Report - cdntechone.com/r.html?axcid=b11df4a5-b02c-4bff-b483-c91f3b797763&axtsid=direct-link/&axaffid=82f5721cb5884d0edf7b84b3cce58475&clid=a22ac7v4pb4zwblcdb&axfu=https://sweetbird.net/click.php?key=97xwtzyoopcwl3bwxl6v&click_id={clid}&source_id={axtsid}&pub_id_hash={axaffid}&axft=2&r=https://jorttiuyng.com/link?z=5639245&var={axaffid}&ymid={clid}

Report Overview

Submitted URL
cdntechone.com/r.html?axcid=b11df4a5-b02c-4bff-b483-c91f3b797763&axtsid=direct-link/&axaffid=82f5721cb5884d0edf7b84b3cce58475&clid=a22ac7v4pb4zwblcdb&axfu=https://sweetbird.net/click.php?key=97xwtzyoopcwl3bwxl6v&click_id={clid}&source_id={axtsid}&pub_id_hash={axaffid}&axft=2&r=https://jorttiuyng.com/link?z=5639245&var={axaffid}&ymid={clid}
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-06 03:05:09
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-05	330 B	963 B	104.18.14.101
datatechonert.com	46154	2021-12-24	2021-12-24	2023-06-05	532 B	482 B	37.48.68.71
sweetbird.net	unknown	2022-02-10	2019-12-09	2023-06-03	538 B	561 B	34.192.29.125
6.lands.ninja	unknown	2021-06-16	2021-09-08	2023-06-05	2.5 kB	36 kB	52.3.131.13
us.wenga.xyz	unknown	2022-11-29	2023-02-04	2023-05-31	940 B	443 B	38.100.129.135

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-06 03:04:54	medium	38.100.129.135	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)
2023-06-06 03:04:55	medium	38.100.129.135	Client IP	ET HUNTING Observed Let's Encrypt Certificate for Suspicious TLD (.xyz)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	6.lands.ninja/rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33	14 kB	2023-03-26	2024-03-19
Pretty URL 6.lands.ninja/rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33 IP 52.3.131.13 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 07:30:32 Last Seen2024-03-19 05:00:42 Times Seen1061 Hash d9399ffec754a2bdbbf4bfd2b785be4d e67963687ee1a80f7f2500d8223d601d145a97cc a5d43d7214a29ae16f5bbefc716c73d76760cdd93d30e8170fc842bdf3be2734 Loading...

	6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO	1.1 kB	2023-03-26	2024-03-19
Pretty URL 6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO IP 52.3.131.13 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 07:30:32 Last Seen2024-03-19 05:00:42 Times Seen540 Hash 3dec08a0b944e1a0292206c7929683e4 764b68b52c5178319a69f525ea01bfbbfdd88817 e76ea3d0480f1a3e11a7ad6e6208bef31cdaf383101e4b50cef0d68741cfa104 Loading...

	6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO	792 B	2023-04-12	2024-03-19
Pretty URL 6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO IP 52.3.131.13 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-12 10:45:59 Last Seen2024-03-19 05:00:42 Times Seen538 Hash 849ac45f7eaa6ae287f8e0e73ed9dc10 66e73a820e458d0fe5dd7b7b58559e6ea2e4c668 a8706921d4d281e311fd1eb26ec6882e6e5624d2133cd69532f24f3be094ab60 Loading...

HTTP Transactions (10)

	URL	IP	Response	Size
	ocsp.sectigo.com/	104.18.14.101		471 B
URL ocsp.sectigo.com/ IP 104.18.14.101:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash b1f65a0380152ed39bc45d4942698ea2 77e679c94d1479f3df377624acc494cdeab57bb1 7740c8dd1e4f0821e5c244ba33b896067be902d2ab45cefc9f56c8a2555df81a HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 06 Jun 2023 03:04:53 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Sun, 04 Jun 2023 17:19:56 GMT Expires: Sun, 11 Jun 2023 17:19:55 GMT Etag: "77e679c94d1479f3df377624acc494cdeab57bb1" Cache-Control: max-age=484152,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 7d2d6e34081ab4ff-OSL`

	datatechonert.com/log/add?cid=b11df4a5-b02c-4bff-b483-c91f3b797763	37.48.68.71		12 B
URL datatechonert.com/log/add?cid=b11df4a5-b02c-4bff-b483-c91f3b797763 IP 37.48.68.71:0 ASN #60781 LeaseWeb Netherlands B.V. File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash adb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed HTTP Headers POST /log/add?cid=b11df4a5-b02c-4bff-b483-c91f3b797763 HTTP/1.1 Host: datatechonert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 1674 Origin: https://cdntechone.com DNT: 1 Connection: keep-alive Referer: https://cdntechone.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Server: nginx/1.19.10 Date: Tue, 06 Jun 2023 03:04:53 GMT Content-Type: application/json; charset=utf-8 Content-Length: 12 Connection: keep-alive Access-Control-Allow-Origin: https://cdntechone.com Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Access-Control-Allow-Credentials: true`

	sweetbird.net/click.php?key=97xwtzyoopcwl3bwxl6v	34.192.29.125	302 Found	0 B
URL User Request GET HTTP/1.1 sweetbird.net/click.php?key=97xwtzyoopcwl3bwxl6v IP 34.192.29.125:443 ASN #14618 AMAZON-AES Certificate IssuerLet's Encrypt Subjectsweetbird.net Fingerprint3E:E0:45:F6:85:42:86:58:D1:24:31:89:EA:EC:D1:70:D6:68:D1:F6 ValidityFri, 07 Apr 2023 02:08:41 GMT - Thu, 06 Jul 2023 02:08:40 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /click.php?key=97xwtzyoopcwl3bwxl6v HTTP/1.1 Host: sweetbird.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cdntechone.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Server: nginx/1.20.2 Date: Tue, 06 Jun 2023 03:04:53 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: uclick=7v4pb4sy3y; expires=Wed, 07-Jun-2023 03:04:53 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=7v4pb4sy3y-7v4pb4sy3y-3zbl-0-m70-oj7v-oj8r-385bca; expires=Wed, 07-Jun-2023 03:04:53 GMT; Max-Age=86400; path=/; secure; SameSite=none Location: https://6.lands.ninja?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO Strict-Transport-Security: max-age=31536000

	6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO	52.3.131.13	200 OK	7.0 kB
URL User Request GET HTTP/2 6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO IP 52.3.131.13:443 ASN #14618 AMAZON-AES Certificate IssuerLet's Encrypt Subject1.lands.ninja Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71 ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6123) Size 7.0 kB (7042 bytes) Hash 6dba10eaa7d891abc4076f2d55b81bf4 947e81d5a95fbf94eb534175ae786b762655465f 878f02475c307854cc5ffd7e212b09f67f26e22c4446bb1e556f712f96de6ba1 HTTP Headers GET /?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO HTTP/1.1 Host: 6.lands.ninja User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://cdntechone.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK last-modified: Mon, 20 Feb 2023 18:23:51 GMT etag: "34b3-5f525c3cadbc0-gzip" accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-length: 7042 content-type: text/html date: Tue, 06 Jun 2023 03:04:53 GMT server: Apache X-Firefox-Spdy: h2`

	6.lands.ninja/img/man.png	52.3.131.13	200 OK	11 kB
URL GET HTTP/2 6.lands.ninja/img/man.png IP 52.3.131.13:443 ASN #14618 AMAZON-AES Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO Certificate IssuerLet's Encrypt Subject1.lands.ninja Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71 ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data Size 11 kB (10591 bytes) Hash a6fa8154cc36da494df7b5103329c15a 3a2310088bcec14f7c0187f8409a5af5395665e8 967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837 HTTP Headers `GET /img/man.png HTTP/1.1 Host: 6.lands.ninja User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK last-modified: Fri, 19 Aug 2022 17:54:25 GMT etag: "295f-5e69bc9e37640" accept-ranges: bytes content-length: 10591 content-type: image/png date: Tue, 06 Jun 2023 03:04:54 GMT server: Apache X-Firefox-Spdy: h2`

	6.lands.ninja/rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33	52.3.131.13	200 OK	5.1 kB
URL GET HTTP/2 6.lands.ninja/rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33 IP 52.3.131.13:443 ASN #14618 AMAZON-AES Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO Certificate IssuerLet's Encrypt Subject1.lands.ninja Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71 ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT File type ASCII text, with very long lines (14442), with no line terminators Size 5.1 kB (5108 bytes) Hash d9399ffec754a2bdbbf4bfd2b785be4d e67963687ee1a80f7f2500d8223d601d145a97cc a5d43d7214a29ae16f5bbefc716c73d76760cdd93d30e8170fc842bdf3be2734 HTTP Headers `GET /rp-cl-rd-ob.js?pubid=775186&siteid=312014&niche=33 HTTP/1.1 Host: 6.lands.ninja User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK last-modified: Mon, 27 Feb 2023 13:57:14 GMT etag: "386a-5f5aedb2fa280-gzip" accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-length: 5108 content-type: text/javascript date: Tue, 06 Jun 2023 03:04:54 GMT server: Apache X-Firefox-Spdy: h2`

	6.lands.ninja/img/logo.png	52.3.131.13	200 OK	1.1 kB
URL GET HTTP/2 6.lands.ninja/img/logo.png IP 52.3.131.13:443 ASN #14618 AMAZON-AES Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO Certificate IssuerLet's Encrypt Subject1.lands.ninja Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71 ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT File type PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data Size 1.1 kB (1061 bytes) Hash d708fbf0358752a082f5a394b74adda8 231c1527b4b039eb3af7d7e9eb5587ed87f6ea81 09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5 HTTP Headers `GET /img/logo.png HTTP/1.1 Host: 6.lands.ninja User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK last-modified: Fri, 19 Aug 2022 17:54:24 GMT etag: "425-5e69bc9d43400" accept-ranges: bytes content-length: 1061 content-type: image/png date: Tue, 06 Jun 2023 03:04:54 GMT server: Apache X-Firefox-Spdy: h2`

	6.lands.ninja/img/bot.png	52.3.131.13	200 OK	11 kB
URL GET HTTP/2 6.lands.ninja/img/bot.png IP 52.3.131.13:443 ASN #14618 AMAZON-AES Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO Certificate IssuerLet's Encrypt Subject1.lands.ninja Fingerprint39:07:A3:BB:C0:77:C1:18:45:3D:8C:83:18:33:3C:DD:63:73:F7:71 ValidityTue, 18 Apr 2023 03:03:46 GMT - Mon, 17 Jul 2023 03:03:45 GMT File type PNG image data, 260 x 260, 8-bit colormap, non-interlaced\012- data Size 11 kB (11043 bytes) Hash ca1f4de0ad1d4fad72d299a6411e6959 c9f6d409f09264a34ee8bac4265233c56c280d1a f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f HTTP Headers `GET /img/bot.png HTTP/1.1 Host: 6.lands.ninja User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK last-modified: Fri, 19 Aug 2022 17:54:24 GMT etag: "2b23-5e69bc9d43400" accept-ranges: bytes content-length: 11043 content-type: image/png date: Tue, 06 Jun 2023 03:04:54 GMT server: Apache X-Firefox-Spdy: h2`

	us.wenga.xyz/pb/st	38.100.129.135	200 OK	34 B
URL GET HTTP/2 us.wenga.xyz/pb/st IP 38.100.129.135:443 ASN #174 COGENT-174 Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO Certificate IssuerLet's Encrypt Subject.wenga.xyz Fingerprint96:D4:49:AC:4D:4B:8E:B0:1A:16:E6:92:EC:4F:92:42:70:65:3B:CB ValiditySun, 28 May 2023 23:08:36 GMT - Sat, 26 Aug 2023 23:08:35 GMT File type ASCII text, with no line terminators Size 34 B (34 bytes) Hash 027d3b7eb224476eeeef5fb4603d52ad d8413242296f1eee3a3c40ff6e28f2211ac778da 6f9d4356870080ec8ace58f54cc9b6d006577cf9d192f5075d715db16a3f767a HTTP Headers `GET /pb/st HTTP/1.1 Host: us.wenga.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://6.lands.ninja/ Origin: https://6.lands.ninja DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: openresty/1.15.8.3 date: Tue, 06 Jun 2023 03:04:55 GMT content-type: text/html;charset=UTF-8 content-length: 34 access-control-allow-origin: https://6.lands.ninja access-control-allow-credentials: true X-Firefox-Spdy: h2`

	us.wenga.xyz/pb/st?sctp=content-locker&m=ht&pid=775186&sid=312014&dm=6.lands.ninja&c1=https&c2=1&c3=https://us.wenga.xyz/pb/st	38.100.129.135	200 OK	0 B
URL GET HTTP/2 us.wenga.xyz/pb/st?sctp=content-locker&m=ht&pid=775186&sid=312014&dm=6.lands.ninja&c1=https&c2=1&c3=https://us.wenga.xyz/pb/st IP 38.100.129.135:443 ASN #174 COGENT-174 Requested by https://6.lands.ninja/?q=150da7v4pb4sy3y3c5&s=Unknown&var=Unknown&geo=NO Certificate IssuerLet's Encrypt Subject.wenga.xyz Fingerprint96:D4:49:AC:4D:4B:8E:B0:1A:16:E6:92:EC:4F:92:42:70:65:3B:CB ValiditySun, 28 May 2023 23:08:36 GMT - Sat, 26 Aug 2023 23:08:35 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /pb/st?sctp=content-locker&m=ht&pid=775186&sid=312014&dm=6.lands.ninja&c1=https&c2=1&c3=https://us.wenga.xyz/pb/st HTTP/1.1 Host: us.wenga.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://6.lands.ninja/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: openresty/1.15.8.3 date: Tue, 06 Jun 2023 03:04:55 GMT content-type: text/html;charset=UTF-8 content-length: 0 X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (10)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP