Report - almoslataan.com/

Report Overview

Visited public
2023-08-28 05:29:39
Tags
URL
almoslataan.com/
Finishing URL
almoslataan.com/
IP / ASN
64.227.123.174
#14061 DIGITALOCEAN-ASN
Title
AlmosLataan Home

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
apis.google.com	105	1997-09-15	2013-05-06 22:20:21	2023-08-28 05:24:50	406 B	23 kB	142.250.74.46
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-08-27 23:34:42	482 B	186 kB	142.250.74.35
log.pinterest.com	3464	2009-11-26	2014-02-24 22:34:32	2023-08-27 08:37:06	621 B	557 B	151.101.64.84
almoslataan.com	unknown	2014-10-19	2015-11-08 09:24:46	2023-06-27 18:51:31	1.8 kB	121 kB	64.227.123.174
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-08-27 18:12:02	1.7 kB	3.5 kB	142.250.74.131
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-08-18 17:41:21	407 B	1.3 kB	216.58.211.4
assets.pinterest.com	2560	2009-11-26	2012-05-21 17:53:26	2023-08-27 08:37:05	854 B	20 kB	23.38.200.197

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-08-28	medium	almoslataan.com	Sinkholed
2023-08-28	medium	almoslataan.com	Sinkholed
2023-08-28	medium	almoslataan.com	Sinkholed
2023-08-28	medium	almoslataan.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	almoslataan.com/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL almoslataan.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 13:55 Times Seen341457 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 13:55 Times Seen340655 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	assets.pinterest.com/js/pinit.js	ScriptElement	361 B	2023-03-07	2025-05-09
Pretty URL assets.pinterest.com/js/pinit.js IP 23.38.200.197 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-05-09 04:00 Times Seen2284 Hash 9e724ccab52ce087d92250b1e06ef0ee 8000043a1fb8735345f8b27c65b85331099aed8d 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de Loading...

	apis.google.com/js/platform.js	ScriptElement	59 kB	2023-07-18	2023-09-05
Pretty URL apis.google.com/js/platform.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-18 01:55 Last Seen2023-09-05 14:27 Times Seen793 Hash 13a2d752a1f2cc10d7ed9880b4426d1f 7ea6a9d2cb5457f9aaf6e2d89bef9b19e8869232 470d4eff6a2fd369c0f34647ae2da66b1eb90de49ba8ca3214e905e2a1d96b56 Loading...

	assets.pinterest.com/js/pinit_main.js?0.3607585100432984	ScriptElement	68 kB	2023-03-07	2024-12-05
Pretty URL assets.pinterest.com/js/pinit_main.js?0.3607585100432984 IP 23.38.200.197 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2024-12-05 16:46 Times Seen1501 Hash 980b58b2bf6b18e45583fc3d1d05e145 90fd7a45d8ab0672d45ecaa9a4b7f430ffe1d149 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e Loading...

	www.google.com/recaptcha/api.js	ScriptElement	1.2 kB	2023-08-25	2023-09-15
Pretty URL www.google.com/recaptcha/api.js IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 15:47 Last Seen2023-09-15 03:38 Times Seen1905 Hash 4e2576ff2a6c23795ca4f66ff5fcd037 7e33e3ee94728ffcfe31f9ebe02f3bd47551f9b0 fe5e157c57b8a5017a03e866ec659bd8efa054c5e54276593ab43be9420fba14 Loading...

	almoslataan.com/	ScriptElement	380 B	2023-06-06	2025-02-12
Pretty URL almoslataan.com/ IP 64.227.123.174 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-06 13:15 Last Seen2025-02-12 06:27 Times Seen4 Hash 9366035be5ac38b8a85f5087f4814bdd 10110797c15962ef0b1f42f0c86339cd3e8b5359 05fb768d3a56691033551e679e5c921021658df3e31ef67d66ef5dd0da1aa9ae Loading...

	www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js	ScriptElement	462 kB	2023-08-25	2024-08-21
Pretty URL www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 14:13 Last Seen2024-08-21 08:07 Times Seen5931 Hash a5654a0210fc0019b5edca973ad5bb5e ca96425226fd0088aaa504a5b8fa5675a1c4f429 6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js		1.7 kB	2023-05-05	2025-05-09
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-09 11:25 Times Seen54729 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v16.0	ScriptElement	17 kB	2023-05-05	2025-05-09
Pretty URL connect.facebook.net/en_GB/sdk.js#xfbml=1&version=v16.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-09 11:25 Times Seen54129 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

HTTP Transactions (15)

URL IP Response Size

almoslataan.com/

64.227.123.174

200 OK

1.1 kB

URL User Request GET HTTP/1.1
almoslataan.com/
IP
64.227.123.174:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectalmoslataan.com
FingerprintBD:1A:10:DC:EC:00:DA:34:7B:E0:13:16:B0:C3:9A:B1:74:40:38:25
ValiditySat, 26 Aug 2023 22:44:53 GMT - Fri, 24 Nov 2023 22:44:52 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1105)
Size
1.1 kB (1084 bytes)
Hash
4ca4d856ca57a66fde65a3be414df042
f19e522a713648cc23669f488d702d915c55b2f8
067de1a434d900ca4a52a96480e3540b3bc70554e51b5ca6f9e36c63d66c3557

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: almoslataan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 28 Aug 2023 05:29:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"804-8Z5SKnE2SMwjZp9IjXAtkVxVsvg"
Content-Encoding: gzip

almoslataan.com/stylesheets/stylefrontpage.css

64.227.123.174

200 OK

3.4 kB

URL GET HTTP/1.1
almoslataan.com/stylesheets/stylefrontpage.css
IP
64.227.123.174:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://almoslataan.com/
Certificate
IssuerLet's Encrypt
Subjectalmoslataan.com
FingerprintBD:1A:10:DC:EC:00:DA:34:7B:E0:13:16:B0:C3:9A:B1:74:40:38:25
ValiditySat, 26 Aug 2023 22:44:53 GMT - Fri, 24 Nov 2023 22:44:52 GMT

File type
ASCII text, with CRLF line terminators
Size
3.4 kB (3370 bytes)
Hash
fae915f4848e1bbd4e61cc6c4df8b738
8afc49d8fa6e6d5ee2f1e70be09e6bfb1714daea
b9239c87c3565efc1a37ec498450ced2dade9b1a6e6b6e2d1707c33de447942a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/stylefrontpage.css HTTP/1.1
Host: almoslataan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://almoslataan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 28 Aug 2023 05:29:21 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 3370
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sun, 05 Mar 2023 19:36:59 GMT
ETag: W/"d2a-186b346fc6d"

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
90fde05040c6416c1174540b1c9ec27e
5b74f1211d52643dc447844bb5a0e400dec9bb60
a6e18fb8cd0e76e530b2e8a17617fa5b220cbc3ac5302288d15e60574de21497

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 05:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js

216.58.211.4

200 OK

834 B

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://almoslataan.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint9A:F7:68:99:17:95:7D:AE:08:51:0E:97:CE:A7:C3:18:3E:FB:E0:89
ValidityMon, 07 Aug 2023 12:22:44 GMT - Mon, 30 Oct 2023 12:22:43 GMT

File type
ASCII text, with very long lines (1222), with no line terminators
Size
834 B (834 bytes)
Hash
4e2576ff2a6c23795ca4f66ff5fcd037
7e33e3ee94728ffcfe31f9ebe02f3bd47551f9b0
fe5e157c57b8a5017a03e866ec659bd8efa054c5e54276593ab43be9420fba14

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://almoslataan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Mon, 28 Aug 2023 05:29:21 GMT
date: Mon, 28 Aug 2023 05:29:21 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 834
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bf077e96f3f43137e2f547fb759b16a5
fd2d408042c28e228f921298a60f08c4942ea947
e82d5790db4880c4f4dd08a80fe537cd3d1a8b91450dd79a617202ff8823eede

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 05:29:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

almoslataan.com/images/HomePage/IMG_NeverFar_600px.jpg

64.227.123.174

200 OK

116 kB

URL GET HTTP/1.1
almoslataan.com/images/HomePage/IMG_NeverFar_600px.jpg
IP
64.227.123.174:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://almoslataan.com/
Certificate
IssuerLet's Encrypt
Subjectalmoslataan.com
FingerprintBD:1A:10:DC:EC:00:DA:34:7B:E0:13:16:B0:C3:9A:B1:74:40:38:25
ValiditySat, 26 Aug 2023 22:44:53 GMT - Fri, 24 Nov 2023 22:44:52 GMT

File type
JPEG image data, baseline, precision 8, 450x600, components 3\012- data
Size
116 kB (115509 bytes)
Hash
43ba972a9a49e53e0a8f0c25d431f74b
17a93d1a6c39fcc463e5f8db06b64d4a714dac73
7d7290a1527647da87264e0401ebf0d2ca1498a64cc39981816b45bbe42f2dd9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/HomePage/IMG_NeverFar_600px.jpg HTTP/1.1
Host: almoslataan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://almoslataan.com/stylesheets/stylefrontpage.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Mon, 28 Aug 2023 05:29:21 GMT
Content-Type: image/jpeg
Content-Length: 115509
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sun, 05 Mar 2023 15:35:13 GMT
ETag: W/"1c335-186b269a42d"

assets.pinterest.com/js/pinit.js

23.38.200.197

200 OK

203 B

URL GET HTTP/2
assets.pinterest.com/js/pinit.js
IP
23.38.200.197:443
ASN
#16625 AKAMAI-AS

Requested by
https://almoslataan.com/
Certificate
IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint8E:D1:BC:9A:53:E5:51:57:5E:48:5E:22:82:8C:60:F8:74:F0:08:AC
ValidityMon, 07 Aug 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (361), with no line terminators
Size
203 B (203 bytes)
Hash
9e724ccab52ce087d92250b1e06ef0ee
8000043a1fb8735345f8b27c65b85331099aed8d
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

HTTP Headers

GET /js/pinit.js HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://almoslataan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "62d32c28f14783b94192cd8d35bc010d"
content-encoding: br
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 203
cache-control: max-age=172
alt-svc: h3=":443"; ma=600
vary: Accept-Encoding, Origin
akamai-x-true-ttl: 300
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ea00d4d5cd19d4e3fecb58941d4d7b53
38cadcefa9bd0c2ef9ea4d4339c9a7e3c8b74133
227691e7e8b554894a566ab5e8940f8ef0505750702f2be95fee6378e32b7df3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 05:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7d86a3dce6d27e0a976ced013a552c63
ba7bb8b3b3ef53390afc5c48387be80fad4471d8
366822f1c01f284a91051f7e1753d6a5526f32be04336dc424de852d1ee22eac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 05:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/js/platform.js

142.250.74.46

200 OK

22 kB

URL GET HTTP/2
apis.google.com/js/platform.js
IP
142.250.74.46:443
ASN
#15169 GOOGLE

Requested by
https://almoslataan.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.apis.google.com
Fingerprint9B:C5:73:B6:06:F7:AD:8D:69:64:A3:77:9F:A0:A2:F7:4F:A3:D0:5A
ValidityMon, 07 Aug 2023 12:22:49 GMT - Mon, 30 Oct 2023 12:22:48 GMT

File type
ASCII text, with very long lines (1576)
Size
22 kB (22286 bytes)
Hash
13a2d752a1f2cc10d7ed9880b4426d1f
7ea6a9d2cb5457f9aaf6e2d89bef9b19e8869232
470d4eff6a2fd369c0f34647ae2da66b1eb90de49ba8ca3214e905e2a1d96b56

HTTP Headers

GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://almoslataan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 22286
date: Mon, 28 Aug 2023 05:29:22 GMT
expires: Mon, 28 Aug 2023 05:29:22 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "0b554ade65733cb8"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

142.250.74.35

200 OK

185 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://almoslataan.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (627)
Size
185 kB (185062 bytes)
Hash
a5654a0210fc0019b5edca973ad5bb5e
ca96425226fd0088aaa504a5b8fa5675a1c4f429
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

HTTP Headers

GET /recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://almoslataan.com
DNT: 1
Connection: keep-alive
Referer: https://almoslataan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185062
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Aug 2023 19:24:49 GMT
expires: Mon, 26 Aug 2024 19:24:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 36273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

assets.pinterest.com/js/pinit_main.js?0.3607585100432984

23.38.200.197

200 OK

19 kB

URL GET HTTP/3
assets.pinterest.com/js/pinit_main.js?0.3607585100432984
IP
23.38.200.197:443
ASN
#16625 AKAMAI-AS

Requested by
https://almoslataan.com/
Certificate
IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint8E:D1:BC:9A:53:E5:51:57:5E:48:5E:22:82:8C:60:F8:74:F0:08:AC
ValidityMon, 07 Aug 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (32016)
Size
19 kB (18679 bytes)
Hash
980b58b2bf6b18e45583fc3d1d05e145
90fd7a45d8ab0672d45ecaa9a4b7f430ffe1d149
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

HTTP Headers

GET /js/pinit_main.js?0.3607585100432984 HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://almoslataan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 18679
cache-control: max-age=276
alt-svc: h3=":443"; ma=600
quic-version: 0x00000001
vary: Accept-Encoding, Origin
akamai-x-true-ttl: 300
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7d86a3dce6d27e0a976ced013a552c63
ba7bb8b3b3ef53390afc5c48387be80fad4471d8
366822f1c01f284a91051f7e1753d6a5526f32be04336dc424de852d1ee22eac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Aug 2023 05:29:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

log.pinterest.com/?type=pidget&guid=ppwiJFob4Bvm&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Falmoslataan.com%2F

151.101.64.84

400 Bad Request

0 B

URL GET HTTP/2
log.pinterest.com/?type=pidget&guid=ppwiJFob4Bvm&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Falmoslataan.com%2F
IP
151.101.64.84:443
ASN
#54113 FASTLY

Requested by
https://almoslataan.com/
Certificate
IssuerDigiCert Inc
Subject*.pinterest.com
Fingerprint4D:02:6D:A8:DF:FA:2E:1C:D3:43:46:EF:CF:92:F1:7A:41:8F:BA:0B
ValidityMon, 31 Jul 2023 00:00:00 GMT - Wed, 07 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?type=pidget&guid=ppwiJFob4Bvm&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Falmoslataan.com%2F HTTP/1.1
Host: log.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://almoslataan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-envoy-upstream-service-time: 2
server: envoy
x-pinterest-rid: 1524542600267800
accept-ranges: bytes
date: Mon, 28 Aug 2023 05:29:23 GMT
via: 1.1 varnish
x-served-by: cache-bma1668-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1693200563.308402,VS0,VE42
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
content-length: 0
X-Firefox-Spdy: h2

almoslataan.com/favicon.ico

0.0.0.0

0 B

URL GET
almoslataan.com/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://almoslataan.com/
Certificate
IssuerLet's Encrypt
Subjectalmoslataan.com
FingerprintBD:1A:10:DC:EC:00:DA:34:7B:E0:13:16:B0:C3:9A:B1:74:40:38:25
ValiditySat, 26 Aug 2023 22:44:53 GMT - Fri, 24 Nov 2023 22:44:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: almoslataan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://almoslataan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by