Report - comicdom.org.atlaq.com

Report Overview

Visited public
2024-05-03 17:57:41
Tags
URL
comicdom.org.atlaq.com
Finishing URL
comicdom.org.atlaq.com/
IP / ASN
104.21.64.58
#13335 CLOUDFLARENET
Title
HOME - comicdom

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
autoprikid23.ru	unknown	unknown	No data	No data	401 B	189 B	45.130.41.35
t1.gstatic.com	unknown	2008-02-11	2013-05-07 00:57:20	2024-05-02 10:26:16	2.6 kB	8.7 kB	216.58.211.4
atlaq.com	460385	2019-04-07	2019-04-10 14:32:55	2024-02-05 08:26:49	848 B	168 kB	172.67.176.167
automa.net	unknown	2003-06-02	2020-12-01 14:47:20	2023-10-16 20:09:34	384 B	789 B	104.26.10.184
comicdom.org.atlaq.com	unknown	unknown	No data	No data	890 B	32 kB	0.0.0.0
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-05-02 18:48:08	890 B	172 kB	142.250.74.168
preview.atlaq.com	unknown	2019-04-07	2023-10-16 11:41:32	2024-01-26 08:48:02	482 B	4.8 kB	172.67.176.167
www.google.no	25607	2001-02-26	2016-04-05 21:50:59	2024-05-03 03:45:01	583 B	578 B	142.250.74.131
automotivespice.com	unknown	unknown	No data	No data	405 B	1.1 kB	188.94.254.62
status.geotrust.com	3662	1999-04-04	2017-12-01 09:55:31	2024-05-02 18:20:06	331 B	642 B	192.229.221.95
www.autoprin.com	unknown	unknown	No data	No data	402 B	373 B	212.170.49.16
automation24.de	unknown	unknown	No data	No data	389 B	804 B	172.67.72.191
traffic.alexa.com	381412	1996-07-17	2012-05-20 23:46:11	2021-05-14 12:40:47	978 B	0 B	0.0.0.0
autoprin.com	unknown	unknown	No data	No data	398 B	372 B	212.170.49.16
region1.analytics.google.com	unknown	1997-09-15	2022-03-17 12:26:33	2024-05-02 19:06:28	756 B	453 B	216.239.32.36
www.automation24.de	unknown	unknown	No data	No data	393 B	1.3 kB	172.67.72.191
opel.autoprin.com	unknown	unknown	No data	No data	389 B	1.8 kB	91.134.128.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-03	medium	atlaq.com	Sinkholed
2024-05-03	medium	atlaq.com	Sinkholed
2024-05-03	medium	atlaq.com	Sinkholed
2024-05-03	medium	atlaq.com	Sinkholed
2024-05-03	medium	atlaq.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	unknown	147 B	2024-08-20 00:54	2024-08-20 00:54
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-20 00:54 Last Seen2024-08-20 00:54 Times Seen1 Hash 44837981a88ea3f30d46a55e3f5187d8 c9a7db0384c8e6da012a282592524813099fb5b1 a0a08ffd609914658a41ef44ee687b9af4155d2fa0ba6054788339d85d8aadc3 Loading...

	unknown	152 B	2024-08-20 00:54	2024-08-20 00:54
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-20 00:54 Last Seen2024-08-20 00:54 Times Seen1 Hash f23b15cc694781700f82e1598ac9f4d0 5fcd9f354bf32e61366ca8bcd19f1c429133fff8 03c4b4b025920320bd21a2e2f43823ec50502e5a5e188e7cc4b6bcaaf248f29b Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11 21:07	2024-11-28 23:43
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2024-11-28 23:43 Times Seen281800 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	unknown	153 B	2024-08-20 00:54	2024-08-20 00:54
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-20 00:54 Last Seen2024-08-20 00:54 Times Seen1 Hash 0ef09fe435f8d4fc1677e428ec67a916 b62eaec522fec3acaf30b1f6ef0dafaad2849fe4 08b7bed7b1f1a885c480cc9859d67ab5a64e4ad283c4ca8a35d7c2e0dc87abee Loading...

	unknown	156 B	2024-08-20 00:54	2024-08-20 00:54
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-08-20 00:54 Last Seen2024-08-20 00:54 Times Seen1 Hash b3a5e75ce290b69ba477b712080fbad7 71cdb6a025e45cc1466d48a88c4f000e5ec53441 59578fef5d8b5fee923352032ef62b3b762d2c0402d7f57779593dbaaaa7d6e8 Loading...

	comicdom.org.atlaq.com/	4.8 kB	2024-08-20 00:54	2024-08-20 00:54
Pretty URL comicdom.org.atlaq.com/ IP 172.67.176.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 00:54 Last Seen2024-08-20 00:54 Times Seen1 Hash 9fdb03ea5aca9d3119936cca86b72457 a5f0956fbca436407499c4d80590a08368d7e1c4 7e2d6a0c608fb1d1ca7596d70955a9f9dfb6a850ac2108d75caf36d9dec3e4dd Loading...

	comicdom.org.atlaq.com/	154 B	2023-03-10 11:07	2024-11-28 20:47
Pretty URL comicdom.org.atlaq.com/ IP 172.67.176.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 11:07 Last Seen2024-11-28 20:47 Times Seen69 Hash 556aedec3c17b1047b6ea5b24555b6b3 bc98386bf7c5d5088b545befbe3f36738874ca18 25b0f8074b7996c02b28918d9dec52e00501eee8990db393f4a0624d136a828e Loading...

	www.googletagmanager.com/gtag/js?id=UA-85346163-2	197 kB	2024-08-20 00:54	2024-08-20 00:54
Pretty URL www.googletagmanager.com/gtag/js?id=UA-85346163-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 00:54 Last Seen2024-08-20 00:54 Times Seen1 Hash 8e2386ad7f9c542055c06cc403b9b74a d4714ac5004273d01599236ae9645ad5b24c9443 c0f2346d1359b094b3fdde9422d962ec14096afd83f88a8f7349841e4794c3ae Loading...

	comicdom.org.atlaq.com/sandbox%20eval%20code	147 B	2023-04-11 21:07	2024-11-28 23:43
Pretty URL comicdom.org.atlaq.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2024-11-28 23:43 Times Seen282600 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c	294 kB	2024-08-20 00:54	2024-08-20 00:54
Pretty URL www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 00:54 Last Seen2024-08-20 00:54 Times Seen1 Hash ee5ecbc579d652a9003ef108b01516d0 c2d324c670174081d50e6a0b775690df487e5d49 c1906131f2b6dd767bfc950d17e6fdf121e183e62ba7c67927fd37edcee5e0b0 Loading...

HTTP Transactions (25)

URL IP Response Size

autoprin.com/favicon.ico

212.170.49.16

301 Moved Permanently

169 B

URL GET HTTP/2
autoprin.com/favicon.ico
IP
212.170.49.16:443
ASN
#3352 Telefonica De Espana S.a.u.

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectautoprin.com
FingerprintDD:54:A4:4A:52:6A:E5:C1:7C:9F:28:20:59:1F:D3:93:BB:5A:94:05
ValidityTue, 12 Mar 2024 22:40:09 GMT - Mon, 10 Jun 2024 22:40:08 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: autoprin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx/1.18.0
date: Fri, 03 May 2024 17:57:20 GMT
content-type: text/html
content-length: 169
location: https://www.autoprin.com/favicon.ico
X-Firefox-Spdy: h2

status.geotrust.com/

192.229.221.95

471 B

URL
status.geotrust.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
92d608049443d348c4f817b2afd61801
d90e5454b5a2ec2ca2e11322acee5963b30b364d
66d1effeea5318ca8f9dd0d138368d9e4130fbf06cc9480483e7bfb3e20d0ebc

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=7200
Content-Type: application/ocsp-response
Date: Fri, 03 May 2024 17:57:22 GMT
Server: ECAcc (amb/6B53)
Content-Length: 471

www.googletagmanager.com/gtag/js?id=UA-85346163-2

142.250.74.168

200 OK

72 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-85346163-2
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
72 kB (71474 bytes)
Hash
8e2386ad7f9c542055c06cc403b9b74a
d4714ac5004273d01599236ae9645ad5b24c9443
c0f2346d1359b094b3fdde9422d962ec14096afd83f88a8f7349841e4794c3ae

HTTP Headers

GET /gtag/js?id=UA-85346163-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 May 2024 17:57:21 GMT
expires: Fri, 03 May 2024 17:57:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71474
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

automotivespice.com/favicon.ico

188.94.254.62

404 Not Found

955 B

URL GET HTTP/2
automotivespice.com/favicon.ico
IP
188.94.254.62:443
ASN
#15817 Mittwald CM Service GmbH & Co. KG

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerDigiCert Inc
Subjectautomotivespice.com
FingerprintA7:86:C6:E7:CC:1F:AF:CE:8A:04:50:7D:01:DD:FE:C9:E9:B5:56:21
ValidityThu, 14 Dec 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
955 B (955 bytes)
Hash
729d19b380e1eee6ac58741d288a4426
64079769725200836d1b9b6f23d5ab135b95fdbe
7a7bd6790f9afe64521eb1bff1585b63529f53ce26e613fbb200a5beef3f3909

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: automotivespice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
accept-ranges: bytes
content-length: 955
date: Fri, 03 May 2024 17:57:22 GMT
server: Apache
X-Firefox-Spdy: h2

autoprikid23.ru/favicon.ico

45.130.41.35

200 OK

0 B

URL GET HTTP/2
autoprikid23.ru/favicon.ico
IP
45.130.41.35:443
ASN
#198610 Beget LLC

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectautoprikid23.ru
FingerprintAA:F3:1E:7A:70:12:96:47:4E:8C:F7:13:D3:9A:9B:75:E9:13:C3:A1
ValiditySat, 27 Apr 2024 04:35:51 GMT - Fri, 26 Jul 2024 04:35:50 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: autoprikid23.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Fri, 03 May 2024 17:57:26 GMT
content-type: image/vnd.microsoft.icon
content-length: 0
x-powered-by: PHP/7.4.33
X-Firefox-Spdy: h2

www.autoprin.com/favicon.ico

212.170.49.16

301 Moved Permanently

169 B

URL GET HTTP/2
www.autoprin.com/favicon.ico
IP
212.170.49.16:443
ASN
#3352 Telefonica De Espana S.a.u.

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectautoprin.com
FingerprintDD:54:A4:4A:52:6A:E5:C1:7C:9F:28:20:59:1F:D3:93:BB:5A:94:05
ValidityTue, 12 Mar 2024 22:40:09 GMT - Mon, 10 Jun 2024 22:40:08 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
84855c13836b389d5ec7cfd4c9266173
1cf3056ff23c4176fd7ca9816a000ed461d6d323
502083c916ae481cdd413b8d93315300653df5fb3dcc5770c01991de19977eae

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.autoprin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx/1.18.0
date: Fri, 03 May 2024 17:57:26 GMT
content-type: text/html
content-length: 169
location: https://opel.autoprin.com/favicon.ico
X-Firefox-Spdy: h2

preview.atlaq.com/2a27dc9c1c1a8fc61c16f0c2a28e5c4f_comicdom.org.png

172.67.176.167

200 OK

4.0 kB

URL GET HTTP/2
preview.atlaq.com/2a27dc9c1c1a8fc61c16f0c2a28e5c4f_comicdom.org.png
IP
172.67.176.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectatlaq.com
FingerprintF6:95:8D:B9:4E:AC:83:5B:61:5F:D2:F3:40:DD:10:57:D6:75:9E:84
ValidityMon, 25 Mar 2024 23:15:33 GMT - Sun, 23 Jun 2024 23:15:32 GMT

File type
PNG image data, 683 x 384, 8-bit/color RGBA, non-interlaced
Size
4.0 kB (3984 bytes)
Hash
5bec86ffaf71528f0c08eab4983cfbee
5158a207f4f6e661857e3baa7a8ced8b5ca31b2f
09b417db669a17fea3b0086f70be1f56480ffe6c57e2d0616f283da2959a44d0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2a27dc9c1c1a8fc61c16f0c2a28e5c4f_comicdom.org.png HTTP/1.1
Host: preview.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 17:57:17 GMT
content-type: image/png
content-length: 3984
x-powered-by: Express
vary: Origin, Accept-Encoding
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2023 07:03:21 GMT
etag: W/"f90-18b374bdef0"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCGo27QwZAG3e1vlP35ztVKdQSFBFx0TP5aMlvCz4JMnzkQeW2hxw6MuxyipIEwZy5aItdAPYlCQJJXPlFzzk1f9%2FVwrlhXXpQ4RXdJrD%2Bze%2F5B66v1YLpiat3BHhbX%2FiKI9mw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87e221f0a86456cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c

142.250.74.168

200 OK

99 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
99 kB (99342 bytes)
Hash
ee5ecbc579d652a9003ef108b01516d0
c2d324c670174081d50e6a0b775690df487e5d49
c1906131f2b6dd767bfc950d17e6fdf121e183e62ba7c67927fd37edcee5e0b0

HTTP Headers

GET /gtag/js?id=G-FPZ0VEL1WQ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 May 2024 17:57:29 GMT
expires: Fri, 03 May 2024 17:57:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 99342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

opel.autoprin.com/favicon.ico

91.134.128.74

200 OK

1.4 kB

URL GET HTTP/1.1
opel.autoprin.com/favicon.ico
IP
91.134.128.74:443
ASN
#16276 OVH SAS

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectopel.autoprin.com
Fingerprint8E:84:24:D2:9A:B7:2D:9A:19:4B:00:7E:A2:59:55:74:5B:2E:83:0C
ValidityFri, 26 Apr 2024 13:01:41 GMT - Thu, 25 Jul 2024 13:01:40 GMT

File type
MS Windows icon resource - 1 icon, 16x16
Size
1.4 kB (1406 bytes)
Hash
530f8bc411f3c536dd537dd323bd0c2d
bc380638119f9bdd511268d46246e4afa2e9fd38
42b2bb501bad4170b87cad88f8ccc10a834eb59224fa302ed6f9235210ce1f08

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: opel.autoprin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
date: Fri, 03 May 2024 17:57:29 GMT
server: Apache
last-modified: Wed, 03 Apr 2024 19:25:56 GMT
etag: "57e-615363112d900"
accept-ranges: bytes
content-length: 1406
cache-control: max-age=432000
expires: Wed, 08 May 2024 17:57:29 GMT
content-type: image/x-icon
x-iplb-request-id: 5B5A2A9A:B718_5B86804A:01BB_66352587_10E59:632D
x-iplb-instance: 21073

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://automotivespice.com

216.58.211.4

404 Not Found

726 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://automotivespice.com
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://automotivespice.com HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Fri, 03 May 2024 17:57:30 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://comicdom.org

216.58.211.4

404 Not Found

726 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://comicdom.org
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://comicdom.org HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Fri, 03 May 2024 17:57:30 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://automation24.de

216.58.211.4

200 OK

2.9 kB

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://automation24.de
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
2.9 kB (2933 bytes)
Hash
b06193f98b7e322e8b5f3b5908118f9a
63daf394da9dea5bd9ef47167ea97a0fc7394db7
d4cea05e7dd466a9010e534b0f75fc8b574199a53b45f3ecfefd8efe0271da79

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://automation24.de HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://www.automation24.de/Themes/Automation24/touch-icon-72.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 2933
date: Fri, 03 May 2024 17:57:31 GMT
expires: Fri, 10 May 2024 17:57:31 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://automa.net

216.58.211.4

200 OK

690 B

URL GET HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://automa.net
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
690 B (690 bytes)
Hash
a6215381ec9edabd23b7a9e1d868d0b8
f998232865e6d2ff5d8fbc625234fe8b7d61c9a5
048cd3e0545705b6c2aa96781e8bb8202a2b731ff00e7b116a12c48a2fcde18b

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://automa.net HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://automa.net/icon.png?d2e1f53cbcbe68c8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 690
date: Fri, 03 May 2024 17:57:31 GMT
expires: Fri, 10 May 2024 17:57:31 GMT
cache-control: public, max-age=604800
last-modified: Sun, 28 Apr 2024 09:44:20 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=6751652.1714759050&gtm=45je4510v894672372za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=511474724

142.250.74.131

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=6751652.1714759050&gtm=45je4510v894672372za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=511474724
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97
ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FPZ0VEL1WQ&cid=6751652.1714759050&gtm=45je4510v894672372za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=511474724 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 May 2024 17:57:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-FPZ0VEL1WQ&gtm=45je4510v894672372za200&_p=1714759049001&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=6751652.1714759050&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714759049&sct=1&seg=0&dl=https%3A%2F%2Fcomicdom.org.atlaq.com%2F&dt=HOME%20-%20comicdom&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=13801

216.239.32.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-FPZ0VEL1WQ&gtm=45je4510v894672372za200&_p=1714759049001&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=6751652.1714759050&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714759049&sct=1&seg=0&dl=https%3A%2F%2Fcomicdom.org.atlaq.com%2F&dt=HOME%20-%20comicdom&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=13801
IP
216.239.32.36:443
ASN
#15169 GOOGLE

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-FPZ0VEL1WQ&gtm=45je4510v894672372za200&_p=1714759049001&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=6751652.1714759050&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714759049&sct=1&seg=0&dl=https%3A%2F%2Fcomicdom.org.atlaq.com%2F&dt=HOME%20-%20comicdom&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=13801 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://comicdom.org.atlaq.com
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://comicdom.org.atlaq.com
date: Fri, 03 May 2024 17:57:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

atlaq.com/logo.png

172.67.176.167

200 OK

117 kB

URL GET HTTP/2
atlaq.com/logo.png
IP
172.67.176.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectatlaq.com
FingerprintF6:95:8D:B9:4E:AC:83:5B:61:5F:D2:F3:40:DD:10:57:D6:75:9E:84
ValidityMon, 25 Mar 2024 23:15:33 GMT - Sun, 23 Jun 2024 23:15:32 GMT

File type
PNG image data, 500 x 446, 8-bit/color RGBA, non-interlaced
Size
117 kB (117433 bytes)
Hash
792b74959e26cd37fd05dfcd0ef07770
c6e3ed2dd9771b077daf93eda5773cd10d621147
7ae2cb133588b7a2926b71630869d602c294840f6c1379666e82b25f3354623b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /logo.png HTTP/1.1
Host: atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 03 May 2024 17:57:17 GMT
content-type: image/png
content-length: 117433
cache-control: public, max-age=31536000
expires: Wed, 30 Apr 2025 16:19:32 GMT
last-modified: Wed, 29 Jan 2020 11:21:42 GMT
vary: User-Agent,Origin, Accept-Encoding
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 265066
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUg%2BmFoHT9QH5MPYoo22IH3Y8d73EnXcW9%2BAxoraOnpGXIVS9mxZQA3eWI7aTjcaVUk0MPm77k0j8iUj3veG6UA%2Fb2IMN0dd1VS5bmVcejqCxY0tEQNZSDjru9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e221f0b87856cb-OSL
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://autoprikid23.ru

216.58.211.4

200 OK

482 B

URL GET HTTP/3
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://autoprikid23.ru
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 64 x 64, 8-bit colormap, non-interlaced
Size
482 B (482 bytes)
Hash
df1530c2b6b7c855357aa3049678f936
935ed157e983c76659289220fce6972798036f5f
14a3a08e0fdf7b2a30079dacf204e5c8b8f093e3e06df5dda6120928b855bfe5

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&size=64&url=https://autoprikid23.ru HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://autoprikid23.ru/wp-content/uploads/fbrfg/apple-touch-icon.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 482
date: Fri, 03 May 2024 17:57:37 GMT
expires: Fri, 10 May 2024 17:57:37 GMT
cache-control: public, max-age=604800
last-modified: Fri, 18 Feb 2022 11:11:22 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

automa.net/favicon.ico

104.26.10.184

404 Not Found

0 B

URL GET HTTP/2
automa.net/favicon.ico
IP
104.26.10.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectautoma.net
FingerprintC7:06:E3:44:FB:D9:E7:F4:29:35:67:94:AB:16:5E:E4:15:8D:88:00
ValidityMon, 22 Apr 2024 03:58:48 GMT - Sun, 21 Jul 2024 03:58:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: automa.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 03 May 2024 17:57:18 GMT
content-type: text/html; charset=utf-8
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url, Accept-Encoding
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=15724800
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1vA1y5V2k5cen2L3NulsGMq7MVoyoT%2F%2BiZ0CCaLk4XPg7Yl65U50D40SjcKt3g34mcefkU2ILq0gZFNnFuuVWCQYYNqXU5Cc%2F94ZvvNADlUMXBnaZ2IJ71Uvw8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e221f83f61b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

automation24.de/favicon.ico

172.67.72.191

301 Moved Permanently

0 B

URL GET HTTP/2
automation24.de/favicon.ico
IP
172.67.72.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectautomation24.de
FingerprintC0:F7:25:41:B4:46:9E:2D:00:28:8D:F3:17:2A:53:E2:81:E4:83:4D
ValidityWed, 20 Mar 2024 12:34:25 GMT - Tue, 18 Jun 2024 12:34:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: automation24.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 03 May 2024 17:57:23 GMT
content-type: text/html; charset=utf-8
location: https://www.automation24.de/favicon.ico
x-ua-compatible: IE=Edge,chrome=1
x-frame-options: ALLOW-FROM http://chat.automation24.com
cf-cache-status: BYPASS
set-cookie: ForSellers.Shopsystem=a27712b4cd404829b8dfdaf13cd99cbc; path=/; secure; HttpOnly; SameSite=Lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4baMep4FD5Uh9yfjOISlsRoajcMeLTLCx%2BEYFc4lqFzFPOnXzkWTAc1oAh0dXPdYUgtdqxcLsYboLGK2JFgjom4yMNI%2FXCPFpwGvKhyHp6m1cq5DyXFdTjYCfoobaGSDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e222167ca80b06-OSL
X-Firefox-Spdy: h2

www.automation24.de/favicon.ico

172.67.72.191

404 Not Found

0 B

URL GET HTTP/2
www.automation24.de/favicon.ico
IP
172.67.72.191:443
ASN
#13335 CLOUDFLARENET

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectautomation24.de
FingerprintC0:F7:25:41:B4:46:9E:2D:00:28:8D:F3:17:2A:53:E2:81:E4:83:4D
ValidityWed, 20 Mar 2024 12:34:25 GMT - Tue, 18 Jun 2024 12:34:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.automation24.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 03 May 2024 17:57:30 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
pragma: no-cache
expires: -1
x-frame-options: ALLOW-FROM http://chat.automation24.com
x-ua-compatible: IE=Edge,chrome=1
cf-cache-status: BYPASS
set-cookie: ForSellers.Shopsystem=475619cebfad43c2aca1f46f808c4af7; path=/; secure; HttpOnly; SameSite=Lax
ForSellers.Shopsystem=475619cebfad43c2aca1f46f808c4af7; path=/; secure; HttpOnly; SameSite=Lax
__RequestVerificationToken=BoaBQAdaQGU26adG_ts6kWp345rpQ5-78fclLHFLlI9JmlzZ2F4iZOcoRCBnStS5NT6nlXFbhvXLYCWP_dpSb8Kqy_NfLoZXttIaiYSklmk1; path=/; HttpOnly
cookieCheck=true; expires=Fri, 03-May-2024 18:02:30 GMT; path=/
pageCacheKey_12055257f5b74fd89d0154a1db465919=full; expires=Fri, 03-May-2024 18:02:30 GMT; path=/
ForSellers.Redwood.Cart=; expires=Thu, 02-May-2024 17:57:30 GMT; path=/; secure; HttpOnly
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uA0NHJd1tcCF9is4b3kd19aak6vRyqp9FPaBWMQy2EQEw7L2QsxSa3Ytt%2F7p1VPQqa%2BtVs90g2Jfcsb3ceyZwE6x0E2pN6QKZmvxSmUlP7C%2BL2A4c6GOXoe01tUZGDQaeB498Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87e222373eff0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2

comicdom.org.atlaq.com/badk.txt

0.0.0.0

0 B

URL GET
comicdom.org.atlaq.com/badk.txt
IP
0.0.0.0:0
ASN
#0

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectatlaq.com
FingerprintF6:95:8D:B9:4E:AC:83:5B:61:5F:D2:F3:40:DD:10:57:D6:75:9E:84
ValidityMon, 25 Mar 2024 23:15:33 GMT - Sun, 23 Jun 2024 23:15:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /badk.txt HTTP/1.1
Host: comicdom.org.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://comicdom.org.atlaq.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 May 2024 17:57:29 GMT
content-type: text/plain; charset=UTF-8
cache-control: public, max-age=2592000
expires: Sun, 02 Jun 2024 17:57:30 GMT
last-modified: Mon, 13 Apr 2020 08:00:16 GMT
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-expose-headers: Content-Disposition
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yk7dIPqc62gieCFnoiQBR9T84QnVquNU0%2Fr00ITjhfzFnh3gWzx58t28LeiUNBGiIdeFAX49FVcAs4Z5uDJ50bXMtnfb4bzxqQjWF98kEdihsKQNEeGketVRoF6glBx6piYlZXZv%2F0Vf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e22238a9020b69-OSL
content-encoding: br

traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=comicdom.org

0.0.0.0

0 B

URL GET
traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=comicdom.org
IP
0.0.0.0:0
ASN
#0

Requested by
https://comicdom.org.atlaq.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /graph?w=260&h=190&o=f&c=1&y=t&b=f5f5f5&n=666666&r=2y&u=comicdom.org HTTP/1.1
Host: traffic.alexa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

comicdom.org.atlaq.com/

172.67.176.167

200 OK

29 kB

URL User Request GET HTTP/2
comicdom.org.atlaq.com/
IP
172.67.176.167:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectatlaq.com
FingerprintF6:95:8D:B9:4E:AC:83:5B:61:5F:D2:F3:40:DD:10:57:D6:75:9E:84
ValidityMon, 25 Mar 2024 23:15:33 GMT - Sun, 23 Jun 2024 23:15:32 GMT

File type
HTML document, ASCII text, with very long lines (5411), with CR, LF line terminators
Size
29 kB (29224 bytes)
Hash
506183dc1150a2516b2f59eabdbd666a
d6bdd85411f662e9f438f5acc3d383c20aa9e7f9
0049827eb0dd25f32edf26a53a0d6c685737288331d27212495cb6a87a3ed01e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: comicdom.org.atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 17:57:17 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
expires: Sun, 02 Jun 2024 07:57:09 GMT
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent,Origin
strict-transport-security: max-age=31536000;includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Authorization, Accept
access-control-expose-headers: Content-Disposition
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SEqgc41gXSc%2B0jNMNK2FljxqEs9ZxeXdirTYFo8tCsBEDfA3cv7usRDn9PE9OulWAcdJHjht9ihp6rzVcQUJHyiKh%2FGTWVc71Z81qJkXjcHBCTkpvQL1eN4RVlsEpoqplALY8F3uzUjL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e221eafaa156cb-OSL
content-encoding: br
X-Firefox-Spdy: h2

atlaq.com/style.css

172.67.176.167

200 OK

49 kB

URL GET HTTP/2
atlaq.com/style.css
IP
172.67.176.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://comicdom.org.atlaq.com/
Certificate
IssuerLet's Encrypt
Subjectatlaq.com
FingerprintF6:95:8D:B9:4E:AC:83:5B:61:5F:D2:F3:40:DD:10:57:D6:75:9E:84
ValidityMon, 25 Mar 2024 23:15:33 GMT - Sun, 23 Jun 2024 23:15:32 GMT

File type
ASCII text, with very long lines (49091), with no line terminators
Size
49 kB (49091 bytes)
Hash
1dc4998a41131ac5df41ae820c7f583c
227aa907d96a66d38f5073700d2d8c5e1262187c
1f807cd9d5d8475f4ec107c17a62318927277940eb8bfe1d386ec97ad4cb9f57

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style.css HTTP/1.1
Host: atlaq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 May 2024 17:57:17 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-bgj: minify
alt-svc: h3=":443"; ma=86400
expires: Thu, 30 May 2024 20:11:54 GMT
last-modified: Tue, 25 Oct 2022 04:42:27 GMT
strict-transport-security: max-age=31536000;includeSubDomains
vary: Accept-Encoding,User-Agent,Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 251124
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOppBfvNf269PnR2JJIp11kfQ99MK2inNTscWydtpNX%2Fx7oEZvX%2BGKRjjGHrmVk12hrlZOPs%2FVKWt6Up1QMwUimfPuKPzEVj4gkkdJsZJBnamIlAtYTWTLicWcE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e221f0b87156cb-OSL
content-encoding: br
X-Firefox-Spdy: h2

traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=comicdom.org

0.0.0.0

0 B

URL GET
traffic.alexa.com/graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=comicdom.org
IP
0.0.0.0:0
ASN
#0

Requested by
https://comicdom.org.atlaq.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /graph?w=260&h=190&o=f&c=1&y=q&b=f5f5f5&n=666666&r=2y&u=comicdom.org HTTP/1.1
Host: traffic.alexa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://comicdom.org.atlaq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (25)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash