difv.shop/index.php?WZyIKlnc=W16993485687365881R23496Uv8066tA15799U798RHlY11037vBU
309 B URL difv.shop/index.php?WZyIKlnc=W16993485687365881R23496Uv8066tA15799U798RHlY11037vBU
IP
ASN #48347 JSC Mediasoft ekspert
File type HTML document, ASCII text, with very long lines (309), with no line terminators
Hash eed0448c653230490aa55a19456450ec
e9907d810c9cbe5924c082cad87d191b118f8750
d62e4e5635df3d4e4843cd1d07403e42bee9a79321f07fde588391b0d132fb6b
GET /index.php?WZyIKlnc=W16993485687365881R23496Uv8066tA15799U798RHlY11037vBU HTTP/1.1
Host: difv.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 10 Dec 2023 04:27:08 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.2.34
Connection: close
Content-Length: 309
Content-Type: text/html; charset=UTF-8
tundrafolder.com/cdn-cgi/images/icon-exclamation.png?1376755637
200 OK 452 B URL GET HTTP/2 tundrafolder.com/cdn-cgi/images/icon-exclamation.png?1376755637
IP
Requested by https://tundrafolder.com/show.php?l=0&u=7020&id=48425&tracking_id=2
Certificate IssuerGoogle Trust Services LLC
Subjecttundrafolder.com
FingerprintF2:CC:9A:AB:32:D3:75:9A:E8:06:09:C4:1B:CD:73:87:57:57:A6:B4
ValiditySat, 18 Nov 2023 12:29:13 GMT - Fri, 16 Feb 2024 12:29:12 GMT
File type PNG image data, 54 x 54, 8-bit colormap, non-interlaced
- data
Hash c33de66281e933259772399d10a6afe8
b9f9d500f8814381451011d4dcf59cd2d90ad94f
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Analyzer Verdict Alert urlquery suspicious Suspicious - Sinkholed / Blocked
GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
Host: tundrafolder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tundrafolder.com/cdn-cgi/styles/cf.errors.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 10 Dec 2023 04:27:09 GMT
content-type: image/png
content-length: 452
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
etag: "6569f5f8-1c4"
server: cloudflare
cf-ray: 8332bbd8ed7b56cc-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 10 Dec 2023 06:27:09 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2
tundrafolder.com/show.php?l=0&u=7020&id=48425&tracking_id=2
200 OK 4.4 kB URL User Request GET HTTP/2 tundrafolder.com/show.php?l=0&u=7020&id=48425&tracking_id=2
IP
Certificate IssuerGoogle Trust Services LLC
Subjecttundrafolder.com
FingerprintF2:CC:9A:AB:32:D3:75:9A:E8:06:09:C4:1B:CD:73:87:57:57:A6:B4
ValiditySat, 18 Nov 2023 12:29:13 GMT - Fri, 16 Feb 2024 12:29:12 GMT
File type HTML document text
- HTML document text
- HTML document text
- HTML document text
- HTML document text
- HTML document text
- HTML document text
- exported SGML document text
- exported SGML document, ASCII text, with very long lines (4675), with no line terminators
Hash 0755ce13fd0f2f04bf71768489854f14
9b3ca8c4dcb149378b433fab7026580f07bce2f1
fde582da93d2525b052d517d70f757849c8b41dd2b311fd33435bccdacf44948
GET /show.php?l=0&u=7020&id=48425&tracking_id=2 HTTP/1.1
Host: tundrafolder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://difv.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 04:27:09 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bU0c541BrnhFYBzVq%2Fgo%2FpqL5GAo15cj9sSXSBWj92dwfbxucaB3uMuw79%2FrmzBIPoszEraA283EefC82zW8Otici1lunvBzqWCmGjClfbAOCXdQPauFKKt6JFzs9k0blHP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8332bbd6cce956cc-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
tundrafolder.com/cdn-cgi/styles/cf.errors.css
200 OK 24 kB URL GET HTTP/2 tundrafolder.com/cdn-cgi/styles/cf.errors.css
IP
Requested by https://tundrafolder.com/show.php?l=0&u=7020&id=48425&tracking_id=2
Certificate IssuerGoogle Trust Services LLC
Subjecttundrafolder.com
FingerprintF2:CC:9A:AB:32:D3:75:9A:E8:06:09:C4:1B:CD:73:87:57:57:A6:B4
ValiditySat, 18 Nov 2023 12:29:13 GMT - Fri, 16 Feb 2024 12:29:12 GMT
File type ASCII text, with very long lines (24131)
Hash a1cedc21f16b5a97114857154fab35e9
95e9890a15a4f7f94f7f19d2c297e4b07503c526
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Analyzer Verdict Alert urlquery suspicious Suspicious - Sinkholed / Blocked
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: tundrafolder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tundrafolder.com/show.php?l=0&u=7020&id=48425&tracking_id=2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 04:27:09 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 15:04:24 GMT
etag: W/"6569f5f8-5e44"
server: cloudflare
cf-ray: 8332bbd8bd7256cc-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Sun, 10 Dec 2023 06:27:09 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2
tundrafolder.com/favicon.ico
200 OK 1.2 kB URL GET HTTP/2 tundrafolder.com/favicon.ico
IP
Requested by https://tundrafolder.com/show.php?l=0&u=7020&id=48425&tracking_id=2
Certificate IssuerGoogle Trust Services LLC
Subjecttundrafolder.com
FingerprintF2:CC:9A:AB:32:D3:75:9A:E8:06:09:C4:1B:CD:73:87:57:57:A6:B4
ValiditySat, 18 Nov 2023 12:29:13 GMT - Fri, 16 Feb 2024 12:29:12 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
- data
Hash 34cd4bc7a26dd5f4fdc3097eab4f7675
0698a12d1bd3e77388642c18c6023cb929be4b28
65feb706d0e6fea4098634dbed48611cb8608cd45dd3ca279ed66612300aa700
GET /favicon.ico HTTP/1.1
Host: tundrafolder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tundrafolder.com/show.php?l=0&u=7020&id=48425&tracking_id=2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 10 Dec 2023 04:27:09 GMT
content-type: image/vnd.microsoft.icon
last-modified: Fri, 06 Mar 2020 00:23:32 GMT
etag: W/"47e-5a024a9dbf035"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoB3hj3Bt06xYjNl9iCq3XuDXHRcY7ysduGpQvgs3AGkGiGNM1ZBhs59tGQdSjdJ7upoLS5wWjn%2BIZMcKA6zKVeSlZjkLtOLqOCa2ENVdcg%2BKfev9Ap5rhMYPH5kqEHqgWDW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8332bbd90d8056cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
45.8.230.97
104.21.84.123