URL User Request GET HTTP/1.1IP204.11.56.48:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectcstaft.com FingerprintFB:98:65:B3:2F:9C:86:F9:D9:BE:6A:7E:74:BB:76:55:62:1C:B6:11 ValidityTue, 02 Apr 2024 00:00:00 GMT - Mon, 01 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (59546), with CRLF, LF line terminators Hash5ae549888c3b2e0ab8a874c0946d198b 5292f568defea60f66b8516e8db1b261d94ae9e9 1ce5d6264526e3d9bc09c36a675d30abe4f1b7cb7965ee9a124bc34d01c38822
Analyzer | Verdict | Alert | PhishTank | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: cstaft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 25 Apr 2024 05:53:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_VKgVIu6L44tD4tOJlZiQ1Ri6wnK/W72ApkLLK1uKCembY73cFygs29Hr1atubm6MUZ93WiGT7e12NIc14QJuGg==
|
IP204.11.56.48:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectcstaft.com FingerprintFB:98:65:B3:2F:9C:86:F9:D9:BE:6A:7E:74:BB:76:55:62:1C:B6:11 ValidityTue, 02 Apr 2024 00:00:00 GMT - Mon, 01 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (346), with no line terminators Hashf84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
Analyzer | Verdict | Alert | PhishTank | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /px.js?ch=1 HTTP/1.1
Host: cstaft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cstaft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 25 Apr 2024 05:53:05 GMT
Content-Type: application/javascript
Content-Length: 346
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
|
IP204.11.56.48:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectcstaft.com FingerprintFB:98:65:B3:2F:9C:86:F9:D9:BE:6A:7E:74:BB:76:55:62:1C:B6:11 ValidityTue, 02 Apr 2024 00:00:00 GMT - Mon, 01 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (346), with no line terminators Hashf84f931c0dd37448e03f0dabf4e4ca9f 9c2c50edcf576453ccc07bf65668bd23c76e8663 5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
Analyzer | Verdict | Alert | PhishTank | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /px.js?ch=2 HTTP/1.1
Host: cstaft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cstaft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 25 Apr 2024 05:53:05 GMT
Content-Type: application/javascript
Content-Length: 346
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
|
| sedoparking.com/frmpark/cstaft.com/Skenzor6/park.js | 64.190.63.136 | 200 OK | 605 B |
URL GET HTTP/2sedoparking.com/frmpark/cstaft.com/Skenzor6/park.js IP64.190.63.136:443
CertificateIssuerDigiCert Inc Subjectsedoparking.com Fingerprint55:E4:60:4D:0F:A1:FE:75:A6:FB:1C:8E:3F:AF:7C:D2:E0:3F:94:97 ValidityFri, 05 Jan 2024 00:00:00 GMT - Sun, 05 Jan 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hash15241c372656f9aad6a26ffa2c53c9d8 7901db0724a963bd28a85ba1559cad17d07f7661 95af63d8ea1f2a5e8a75c174223ec4a99aca97f13e13029041a789f0d5340336
GET /frmpark/cstaft.com/Skenzor6/park.js HTTP/1.1
Host: sedoparking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cstaft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Thu, 25 Apr 2024 05:53:05 GMT
server: NginX
vary: Accept-Encoding
x-cache-miss-from: parking-55fd589654-9qszh
x-powered-by: PHP/8.1.17
X-Firefox-Spdy: h2
|
IP204.11.56.48:443 ASN#40034 CONFLUENCE-NETWORK-INC
CertificateIssuerZeroSSL Subjectcstaft.com FingerprintFB:98:65:B3:2F:9C:86:F9:D9:BE:6A:7E:74:BB:76:55:62:1C:B6:11 ValidityTue, 02 Apr 2024 00:00:00 GMT - Mon, 01 Jul 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash6608dd3e21ca3beabd4bdfa625a0b221 e926d0f8694a4bc4013308afaca7af51e4c9fd9f c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75
Analyzer | Verdict | Alert | PhishTank | phishing | Steam | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: cstaft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cstaft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: openresty
Date: Thu, 25 Apr 2024 05:53:05 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 10
Connection: keep-alive
|