| ardschatota.com/Attention_files/new_free.svg | 139.45.197.161 | 200 OK | 1.5 kB |
URL GET HTTP/2ardschatota.com/Attention_files/new_free.svg IP139.45.197.161:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectardschatota.com FingerprintA8:51:69:A5:01:4A:8C:EB:05:F1:E9:82:CC:E2:21:39:72:C0:F4:87 ValidityMon, 15 Apr 2024 18:57:20 GMT - Sun, 14 Jul 2024 18:57:19 GMT
File typeSVG Scalable Vector Graphics image Hashadd28f2b5b2a568a5d5b49bd7b40ec03 66ad7a5ce73b4f84f2f54e5e6150cd5cc923d25e 89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Attention_files/new_free.svg HTTP/1.1
Host: ardschatota.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/?t=0&ymid=809658644890128385
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: image/svg+xml
content-length: 1545
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 22 Nov 2023 11:37:16 GMT
etag: W/"609-18bf6d1f1e0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ardschatota.com/Attention_files/loading.svg | 139.45.197.161 | 200 OK | 386 B |
URL GET HTTP/2ardschatota.com/Attention_files/loading.svg IP139.45.197.161:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectardschatota.com FingerprintA8:51:69:A5:01:4A:8C:EB:05:F1:E9:82:CC:E2:21:39:72:C0:F4:87 ValidityMon, 15 Apr 2024 18:57:20 GMT - Sun, 14 Jul 2024 18:57:19 GMT
File typeSVG Scalable Vector Graphics image Hash484f8bcb59050331f28ec35ae84c3ef0 e083f687af91382e8485515369daffde1899a12a d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Attention_files/loading.svg HTTP/1.1
Host: ardschatota.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/?t=0&ymid=809658644890128385
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: image/svg+xml
content-length: 386
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Wed, 22 Nov 2023 11:37:16 GMT
etag: W/"182-18bf6d1f1e0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| phicmune.net/zone?&pub=0&zone_id=6601407&is_mobile=false&domain=ardschatota.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=c9d369f9-4302-47f9-87fa-17a195e8a2ff&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2phicmune.net/zone?&pub=0&zone_id=6601407&is_mobile=false&domain=ardschatota.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=c9d369f9-4302-47f9-87fa-17a195e8a2ff&action=prerequest IP139.45.197.251:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectphicmune.net Fingerprint7D:75:9F:1D:2C:1C:0C:44:61:C8:BD:B5:3C:45:F7:13:B3:08:B6:8F ValidityMon, 29 Apr 2024 05:12:14 GMT - Sun, 28 Jul 2024 05:12:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=6601407&is_mobile=false&domain=ardschatota.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=c9d369f9-4302-47f9-87fa-17a195e8a2ff&action=prerequest HTTP/1.1
Host: phicmune.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ardschatota.com
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-length: 0
x-trace-id: 1edc6f1096615758db36b16a687ae08d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ardschatota.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 273
Origin: https://ardschatota.com
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c5175d9cbf87d356571ccc21d2a8066d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ardschatota.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 275
Origin: https://ardschatota.com
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1e4059baf934a73c3059bc4e952d832a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ardschatota.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 276
Origin: https://ardschatota.com
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 145754585cf27a0d9101a3bd4f564100
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ardschatota.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ardschatota.com/
Origin: https://ardschatota.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://ardschatota.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashaff4fc6f05c9aa1f0766681a73a5ff6c 7301c16c76309e53f658f08ef7221ea29d9a5f12 323f7f8b9cc3eea484a4cf80a388266ede6595ebf4afd915fcdce0b76b330c74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ardschatota.com/
Content-Type: application/json
Content-Length: 790
Origin: https://ardschatota.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ardschatota.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| confirm.95urbehxy2dh.top/eb430691fe30d16070b5a144c3d3303c/3295c76acbf4caaed33c36b1b5fc2cb1/assets/fav.png | 64.190.63.222 | 441 No Reason Phrase | 0 B |
URL GET HTTP/2confirm.95urbehxy2dh.top/eb430691fe30d16070b5a144c3d3303c/3295c76acbf4caaed33c36b1b5fc2cb1/assets/fav.png IP64.190.63.222:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerDigiCert Inc Subjectconfirm.95urbehxy2dh.top Fingerprint19:7D:69:2A:EC:32:A3:53:96:45:32:4D:E9:D7:12:49:E0:DC:BF:2E ValidityFri, 17 Nov 2023 00:00:00 GMT - Sun, 17 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eb430691fe30d16070b5a144c3d3303c/3295c76acbf4caaed33c36b1b5fc2cb1/assets/fav.png HTTP/1.1
Host: confirm.95urbehxy2dh.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 441 No Reason Phrase
date: Thu, 02 May 2024 21:53:13 GMT
server: NginX
content-length: 0
X-Firefox-Spdy: h2
|
|
| ardschatota.com/w/k7h2u8uplsc | 139.45.197.161 | 200 OK | 7 B |
URL GET HTTP/2ardschatota.com/w/k7h2u8uplsc IP139.45.197.161:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectardschatota.com FingerprintA8:51:69:A5:01:4A:8C:EB:05:F1:E9:82:CC:E2:21:39:72:C0:F4:87 ValidityMon, 15 Apr 2024 18:57:20 GMT - Sun, 14 Jul 2024 18:57:19 GMT
File typeASCII text, with no line terminators Hash070a0fb40f6c308ab544b227660aadff 6ec6121cd150a73105f36a36219f4e978fe2e3dc ab5b50c3846ccfef52997e6e153b187022cde34b543019aa4feaf1f732feff50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /w/k7h2u8uplsc HTTP/1.1
Host: ardschatota.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ardschatota.com/?t=0&ymid=809658644890128385
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:23 GMT
content-type: text/html; charset=utf-8
content-length: 7
etag: W/"7-bsYSHNFQpzEF82o2IZ9Ol4/i49w"
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ardschatota.com/w/k7h2u8uplsc | 139.45.197.161 | 200 OK | 7 B |
URL GET HTTP/2ardschatota.com/w/k7h2u8uplsc IP139.45.197.161:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectardschatota.com FingerprintA8:51:69:A5:01:4A:8C:EB:05:F1:E9:82:CC:E2:21:39:72:C0:F4:87 ValidityMon, 15 Apr 2024 18:57:20 GMT - Sun, 14 Jul 2024 18:57:19 GMT
File typeASCII text, with no line terminators Hash070a0fb40f6c308ab544b227660aadff 6ec6121cd150a73105f36a36219f4e978fe2e3dc ab5b50c3846ccfef52997e6e153b187022cde34b543019aa4feaf1f732feff50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /w/k7h2u8uplsc HTTP/1.1
Host: ardschatota.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ardschatota.com/?t=0&ymid=809658644890128385
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:34 GMT
content-type: text/html; charset=utf-8
content-length: 7
etag: W/"7-bsYSHNFQpzEF82o2IZ9Ol4/i49w"
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ardschatota.com/?t=0&ymid=809658644890128385 | 139.45.197.161 | 200 OK | 21 kB |
URL User Request GET HTTP/2ardschatota.com/?t=0&ymid=809658644890128385 IP139.45.197.161:443
CertificateIssuerLet's Encrypt Subjectardschatota.com FingerprintA8:51:69:A5:01:4A:8C:EB:05:F1:E9:82:CC:E2:21:39:72:C0:F4:87 ValidityMon, 15 Apr 2024 18:57:20 GMT - Sun, 14 Jul 2024 18:57:19 GMT
File typeHTML document, ASCII text, with very long lines (1947) Hash98802378ad12e0ef0d31fb7d5aec5768 06f6c6b4c67d74646f1954a083f87966e6b1c145 2b8347db0ad54c0556e54bd9eb35489331873bfabb9660d664aca5777e408d27
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?t=0&ymid=809658644890128385 HTTP/1.1
Host: ardschatota.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
last-modified: Wed, 22 Nov 2023 11:37:16 GMT
etag: W/"5176-18bf6d1f1e0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ardschatota.com/Attention_files/animate.css | 139.45.197.161 | 200 OK | 79 kB |
URL GET HTTP/2ardschatota.com/Attention_files/animate.css IP139.45.197.161:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectardschatota.com FingerprintA8:51:69:A5:01:4A:8C:EB:05:F1:E9:82:CC:E2:21:39:72:C0:F4:87 ValidityMon, 15 Apr 2024 18:57:20 GMT - Sun, 14 Jul 2024 18:57:19 GMT
Hash97d64faca1f1a0422ecf3ae998026899 61bc4cbfc9fc6e0db503aa67ba92c7c768a4c7e1 d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Attention_files/animate.css HTTP/1.1
Host: ardschatota.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/?t=0&ymid=809658644890128385
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
last-modified: Wed, 22 Nov 2023 11:37:16 GMT
etag: W/"1361f-18bf6d1f1e0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ardschatota.com/micro.js?zoneId=6601407 | 139.45.197.161 | 200 OK | 565 B |
URL GET HTTP/2ardschatota.com/micro.js?zoneId=6601407 IP139.45.197.161:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectardschatota.com FingerprintA8:51:69:A5:01:4A:8C:EB:05:F1:E9:82:CC:E2:21:39:72:C0:F4:87 ValidityMon, 15 Apr 2024 18:57:20 GMT - Sun, 14 Jul 2024 18:57:19 GMT
File typeASCII text, with very long lines (603), with no line terminators Hash1a7ce55ba307fd867d407e12abd5d757 d2e790d56a6b5095109fdb76d144d6658be01d94 cc91505afaa4fb5fbfdf3ae4b2ee06faa75e694f04dfdeb541422e51d06ce61c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /micro.js?zoneId=6601407 HTTP/1.1
Host: ardschatota.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/?t=0&ymid=809658644890128385
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
last-modified: Wed, 22 Nov 2023 11:37:16 GMT
etag: W/"235-18bf6d1f1e0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ardschatota.com/qrcode.js | 139.45.197.161 | 200 OK | 33 kB |
URL GET HTTP/2ardschatota.com/qrcode.js IP139.45.197.161:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectardschatota.com FingerprintA8:51:69:A5:01:4A:8C:EB:05:F1:E9:82:CC:E2:21:39:72:C0:F4:87 ValidityMon, 15 Apr 2024 18:57:20 GMT - Sun, 14 Jul 2024 18:57:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /qrcode.js HTTP/1.1
Host: ardschatota.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/?t=0&ymid=809658644890128385
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0
last-modified: Wed, 22 Nov 2023 11:37:16 GMT
etag: W/"80f0-18bf6d1f1e0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
|
|
| phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js | 139.45.197.251 | 200 OK | 37 kB |
URL GET HTTP/2phicmune.net/pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js IP139.45.197.251:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectphicmune.net Fingerprint7D:75:9F:1D:2C:1C:0C:44:61:C8:BD:B5:3C:45:F7:13:B3:08:B6:8F ValidityMon, 29 Apr 2024 05:12:14 GMT - Sun, 28 Jul 2024 05:12:13 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
GET /pfe/current/micro.tag.min.js?z=6601407&sw=/micro.js HTTP/1.1
Host: phicmune.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ardschatota.com/assets/bg.gif | 139.45.197.161 | 404 Not Found | 152 B |
URL GET HTTP/2ardschatota.com/assets/bg.gif IP139.45.197.161:443
Requested byhttps://ardschatota.com/?t=0&ymid=809658644890128385 CertificateIssuerLet's Encrypt Subjectardschatota.com FingerprintA8:51:69:A5:01:4A:8C:EB:05:F1:E9:82:CC:E2:21:39:72:C0:F4:87 ValidityMon, 15 Apr 2024 18:57:20 GMT - Sun, 14 Jul 2024 18:57:19 GMT
File typeHTML document, ASCII text, with no line terminators Hash375afe6444f4427295df0fa85a067d8e b869ccd897bdeddc61d7f465c1ea181b6d00d65d 7ae09b8b6dbec7ad3c39aa07bff02370472ec12ae8acd2a897f3980a624acccd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/bg.gif HTTP/1.1
Host: ardschatota.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ardschatota.com/?t=0&ymid=809658644890128385
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Thu, 02 May 2024 21:53:13 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-security-policy: default-src 'none'
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
|
|