| | 13.213.161.248 | 200 OK | 1.1 kB |
URL User Request GET HTTP/1.1IP13.213.161.248:443
CertificateIssuerLet's Encrypt Subjectdreamforgegenius.com Fingerprint2D:97:D9:83:AE:DF:0E:EE:36:60:7C:09:70:A2:E5:43:83:0D:B8:50 ValidityThu, 18 Apr 2024 09:04:53 GMT - Wed, 17 Jul 2024 09:04:52 GMT
File typeHTML document, ASCII text Hash196f81187bd04ca3badc72a6ec005e2e 50a0c5d385d876c8ebc2e4234e611b3383f4eecd 16adc33a2826aa695ec1f17a878d47472bb52230a2f9a846b38ee31c17912dbf
GET /ww/ HTTP/1.1
Host: dreamforgegenius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 06:32:44 GMT
Content-Type: text/html
Last-Modified: Thu, 18 Apr 2024 09:53:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6620ed92-c47"
Content-Encoding: gzip
|
|
| dreamforgegenius.com/ww/common.js?v=20230908 | 13.213.161.248 | 200 OK | 2.1 kB |
URL GET HTTP/1.1dreamforgegenius.com/ww/common.js?v=20230908 IP13.213.161.248:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectdreamforgegenius.com Fingerprint2D:97:D9:83:AE:DF:0E:EE:36:60:7C:09:70:A2:E5:43:83:0D:B8:50 ValidityThu, 18 Apr 2024 09:04:53 GMT - Wed, 17 Jul 2024 09:04:52 GMT
File typeJavaScript source, ASCII text Hash4dc567b11ef20e55a9d7ce548ef66f8b 6a58f4e0587b9ebc86979180d63d10971039f986 2db4ac3036313ec3b8837d5120a627f0629812d3d2f696e530001ed9ef48046a
GET /ww/common.js?v=20230908 HTTP/1.1
Host: dreamforgegenius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/ww/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 06:32:44 GMT
Content-Type: application/javascript
Content-Length: 2102
Last-Modified: Sat, 20 Apr 2024 22:54:56 GMT
Connection: keep-alive
ETag: "662447c0-836"
Accept-Ranges: bytes
|
|
| dreamforgegenius.com/ww/app.css?v=20230908 | 13.213.161.248 | 200 OK | 1.2 kB |
URL GET HTTP/1.1dreamforgegenius.com/ww/app.css?v=20230908 IP13.213.161.248:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectdreamforgegenius.com Fingerprint2D:97:D9:83:AE:DF:0E:EE:36:60:7C:09:70:A2:E5:43:83:0D:B8:50 ValidityThu, 18 Apr 2024 09:04:53 GMT - Wed, 17 Jul 2024 09:04:52 GMT
Hash20b575b0fb6f39b11a7a0f401fe37def 804658ce14c6983e0d1eb9695f401df1da9ae104 574646d1619d14f5d751ec9cdb5cafd661b58c2b463c0c0560477aafdbca15a7
GET /ww/app.css?v=20230908 HTTP/1.1
Host: dreamforgegenius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/ww/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 06:32:44 GMT
Content-Type: text/css
Content-Length: 1242
Last-Modified: Thu, 18 Apr 2024 09:53:22 GMT
Connection: keep-alive
ETag: "6620ed92-4da"
Accept-Ranges: bytes
|
|
| kaichulazy.com/pfe/current/micro.tag.min.js?z=7373515&sw=/sw-check-permissions-eeadc.js | 139.45.197.250 | 200 OK | 15 kB |
URL GET HTTP/2kaichulazy.com/pfe/current/micro.tag.min.js?z=7373515&sw=/sw-check-permissions-eeadc.js IP139.45.197.250:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectkaichulazy.com Fingerprint26:E2:83:75:E7:20:E7:49:4C:19:AB:26:85:B3:81:13:FB:B8:E4:96 ValidityMon, 15 Apr 2024 11:40:56 GMT - Sun, 14 Jul 2024 11:40:55 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=7373515&sw=/sw-check-permissions-eeadc.js HTTP/1.1
Host: kaichulazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 06:32:45 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 258
Origin: https://dreamforgegenius.com
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 06:32:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 21dacba6aa06463de5e5c801cc4335a1
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://dreamforgegenius.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 260
Origin: https://dreamforgegenius.com
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 06:32:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d1b2b0f86e7f6cbe4497de26e32d7274
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://dreamforgegenius.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 261
Origin: https://dreamforgegenius.com
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 06:32:45 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 1d62cc1eacbb1127098a8fd33616fc60
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://dreamforgegenius.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dreamforgegenius.com/
Origin: https://dreamforgegenius.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 06:32:45 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://dreamforgegenius.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash5eb30f27188d28c316ad33501470b63f 5069e437bf4d4967602403f76362c362a94ceca3 117c25ad1f1dadfae94b8e8a25b26d3ecd7e251beca531871d477ac03778a03c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dreamforgegenius.com/
Content-Type: application/json
Content-Length: 886
Origin: https://dreamforgegenius.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 06:32:45 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://dreamforgegenius.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| dreamforgegenius.com/favicon.ico | 13.213.161.248 | 404 Not Found | 123 B |
URL GET HTTP/1.1dreamforgegenius.com/favicon.ico IP13.213.161.248:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectdreamforgegenius.com Fingerprint2D:97:D9:83:AE:DF:0E:EE:36:60:7C:09:70:A2:E5:43:83:0D:B8:50 ValidityThu, 18 Apr 2024 09:04:53 GMT - Wed, 17 Jul 2024 09:04:52 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash1b7c22a214949975556626d7217e9a39 d01c97e2944166ed23e47e4a62ff471ab8fa031f 340c8464c2007ce3f80682e15dfafa4180b641d53c14201b929906b7b0284d87
GET /favicon.ico HTTP/1.1
Host: dreamforgegenius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/ww/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 06:32:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
|
|
| dreamforgegenius.com/ww/logo.png | 13.213.161.248 | 200 OK | 126 kB |
URL GET HTTP/1.1dreamforgegenius.com/ww/logo.png IP13.213.161.248:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectdreamforgegenius.com Fingerprint2D:97:D9:83:AE:DF:0E:EE:36:60:7C:09:70:A2:E5:43:83:0D:B8:50 ValidityThu, 18 Apr 2024 09:04:53 GMT - Wed, 17 Jul 2024 09:04:52 GMT
File typePNG image data, 428 x 428, 8-bit/color RGBA, non-interlaced Size126 kB (126328 bytes) Hash5508f73c1f4dc5da1e5ecbc51d89f790 d7dafcbfff27c8eeff43e0cebc1921e08bec5bdd 61f0bfd78db37ce5f34454f0b346017092b66d4007e3bbeac56b4c4917385e0c
GET /ww/logo.png HTTP/1.1
Host: dreamforgegenius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/ww/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 06:32:45 GMT
Content-Type: image/png
Content-Length: 126328
Last-Modified: Thu, 18 Apr 2024 09:53:22 GMT
Connection: keep-alive
ETag: "6620ed92-1ed78"
Accept-Ranges: bytes
|
|
| dreamforgegenius.com/ww/Credit%20line.jpg | 13.213.161.248 | 200 OK | 527 kB |
URL GET HTTP/1.1dreamforgegenius.com/ww/Credit%20line.jpg IP13.213.161.248:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectdreamforgegenius.com Fingerprint2D:97:D9:83:AE:DF:0E:EE:36:60:7C:09:70:A2:E5:43:83:0D:B8:50 ValidityThu, 18 Apr 2024 09:04:53 GMT - Wed, 17 Jul 2024 09:04:52 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x628, components 3 Size527 kB (526864 bytes) Hash0c54cdc4bfb284640751dc99685027cb d6fafd8d9e22404160daa1a7c70f8252b47d1e97 98a345c5b3db028c31e335bebfdec3e9afda82a88e2e63ca61dae2dadafb2b2e
GET /ww/Credit%20line.jpg HTTP/1.1
Host: dreamforgegenius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/ww/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 06:32:45 GMT
Content-Type: image/jpeg
Content-Length: 526864
Last-Modified: Thu, 18 Apr 2024 09:53:22 GMT
Connection: keep-alive
ETag: "6620ed92-80a10"
Accept-Ranges: bytes
|
|
| dreamforgegenius.com/sw-check-permissions-eeadc.js?zoneId=7373515 | 13.213.161.248 | 200 OK | 570 B |
URL GET HTTP/1.1dreamforgegenius.com/sw-check-permissions-eeadc.js?zoneId=7373515 IP13.213.161.248:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectdreamforgegenius.com Fingerprint2D:97:D9:83:AE:DF:0E:EE:36:60:7C:09:70:A2:E5:43:83:0D:B8:50 ValidityThu, 18 Apr 2024 09:04:53 GMT - Wed, 17 Jul 2024 09:04:52 GMT
Hash2cc92a7ff3707b193d26af880e5b131b 390cb4e685a416a470697292d54194577d374e9e 272a85dbf6f44b55450dd1a6b972733f50eb6b67fcb03f394bab9571c9191adb
GET /sw-check-permissions-eeadc.js?zoneId=7373515 HTTP/1.1
Host: dreamforgegenius.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/ww/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 26 Apr 2024 06:32:47 GMT
Content-Type: application/javascript
Content-Length: 570
Last-Modified: Sat, 20 Apr 2024 22:54:56 GMT
Connection: keep-alive
ETag: "662447c0-23a"
Accept-Ranges: bytes
|
|
| kaichulazy.com/zone?&pub=0&zone_id=7373515&is_mobile=false&domain=dreamforgegenius.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=eeb001de-2f6a-4659-9a99-da4008fe58dd&action=prerequest | 139.45.197.250 | 200 OK | 0 B |
URL POST HTTP/2kaichulazy.com/zone?&pub=0&zone_id=7373515&is_mobile=false&domain=dreamforgegenius.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=eeb001de-2f6a-4659-9a99-da4008fe58dd&action=prerequest IP139.45.197.250:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectkaichulazy.com Fingerprint26:E2:83:75:E7:20:E7:49:4C:19:AB:26:85:B3:81:13:FB:B8:E4:96 ValidityMon, 15 Apr 2024 11:40:56 GMT - Sun, 14 Jul 2024 11:40:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7373515&is_mobile=false&domain=dreamforgegenius.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=eeb001de-2f6a-4659-9a99-da4008fe58dd&action=prerequest HTTP/1.1
Host: kaichulazy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dreamforgegenius.com
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 06:32:45 GMT
content-length: 0
x-trace-id: 911b69c56aa586ffc7fb1e18cc3107f8
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://dreamforgegenius.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| desenteir.com/pfe/current/reverse.min.js?sf=1 | 139.45.197.252 | 200 OK | 1.2 kB |
URL GET HTTP/2desenteir.com/pfe/current/reverse.min.js?sf=1 IP139.45.197.252:443
Requested byhttps://dreamforgegenius.com/ww/ CertificateIssuerLet's Encrypt Subjectdesenteir.com FingerprintBB:E1:FF:08:F7:90:E0:40:BF:A4:59:6A:83:5B:75:33:7D:65:65:B8 ValiditySun, 11 Feb 2024 20:07:28 GMT - Sat, 11 May 2024 20:07:27 GMT
File typeJavaScript source, ASCII text, with very long lines (1217), with no line terminators Hash19fa1dbb952ff8bf2480f4135be72b90 a78194bb1a50a19de1f0379ec42846977f1cf197 5865c72bb7291c94d8603bf8fb936587914c45dfe5610d49a811aa166c187e10
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/reverse.min.js?sf=1 HTTP/1.1
Host: desenteir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dreamforgegenius.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 06:32:45 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-4a5"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|