Report - qathre3vt.top

Report Overview

Visited public
2023-12-06 12:53:33
Tags
URL
qathre3vt.top
Finishing URL
qathre3vt.top/
IP / ASN
130.193.43.88
#200350 Yandex.Cloud LLC
Title
qathre3vt.top/

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
qathre3vt.top	unknown	2023-12-04	2023-12-06 04:23:44	2023-12-06 04:23:44	745 B	400 B	130.193.43.88

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-06 12:53:22	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-12-06 12:53:22	medium	Client IP	130.193.43.88	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (2)

URL IP Response Size

qathre3vt.top/

130.193.43.88

200 OK

12 B

URL User Request GET HTTP/1.1
qathre3vt.top/
IP
130.193.43.88:80
ASN
#200350 Yandex.Cloud LLC

File type
ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET / HTTP/1.1
Host: qathre3vt.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 06 Dec 2023 12:53:16 GMT
content-type: text/html; charset=utf-8
content-length: 12
etag: W/"c-+B2Ar5y+sAETFvu6PagAKzIlH3o"

qathre3vt.top/favicon.ico

130.193.43.88

404 Not Found

9 B

URL GET HTTP/1.1
qathre3vt.top/favicon.ico
IP
130.193.43.88:80
ASN
#200350 Yandex.Cloud LLC

Requested by
http://qathre3vt.top/

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: qathre3vt.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://qathre3vt.top/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
server: nginx/1.18.0 (Ubuntu)
date: Wed, 06 Dec 2023 12:53:16 GMT
content-type: text/plain; charset=utf-8
content-length: 9
etag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (2)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers