GET ytayl.mebackfrhistrol.org/
200 OK 1.0 MB URL User Request GET ytayl.mebackfrhistrol.org/
IP
Certificate IssuerLet's Encrypt
Subjectmebackfrhistrol.org
Fingerprint0F:80:0F:23:E2:EF:72:F8:9B:E5:42:FE:E4:65:40:4B:C9:76:0E:AF
ValidityWed, 23 Apr 2025 05:18:44 GMT - Tue, 22 Jul 2025 05:18:43 GMT
File type HTML document, ASCII text, with very long lines (65083)
Size 1.0 MB (1037688 bytes)
Hash 7604347c374105541e4194228649e209
bc9ab3b1a6dff86d362bc4a6df08464ae75eaeb3
f88ebcb7de6c5e51dc41860d0c410488445304a300c31b5e23e0770ba2277f60
GET / HTTP/1.1
Host: ytayl.mebackfrhistrol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, content-type
content-encoding: gzip
X-Firefox-Spdy: h2
GET ytayl.mebackfrhistrol.org/service_worker.js
200 OK 140 kB URL GET ytayl.mebackfrhistrol.org/service_worker.js
IP
Requested by https://ytayl.mebackfrhistrol.org/
Certificate IssuerLet's Encrypt
Subjectmebackfrhistrol.org
Fingerprint0F:80:0F:23:E2:EF:72:F8:9B:E5:42:FE:E4:65:40:4B:C9:76:0E:AF
ValidityWed, 23 Apr 2025 05:18:44 GMT - Tue, 22 Jul 2025 05:18:43 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 140 kB (139543 bytes)
Hash cbcb6557f617f149532c723cc4edd57c
051e2f9348d9ee04bad6565b3f406ad6ced1caa0
9846e67f8cd6186b03d3f831826c0c457b99ea8c9f98ea63cddcac7e0fe43251
GET /service_worker.js HTTP/1.1
Host: ytayl.mebackfrhistrol.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty/1.21.4.1
date: Thu, 05 Jun 2025 15:34:10 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With, content-type
content-encoding: gzip
X-Firefox-Spdy: h2
GET encythan.online/dGRPUDIPRjwnbQEWI3IIVgw7JEIHXmB%2FSwAFNjwcGQEtMVEfAj04WwcQPT9eWgs9Nx0HAT0mWxcBECddBg8qIhweF218EAcJKXIIRUhtI18CRnVyAVpQbXwQAAUoD1sQRnVyC0VUemYHVkhtI0cWOyY0AFZebTIHFlJ8NApHSSozUU1JezFXTUkuNlZASSk1C0dVeGhQF1x6ZxAJ
0 B URL GET encythan.online/dGRPUDIPRjwnbQEWI3IIVgw7JEIHXmB%2FSwAFNjwcGQEtMVEfAj04WwcQPT9eWgs9Nx0HAT0mWxcBECddBg8qIhweF218EAcJKXIIRUhtI18CRnVyAVpQbXwQAAUoD1sQRnVyC0VUemYHVkhtI0cWOyY0AFZebTIHFlJ8NApHSSozUU1JezFXTUkuNlZASSk1C0dVeGhQF1x6ZxAJ
IP
Requested by https://ytayl.mebackfrhistrol.org/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /dGRPUDIPRjwnbQEWI3IIVgw7JEIHXmB%2FSwAFNjwcGQEtMVEfAj04WwcQPT9eWgs9Nx0HAT0mWxcBECddBg8qIhweF218EAcJKXIIRUhtI18CRnVyAVpQbXwQAAUoD1sQRnVyC0VUemYHVkhtI0cWOyY0AFZebTIHFlJ8NApHSSozUU1JezFXTUkuNlZASSk1C0dVeGhQF1x6ZxAJ HTTP/1.1
Host: encythan.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
34.225.16.8
0.0.0.0