www.itsnotonthetest.com/
206.237.197.175 577 B IP 206.237.197.175:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (510), with CRLF line terminators
Hash af8cf413e8222c364ed5a37215a0117f
d4e17ea27a16552e366b8f9798e14b501f54123e
cdab5b6dbc6fbbcf53775bb2c8f4f5aad05bf6e397e9cf4e06e2d6a49363b632
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.itsnotonthetest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 27 May 2023 20:09:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.itsnotonthetest.com/tag/alec-baldwin
206.237.197.175 577 B URL User Request GET www.itsnotonthetest.com/tag/alec-baldwin
IP 206.237.197.175:0
ASN #398823 PEGTECHINC-AP-02
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (510), with CRLF line terminators
Hash af8cf413e8222c364ed5a37215a0117f
d4e17ea27a16552e366b8f9798e14b501f54123e
cdab5b6dbc6fbbcf53775bb2c8f4f5aad05bf6e397e9cf4e06e2d6a49363b632
Analyzer Verdict Alert fortinet Phishing
GET /tag/alec-baldwin HTTP/1.1
Host: www.itsnotonthetest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 27 May 2023 20:09:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.itsnotonthetest.com/common.js
206.237.197.175200 OK 785 B URL GET HTTP/1.1 www.itsnotonthetest.com/common.js
IP 206.237.197.175:80
ASN #398823 PEGTECHINC-AP-02
Requested by http://www.itsnotonthetest.com/tag/alec-baldwin
File type HTML document, ASCII text, with CRLF line terminators
Hash 9861f6227e67fed5ac924bd49dd5f2df
abea6ff497a27991e8329019cf446ded1f53fb4a
22f5e5c5666dae5bdfc7bd4d631e90ef4dfe6995f740888640d16a5b60c054b0
Analyzer Verdict Alert fortinet Phishing
GET /common.js HTTP/1.1
Host: www.itsnotonthetest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.itsnotonthetest.com/tag/alec-baldwin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 27 May 2023 20:09:41 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.itsnotonthetest.com/tj.js
206.237.197.175200 OK 704 B URL GET HTTP/1.1 www.itsnotonthetest.com/tj.js
IP 206.237.197.175:80
ASN #398823 PEGTECHINC-AP-02
Requested by http://www.itsnotonthetest.com/tag/alec-baldwin
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Hash 5704ce029dbcf9462e965909fa1f574d
d920ced49903a399e888b375986e7ec99effd0ec
d17618f7f8fb2ddbbcef2b19f7db61d549a6074bfc7a97672a69deb74bdf9053
Analyzer Verdict Alert fortinet Phishing
GET /tj.js HTTP/1.1
Host: www.itsnotonthetest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.itsnotonthetest.com/tag/alec-baldwin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 27 May 2023 20:09:41 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.itsnotonthetest.com/favicon.ico
206.237.197.175200 OK 1.2 kB URL GET HTTP/1.1 www.itsnotonthetest.com/favicon.ico
IP 206.237.197.175:80
ASN #398823 PEGTECHINC-AP-02
Requested by http://www.itsnotonthetest.com/tag/alec-baldwin
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.itsnotonthetest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.itsnotonthetest.com/tag/alec-baldwin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 27 May 2023 20:09:42 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Thu, 01 Jun 2023 20:09:42 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
sdk.51.la/js-sdk-pro.min.js
42.236.73.206200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 42.236.73.206:80
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://www.itsnotonthetest.com/tag/alec-baldwin
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.itsnotonthetest.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 27 May 2023 20:09:27 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 15 May 2023 03:19:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6461a4bd-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
sdk.51.la/js-sdk-pro.min.js
42.236.73.206200 OK 13 kB URL GET HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 42.236.73.206:80
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://www.itsnotonthetest.com/tag/alec-baldwin
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.itsnotonthetest.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 27 May 2023 20:09:27 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 15 May 2023 03:19:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6461a4bd-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:80
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://www.itsnotonthetest.com/tag/alec-baldwin
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 509
Origin: http://www.itsnotonthetest.com
DNT: 1
Connection: keep-alive
Referer: http://www.itsnotonthetest.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 27 May 2023 20:09:38 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.itsnotonthetest.com
Access-Control-Allow-Credentials: true
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:80
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://www.itsnotonthetest.com/tag/alec-baldwin
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 505
Origin: http://www.itsnotonthetest.com
DNT: 1
Connection: keep-alive
Referer: http://www.itsnotonthetest.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 27 May 2023 20:09:38 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.itsnotonthetest.com
Access-Control-Allow-Credentials: true
api.fdhfk8-324fddf.xyz/news/data.php
0.0.0.0 0 B URL GET api.fdhfk8-324fddf.xyz/news/data.php
IP 0.0.0.0:0
Requested by http://www.itsnotonthetest.com/tag/alec-baldwin
Certificate IssuerLet's Encrypt
Subjectapi.fdhfk8-324fddf.xyz
FingerprintF7:84:83:12:AA:FC:3D:E8:D2:38:2D:8C:83:0E:1E:6D:1E:71:7A:29
ValidityTue, 23 May 2023 13:28:34 GMT - Mon, 21 Aug 2023 13:28:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /news/data.php HTTP/1.1
Host: api.fdhfk8-324fddf.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.itsnotonthetest.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache