fc457002b0e1
9c6143ef9118d2e4dd07bad327712260eb240665
d9da486b8b722a8d75911542380160778d982fa8de810d81a15989ab898d419d

HTTP Headers

GET /gid.js?userId=pa4qppdrar2h5s5kjc9pf112ww689jw HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ipagnamsoodsu.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ipagnamsoodsu.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=pa4qppdrar2h5s5kjc9pf112ww689jw; expires=Thu, 08 Jan 2026 06:59:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtGPxrhP0h3CPy45TwXA76I5ZsLZqFdDBwdlufJ%2B1bFo4zxDfVfHjpWxAU%2BJ1%2Bszftq5UsFCXkYpxkRSUNVeBGjxXUhY1sLuExLGpSVkeMw6lqiNK7BkLjtXfpLEmx%2FB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fea4de3eb7656c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=528&min_rtt=508&rtt_var=76&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3205&recv_bytes=1088&delivery_rate=8059369&cwnd=254&unsent_bytes=0&cid=76be5e74fbeca0c2&ts=53&x=0"
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

188.114.97.1

200 OK

16 kB

URL GET HTTP/2
cdntechone.com/stattag.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectcdntechone.com
FingerprintC4:4A:E2:16:14:70:A8:3C:39:84:67:A6:B3:07:BF:A2:33:7A:6C:EA
ValiditySat, 14 Dec 2024 05:16:32 GMT - Fri, 14 Mar 2025 06:15:04 GMT

File type
JavaScript source, ASCII text, with very long lines (15840)
Size
16 kB (16490 bytes)
Hash
80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4724
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jMO0%2FksC9aQ2lFCIeN%2Bitmj%2FoJz9k6RMB5t91a75l6Sp4%2FA3uCpoeyw4izDXy%2Bj2v053WEDy9vxGGRGfSduspP3fHVCRK953ZQ9krkNzbl8C%2Bwax0GlvET%2FQ9t9T%2BF%2Bk3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fea4de41c99712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=675&min_rtt=470&rtt_var=461&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3280&recv_bytes=1164&delivery_rate=6304789&cwnd=253&unsent_bytes=0&cid=67ee68615c7c3b7c&ts=37&x=0"
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

188.114.97.1

200 OK

16 kB

URL GET HTTP/3
cdntechone.com/stattag.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ipagnamsoodsu.com/please-confirm/720/13649/?z=7045399&b=20281785&var=&ymid=376l60ji0d8co
Certificate
IssuerGoogle Trust Services
Subjectcdntechone.com
FingerprintC4:4A:E2:16:14:70:A8:3C:39:84:67:A6:B3:07:BF:A2:33:7A:6C:EA
ValiditySat, 14 Dec 2024 05:16:32 GMT - Fri, 14 Mar 2025 06:15:04 GMT

File type
JavaScript source, ASCII text, with very long lines (15840)
Size
16 kB (16490 bytes)
Hash
80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 Jan 2025 06:59:20 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4724
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUkkVpawz5Fbgq94p4vAkse1AMkRc6YxFosY3wtB5gmNSa%2BVIXOknm5v4Wz0TU1uXN5CMOQtfLdPMxTn924%2BwIJLaTXfss3CSnkxQQqoooPiC3%2BTRBgm585vTVf3rWC5ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fea4de51f80b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4160&min_rtt=4093&rtt_var=1668&sent=16&recv=10&lost=0&retrans=0&sent_bytes=4283&recv_bytes=1242&delivery_rate=126379&cwnd=12000&unsent_bytes=0&cid=044433abb8587a8b&ts=84&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML