almendrosterra2.com/cmg/link.html
149.56.93.240200 OK 132 B URL User Request GET HTTP/2 almendrosterra2.com/cmg/link.html
IP 149.56.93.240:443
Certificate IssuerLet's Encrypt
Subjectalmendrosterra2.com
Fingerprint6F:4A:DA:55:B8:AE:B4:6A:17:BD:14:CF:AD:C7:EB:A4:25:C4:32:0F
ValiditySun, 07 May 2023 01:50:22 GMT - Sat, 05 Aug 2023 01:50:21 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 4acb3d0fa0d608016ca744d99c39b429
8e1f499657493dab7221d3f4ffb054c7c76b2692
7765364e914cbd0bab1c373f153eb7ca3339fd23bd291b029c6bbeb7e50ef6f3
Analyzer Verdict Alert fortinet Phishing
GET /cmg/link.html HTTP/1.1
Host: almendrosterra2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 23 May 2023 19:22:52 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 132
date: Mon, 29 May 2023 03:53:39 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
almendrosterra2.com/favicon.ico
149.56.93.240404 Not Found 1.2 kB URL GET HTTP/3 almendrosterra2.com/favicon.ico
IP 149.56.93.240:443
Requested by https://almendrosterra2.com/cmg/link.html
Certificate IssuerLet's Encrypt
Subjectalmendrosterra2.com
Fingerprint6F:4A:DA:55:B8:AE:B4:6A:17:BD:14:CF:AD:C7:EB:A4:25:C4:32:0F
ValiditySun, 07 May 2023 01:50:22 GMT - Sat, 05 Aug 2023 01:50:21 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: almendrosterra2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://almendrosterra2.com/cmg/link.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 29 May 2023 03:53:41 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
drillersvm.com/host/admin/js/sc.js
45.15.25.122200 OK 77 kB URL GET HTTP/2 drillersvm.com/host/admin/js/sc.js
IP 45.15.25.122:443
ASN #47583 Hostinger International Limited
Requested by https://almendrosterra2.com/cmg/link.html
Certificate IssuerLet's Encrypt
Subjectdrillersvm.com
FingerprintCF:AC:60:01:62:25:41:86:F6:00:59:74:93:8D:C9:87:75:21:15:49
ValidityWed, 10 May 2023 10:22:02 GMT - Tue, 08 Aug 2023 10:22:01 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5c05de7de220f69837dee08b2ae58883
22f4b2fac6d113ee9b482e749576f6e453018ed9
1f5c1bdb200cbd9423524b9e3c4dd1275de31313bf2f30a7318be555bec56330
GET /host/admin/js/sc.js HTTP/1.1
Host: drillersvm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://almendrosterra2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 03:39:00 GMT
content-type: application/javascript
last-modified: Tue, 25 Apr 2023 10:18:34 GMT
etag: W/"6447a8fa-12d3b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2