Report - www.wealthinfo.life/

Report Overview

Visited public
2023-09-28 09:35:15
Tags
Submit Tags
URL
www.wealthinfo.life/
Finishing URL
www.wealthinfo.life/
IP / ASN
198.54.117.211
#22612 NAMECHEAP-NET
Title
wealthinfo.life - Registered at Namecheap.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.wealthinfo.life	unknown	2023-04-21	2023-08-07 14:19:49	2023-08-07 14:19:49	745 B	2.2 kB	198.54.117.211
i.cdnpark.com	93792	2011-11-09	2014-04-23 00:29:22	2019-03-24 18:17:58	1.5 kB	2.1 kB	143.204.55.68
parkingcrew.net	54699	2011-01-24	2013-04-19 03:41:17	2019-03-28 08:53:22	385 B	238 B	185.53.179.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-28 09:34:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-09-28 09:34:58	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-09-28 09:35:00	medium	Client IP	198.54.117.211	ET INFO HTTP Request to Suspicious *.life Domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-28	medium	wealthinfo.life	Sinkholed
2023-09-28	medium	wealthinfo.life	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	www.wealthinfo.life/	ScriptElement	0 B	0001-01-01	2025-07-03
Pretty URL www.wealthinfo.life/ IP 198.54.117.211 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-03 07:12 Times Seen5256870 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.wealthinfo.life/	ScriptElement	0 B	0001-01-01	2025-07-03
Pretty URL www.wealthinfo.life/ IP 198.54.117.211 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-03 07:12 Times Seen5256870 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.wealthinfo.life/	ScriptElement	0 B	0001-01-01	2025-07-03
Pretty URL www.wealthinfo.life/ IP 198.54.117.211 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-03 07:12 Times Seen5256870 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - db4abe8011c486a449a3e82a6cdc3a99	141 B	2024-08-21 05:37	2024-08-21 05:37
Pretty Observations First Seen2024-08-21 05:37 Last Seen2024-08-21 05:37 Times Seen1 Hash db4abe8011c486a449a3e82a6cdc3a99 b3792057505751cc7316b6b19e1f1f2537264740 cbef375ba97a7a0f564974c3bc682d45f37af41c40a04cee42c09e592f953a80 Loading...

HTTP Transactions (7)

URL IP Response Size

GET www.wealthinfo.life/

198.54.117.211

1.9 kB

URL User Request GET
www.wealthinfo.life/
IP
198.54.117.211:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (319), with CRLF line terminators
Size
1.9 kB (1930 bytes)
Hash
902f098f5f2eac4160cbc97a1c131204
47b26f3014d18773695c075d2792652d12a6eb16
da9f83adc9e48cf02fe4bec5c059be7ca58352d76e4618676f4d6461186c166d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to Suspicious *.life Domain

HTTP Headers

GET / HTTP/1.1
Host: www.wealthinfo.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 28 Sep 2023 09:35:00 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Server: namecheap-nginx
X-CST: MISS, HIT
Allow: GET, HEAD
Content-Encoding: gzip

GET i.cdnpark.com/themes/assets/style.css

143.204.55.68

200 OK

359 B

URL GET HTTP/1.1
i.cdnpark.com/themes/assets/style.css
IP
143.204.55.68:80
ASN
#16509 AMAZON-02

Requested by
http://www.wealthinfo.life/

File type
ASCII text
Size
359 B (359 bytes)
Hash
e42aacc9e34f351a935e6e83f2cb4a05
539587b5cb2e9383fbf115c0f7f99406079341f9
9cb157f272caecfbd484a0e3b6a8e2f7821e78c6422653ef83530ed9f73b607b

HTTP Headers

GET /themes/assets/style.css HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.wealthinfo.life/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 28 Nov 2022 10:41:35 GMT
Content-Encoding: gzip
Date: Thu, 28 Sep 2023 07:01:37 GMT
ETag: W/"6384905f-37c"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XCOVBGRVO91fthADxVXud5Eqyt461-desbGLx5ie4Qs2PwMGQCdoXQ==
Age: 9409

GET i.cdnpark.com/themes/registrar/style_namecheap.css

143.204.55.68

412 Precondition Failed

35 B

URL GET HTTP/1.1
i.cdnpark.com/themes/registrar/style_namecheap.css
IP
143.204.55.68:80
ASN
#16509 AMAZON-02

Requested by
http://www.wealthinfo.life/

File type
ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
7ebb535e2d55ed28492aaf67ab35aaa3
fc2bc209e2a4b8b11c38f34174f7496c04f8ed36
ac75abc43e7355185abad70f5fafabca40e4d7608f5b8d1ac4a5f97a064af619

HTTP Headers

GET /themes/registrar/style_namecheap.css HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.wealthinfo.life/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 412 Precondition Failed
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Thu, 28 Sep 2023 09:35:00 GMT
X-Error: Domain unknown
X-Cache: Error from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9T5vNp0Ar7UEKY7SIufHYahQZhqQpftqqTmM6GgLPw19fMgm1DRytw==

GET i.cdnpark.com/themes/registrar/images/logo_namecheap.png

143.204.55.68

412 Precondition Failed

35 B

URL GET HTTP/1.1
i.cdnpark.com/themes/registrar/images/logo_namecheap.png
IP
143.204.55.68:80
ASN
#16509 AMAZON-02

Requested by
http://www.wealthinfo.life/

File type
ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
7ebb535e2d55ed28492aaf67ab35aaa3
fc2bc209e2a4b8b11c38f34174f7496c04f8ed36
ac75abc43e7355185abad70f5fafabca40e4d7608f5b8d1ac4a5f97a064af619

HTTP Headers

GET /themes/registrar/images/logo_namecheap.png HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.wealthinfo.life/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 412 Precondition Failed
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Thu, 28 Sep 2023 09:35:00 GMT
X-Error: Domain unknown
X-Cache: Error from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NzsQPYe9u-ohwuc9xnc9HA04wylNFlCQsXp4g7t5owWG7lUFm1e2bg==

GET parkingcrew.net/jsparkcaf.php?regcn=243142&_v=2&_h=www.wealthinfo.life&_t=1695893700755

185.53.179.29

412 Precondition Failed

35 B

URL GET HTTP/1.1
parkingcrew.net/jsparkcaf.php?regcn=243142&_v=2&_h=www.wealthinfo.life&_t=1695893700755
IP
185.53.179.29:80
ASN
#61969 Team Internet AG

Requested by
http://www.wealthinfo.life/

File type
ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
7ebb535e2d55ed28492aaf67ab35aaa3
fc2bc209e2a4b8b11c38f34174f7496c04f8ed36
ac75abc43e7355185abad70f5fafabca40e4d7608f5b8d1ac4a5f97a064af619

HTTP Headers

GET /jsparkcaf.php?regcn=243142&_v=2&_h=www.wealthinfo.life&_t=1695893700755 HTTP/1.1
Host: parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.wealthinfo.life/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 412 Precondition Failed
Server: nginx
Date: Thu, 28 Sep 2023 09:35:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Error: Domain unknown

GET i.cdnpark.com/themes/registrar/images/logo_namecheap.png

143.204.55.68

412 Precondition Failed

35 B

URL GET HTTP/1.1
i.cdnpark.com/themes/registrar/images/logo_namecheap.png
IP
143.204.55.68:80
ASN
#16509 AMAZON-02

Requested by
http://www.wealthinfo.life/

File type
ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
7ebb535e2d55ed28492aaf67ab35aaa3
fc2bc209e2a4b8b11c38f34174f7496c04f8ed36
ac75abc43e7355185abad70f5fafabca40e4d7608f5b8d1ac4a5f97a064af619

HTTP Headers

GET /themes/registrar/images/logo_namecheap.png HTTP/1.1
Host: i.cdnpark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.wealthinfo.life/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 412 Precondition Failed
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Thu, 28 Sep 2023 09:35:00 GMT
X-Error: Domain unknown
X-Cache: Error from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qp7FwDKJjJUH5S4zJ4s2SmiY3XpgBNGMZoq3UQcSt_jm5_FR6-G9lw==

GET www.wealthinfo.life/favicon.ico

0.0.0.0

0 B

URL GET
www.wealthinfo.life/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.wealthinfo.life/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.wealthinfo.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.wealthinfo.life/
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (7)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN