urlquery - report: itsnotonthetest.com/2012/06/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP	Comment
itsnotonthetest.com (2)	0	2014-10-30 16:07:04	2023-05-23 18:55:49	672	407	206.237.197.175
www.itsnotonthetest.com (2)	0	2014-12-31 06:02:48	2023-05-23 18:55:48	775	770	206.237.197.175

Scan Date	Severity	Indicator	Comment
2023-05-26	medium	itsnotonthetest.com/	Phishing
2023-05-26	medium	www.itsnotonthetest.com/index.php	Phishing
2023-05-26	medium	itsnotonthetest.com/2012/06/	Phishing
2023-05-26	medium	www.itsnotonthetest.com/2012/06/	Phishing

Date	UQ / IDS / BL	URL	IP
2023-05-27 20:09:50 UTC	0 - 0 - 4	www.itsnotonthetest.com/tag/alec-baldwin	206.237.197.175
2023-05-26 17:39:35 UTC	0 - 0 - 4	www.itsnotonthetest.com/screen-shot-2012-04-1 (...)	206.237.197.175
2023-05-26 14:59:43 UTC	0 - 0 - 4	itsnotonthetest.com/2012/06/	206.237.197.175
2023-05-24 12:25:41 UTC	0 - 0 - 4	www.itsnotonthetest.com/tag/books	206.237.197.175
2023-05-23 23:26:52 UTC	0 - 0 - 4	itsnotonthetest.com/tag/tom-cruise/	206.237.197.175

Date	UQ / IDS / BL	URL	IP
2023-06-02 10:58:37 UTC	0 - 1 - 0	freedownloandcloudspace.freecloudspace.top/FR (...)	107.148.147.122
2023-06-01 13:33:43 UTC	0 - 1 - 0	www.99uux.com/d/%E6%97%A5%E5%B8%B8%E5%8A%A9%E (...)	107.148.133.96
2023-06-01 13:20:01 UTC	0 - 6 - 31	www.nanweidsr.com/%E5%8A%A8%E6%80%81%E8%AF%84 (...)	38.40.241.47
2023-06-01 08:11:10 UTC	0 - 1 - 0	www.surinametourism.net/index.php?id=47&Itemi (...)	38.40.241.149
2023-05-31 08:55:04 UTC	0 - 1 - 0	www.jovetech.com/www.jovetech.com/down/YST/B/ (...)	107.148.144.26

Date	UQ / IDS / BL	URL	IP
2023-05-27 20:09:50 UTC	0 - 0 - 4	www.itsnotonthetest.com/tag/alec-baldwin	206.237.197.175
2023-05-26 17:39:35 UTC	0 - 0 - 4	www.itsnotonthetest.com/screen-shot-2012-04-1 (...)	206.237.197.175
2023-05-26 14:59:43 UTC	0 - 0 - 4	itsnotonthetest.com/2012/06/	206.237.197.175
2023-05-24 12:25:41 UTC	0 - 0 - 4	www.itsnotonthetest.com/tag/books	206.237.197.175
2023-05-23 23:26:52 UTC	0 - 0 - 4	itsnotonthetest.com/tag/tom-cruise/	206.237.197.175

Date	UQ / IDS / BL	URL	IP
2023-06-04 01:58:01 UTC	0 - 2 - 0	f0443446.xsph.ru/	141.8.197.42
2023-06-04 01:52:24 UTC	3 - 1 - 4	vojyqem.com/MWcXZ/login.php/	167.99.35.88
2023-06-04 01:52:12 UTC	3 - 1 - 4	vojyqem.com/MWcXZ/login.php	167.99.35.88
2023-06-04 01:52:05 UTC	3 - 1 - 4	vojyqem.com/TLepZ/MWcXZ/login.php/	167.99.35.88
2023-06-04 01:51:20 UTC	3 - 1 - 4	vojyqem.com/TLepZ/MWcXZ/login.php	167.99.35.88

Request	Response
GET / HTTP/1.1 Host: itsnotonthetest.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	206.237.197.175 HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx Date: Fri, 26 May 2023 14:59:31 GMT Content-Length: 0 Connection: keep-alive Location: http://www.itsnotonthetest.com/index.php --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Blocklists: - fortinet: Phishing
GET /index.php HTTP/1.1 Host: www.itsnotonthetest.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	206.237.197.175 HTTP/1.1 200 OK Content-Type: text/html Server: nginx Date: Fri, 26 May 2023 14:59:31 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (510), with CRLF line terminators Size: 577 Md5: af8cf413e8222c364ed5a37215a0117f Sha1: d4e17ea27a16552e366b8f9798e14b501f54123e Sha256: cdab5b6dbc6fbbcf53775bb2c8f4f5aad05bf6e397e9cf4e06e2d6a49363b632 Blocklists: - fortinet: Phishing
GET /2012/06/ HTTP/1.1 Host: itsnotonthetest.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache	206.237.197.175 HTTP/1.1 301 Moved Permanently Content-Type: text/html Server: nginx Date: Fri, 26 May 2023 14:59:32 GMT Content-Length: 0 Connection: keep-alive Location: http://www.itsnotonthetest.com/2012/06/ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Blocklists: - fortinet: Phishing
GET /2012/06/ HTTP/1.1 Host: www.itsnotonthetest.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache	Blocklists: - fortinet: Phishing

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: itsnotonthetest.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             206.237.197.175

                                            
                                                HTTP/1.1 301 Moved Permanently 

                                            
                                                
Content-Type: text/html

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Date: Fri, 26 May 2023 14:59:31 GMT 

                                            
                                                
Content-Length: 0 

                                            
                                                
Connection: keep-alive 

                                            
                                                
Location: http://www.itsnotonthetest.com/index.php 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

                                        
                                            GET /index.php HTTP/1.1 

                                        
                                            
Host: www.itsnotonthetest.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             206.237.197.175

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
Content-Type: text/html

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Date: Fri, 26 May 2023 14:59:31 GMT 

                                            
                                                
Transfer-Encoding: chunked 

                                            
                                                
Connection: keep-alive 

                                            
                                                
Vary: Accept-Encoding 

                                            
                                                
Content-Encoding: gzip 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (510), with CRLF line terminators

                                                Size:   577

                                                Md5:    af8cf413e8222c364ed5a37215a0117f

                                                Sha1:   d4e17ea27a16552e366b8f9798e14b501f54123e

                                                Sha256: cdab5b6dbc6fbbcf53775bb2c8f4f5aad05bf6e397e9cf4e06e2d6a49363b632

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

                                        
                                            GET /2012/06/ HTTP/1.1 

                                        
                                            
Host: itsnotonthetest.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
DNT: 1 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                        
                                             206.237.197.175

                                            
                                                HTTP/1.1 301 Moved Permanently 

                                            
                                                
Content-Type: text/html

                                            

                                            
                                                
Server: nginx 

                                            
                                                
Date: Fri, 26 May 2023 14:59:32 GMT 

                                            
                                                
Content-Length: 0 

                                            
                                                
Connection: keep-alive 

                                            
                                                
Location: http://www.itsnotonthetest.com/2012/06/ 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

                                        
                                            GET /2012/06/ HTTP/1.1 

                                        
                                            
Host: www.itsnotonthetest.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
DNT: 1 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                            
                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

URL	itsnotonthetest.com/2012/06/
IP	206.237.197.175 (United States)
ASN	#398823 PEGTECHINC-AP-02
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access	public
Report completed	2023-05-26 14:59:43 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	4
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (2)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 206.237.197.175

Last 5 reports on ASN: PEGTECHINC-AP-02

Last 5 reports on domain: itsnotonthetest.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (4)

Overview

Domain Summary (2)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 206.237.197.175

Last 5 reports on ASN: PEGTECHINC-AP-02

Last 5 reports on domain: itsnotonthetest.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (4)

Network Intrusion Detection Systems