| steamcomunutty.com/e006cd828d8f03c605a243a874ba8cac/c3RhZW1jb21tdW5udXR0eS5jb20=/aHR0cDovL3N0ZWFtY29tdW51dHR5LmNvbS9naWZ0 |  185.216.71.150 | 302 Found | 104 B |
URL User Request GET HTTP/2steamcomunutty.com/e006cd828d8f03c605a243a874ba8cac/c3RhZW1jb21tdW5udXR0eS5jb20=/aHR0cDovL3N0ZWFtY29tdW51dHR5LmNvbS9naWZ0 IP185.216.71.150:443
CertificateIssuerLet's Encrypt Subjectsteamcomunutty.com Fingerprint9B:FD:91:55:AC:31:B9:6B:0B:BB:8C:55:7B:CE:BA:4D:A1:4C:3F:3B ValiditySun, 10 Nov 2024 11:01:30 GMT - Sat, 08 Feb 2025 11:01:29 GMT
File typeHTML document, ASCII text, with no line terminators Hash7ec15eabd897b49c6d6fe087511223b8 5a45020e20d5c0a927038b857eeae4ef2c690217 bf6cbc16b7fdf79edb8d1dd201435c87d3c5e1c79e404af3c7098be8a170968c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /e006cd828d8f03c605a243a874ba8cac/c3RhZW1jb21tdW5udXR0eS5jb20=/aHR0cDovL3N0ZWFtY29tdW51dHR5LmNvbS9naWZ0 HTTP/1.1
Host: steamcomunutty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
alt-svc: h3=":443"; ma=2592000
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 20 Nov 2024 22:50:46 GMT
location: http://steamcomunutty.com/gift
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: Caddy
set-cookie: redirectedDomain=staemcommunnutty.com; Path=/; Expires=Thu, 21 Nov 2024 02:50:46 GMT; SameSite=Lax
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
content-length: 104
X-Firefox-Spdy: h2
|
URL User Request GET HTTP/2IP185.216.71.150:443
CertificateIssuerLet's Encrypt Subjectsteamcomunutty.com Fingerprint9B:FD:91:55:AC:31:B9:6B:0B:BB:8C:55:7B:CE:BA:4D:A1:4C:3F:3B ValiditySun, 10 Nov 2024 11:01:30 GMT - Sat, 08 Feb 2025 11:01:29 GMT
Hash6688d59f1d0b9e116ceca1708a113d0d d0078c573575a40a584cc92d4ccc5e8ae62aa948 cacc3c09d432702d237265c156358a0430dd08938afbceaf4a444d26340b25e8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /gift HTTP/1.1
Host: steamcomunutty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: redirectedDomain=staemcommunnutty.com
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
alt-svc: h3=":443"; ma=2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 20 Nov 2024 22:50:47 GMT
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: Caddy
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
X-Firefox-Spdy: h2
|
URL User Request GET HTTP/2IP185.216.71.150:443
CertificateIssuerLet's Encrypt Subjectsteamcomunutty.com Fingerprint9B:FD:91:55:AC:31:B9:6B:0B:BB:8C:55:7B:CE:BA:4D:A1:4C:3F:3B ValiditySun, 10 Nov 2024 11:01:30 GMT - Sat, 08 Feb 2025 11:01:29 GMT
Hash6688d59f1d0b9e116ceca1708a113d0d d0078c573575a40a584cc92d4ccc5e8ae62aa948 cacc3c09d432702d237265c156358a0430dd08938afbceaf4a444d26340b25e8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /gift HTTP/1.1
Host: steamcomunutty.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: redirectedDomain=staemcommunnutty.com
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
alt-svc: h3=":443"; ma=2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 20 Nov 2024 22:50:47 GMT
etag: W/"41-0AeMVzV1pApYTMktTMxeiuYqqUg"
origin-agent-cluster: ?1
referrer-policy: no-referrer
server: Caddy
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0
X-Firefox-Spdy: h2
|