Report - etfevent.live/event/

Report Overview

Submitted URL
etfevent.live/event/
IP
31.41.44.9
ASN
#56577 Relink LTD
Submitted
2024-04-26 06:18:46
Access
public
Website Title
Bitcoin Giveaway
Final URL
etfevent.live/event/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
etfevent.live	unknown	unknown	No data	No data	7.1 kB	1000 kB	31.41.44.9
cdn.pulse.is	unknown	2020-10-06	2023-07-28	2024-04-02	806 B	80 kB	18.193.126.142
cdn.matomo.cloud	26908	2017-09-08	2019-09-27	2024-04-25	417 B	46 kB	54.230.111.108
s3.eu-central-1.amazonaws.com	unknown	2005-08-18	2014-11-23	2024-04-25	488 B	943 B	52.219.171.185
myxrp.matomo.cloud	unknown	unknown	No data	No data	1.7 kB	518 B	3.126.133.169
	unknown				1.1 kB	478 B	52.194.116.28
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-24	512 B	1.2 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	etfevent.live/event/	Coinbase

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed
2024-04-26	medium	etfevent.live	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	etfevent.live/event/	581 B	2024-04-07	2024-04-26
Pretty URL etfevent.live/event/ IP 31.41.44.9 ASN #56577 Relink LTD Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-07 20:10:15 Last Seen2024-04-26 08:19:02 Times Seen4 Hash fa5a6b8691f6be809de1f22a8613db52 9ce910f836bea7fb9dfb0a0dbf39fce6281339a0 9b1ec3d2ce86d4160e6e5452837159f989eb4983299ef5acaeee4d4d12b4dce9 Loading...

	etfevent.live/event/	1.5 kB	2024-04-07	2024-04-26
Pretty URL etfevent.live/event/ IP 31.41.44.9 ASN #56577 Relink LTD Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-07 20:10:15 Last Seen2024-04-26 08:19:02 Times Seen4 Hash bfc94471c9a9fc3bb4a8c318c6e83a0c d05698cc3d6e821165d25504bf60438af5f29cdc 47289dd33eecfbaa04170e64a402351120dccc68da1e434333cc3fa4efc3fde4 Loading...

	cdn.pulse.is/livechat/loader.js	2.7 kB	2024-04-07	2024-04-26
Pretty URL cdn.pulse.is/livechat/loader.js IP 18.193.126.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-07 20:10:15 Last Seen2024-04-26 08:19:03 Times Seen8 Hash 7f138f84e622e6e7c9c4c6e42dd923f1 547e3ccb3e923418f5a9671e521f2a9885ae1283 406a41eed3f116a8442ea3f05a331e6c8f03b597869dea3f5e35366e37cf7e32 Loading...

	etfevent.live/event/source/js/jquery.min.js	90 kB	2023-03-07	2024-05-06
Pretty URL etfevent.live/event/source/js/jquery.min.js IP 31.41.44.9 ASN #56577 Relink LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-06 15:47:48 Times Seen266449 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	etfevent.live/event/source/js/config.js	49 B	2023-12-14	2024-04-26
Pretty URL etfevent.live/event/source/js/config.js IP 31.41.44.9 ASN #56577 Relink LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-14 03:35:53 Last Seen2024-04-26 08:19:03 Times Seen12 Hash f421a7b1e6bfc6c150cadcc041be4a77 2677197b6f47400335609c11c7b19d570e0b7d9e 37aab0173d5fb93bea9ccaebfdbad6aee891f639be3ae465ea9c8000b4f12f99 Loading...

	etfevent.live/event/source/js/main.js	6.2 kB	2024-04-07	2024-04-26
Pretty URL etfevent.live/event/source/js/main.js IP 31.41.44.9 ASN #56577 Relink LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-07 20:10:15 Last Seen2024-04-26 08:19:03 Times Seen8 Hash 39eb5b1b79645ccf71575e38bdf93dd6 2221ecf73eaac05915c67230b0dd6b9a53d397be bcf4d502813d75fdc734c43540ecbe1be0b80a4a4363560ef3fb5d3e6af1d91e Loading...

	cdn.matomo.cloud/myxrp.matomo.cloud/matomo.js	137 kB	2024-03-26	2024-04-27
Pretty URL cdn.matomo.cloud/myxrp.matomo.cloud/matomo.js IP 54.230.111.108 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-26 09:26:32 Last Seen2024-04-27 19:34:19 Times Seen61 Hash 08d8eb7b093edde4626db538c8e161e4 a97d95d69726ebe112200e637909ecfb227ed928 a32d06b250b15021d6bcd2119182e6e395e8896f58255ee42f1b94ee3198448c Loading...

	cdn.pulse.is/livechat/bundle.js	213 kB	2024-04-26	2024-04-26
Pretty URL cdn.pulse.is/livechat/bundle.js IP 18.193.126.142 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:18:53 Last Seen2024-04-26 08:19:03 Times Seen4 Hash 85f43a499d86187cab499581627059bb 15ff5476b2db27d438d5bcdb685f0b182ea4dbbc e2df0b7349c59e66048e7ebf8871cd2dcd23a6118c87ea607da952528d28bc1d Loading...

HTTP Transactions (23)

URL IP Response Size

etfevent.live/event/

31.41.44.9

200 OK

3.8 kB

URL User Request GET HTTP/1.1
etfevent.live/event/
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (301)
Size
3.8 kB (3761 bytes)
Hash
43562cad7692a811cac651f9630258ea
5bdae61753a6e7ddb81d99039c1db0fc649e6ef3
4146c5c688ee4cf8b695bbcd3576b5e02c48bc2fe6daa24160003578ea1add8e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Coinbase
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/ HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:21 GMT
Content-Type: text/html
Content-Length: 3761
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 01 Mar 2024 09:21:40 GMT
ETag: "4443-61295e7545732-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

etfevent.live/event/source/fonts/fonts.css

31.41.44.9

200 OK

1.1 kB

URL GET HTTP/1.1
etfevent.live/event/source/fonts/fonts.css
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
ASCII text
Size
1.1 kB (1085 bytes)
Hash
e61ea5d87c7eebae68b549653d20db84
bdef6e1e6032059acc9e230ae9361a1a1ff790ca
c6398e05c993aca56a9e135d450b68b6e39b79c11800aca1993fc24e46c549b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/source/fonts/fonts.css HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: text/css
Last-Modified: Fri, 01 Mar 2024 09:11:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"65e19bb4-5fcb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

cdn.pulse.is/livechat/loader.js

18.193.126.142

200 OK

1.1 kB

URL GET HTTP/1.1
cdn.pulse.is/livechat/loader.js
IP
18.193.126.142:443
ASN
#16509 AMAZON-02

Requested by
https://etfevent.live/event/
Certificate
IssuerSectigo Limited
Subject*.pulse.is
FingerprintCA:EC:C9:FE:8F:FE:17:97:4D:44:90:D2:55:7E:C0:17:06:B1:37:2A
ValiditySat, 10 Feb 2024 00:00:00 GMT - Thu, 13 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2705), with no line terminators
Size
1.1 kB (1130 bytes)
Hash
7f138f84e622e6e7c9c4c6e42dd923f1
547e3ccb3e923418f5a9671e521f2a9885ae1283
406a41eed3f116a8442ea3f05a331e6c8f03b597869dea3f5e35366e37cf7e32

HTTP Headers

GET /livechat/loader.js HTTP/1.1
Host: cdn.pulse.is
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-amz-id-2: ad5dqXS1v7LRfY0Y6EYR+PGKLqJHN0UJeAhRnIgLKFVvHl9vcG9lH9/jvYP+kt+SIWP8ekZZPng=
x-amz-request-id: DF30XP4Y8DJT1Q5K
Last-Modified: Wed, 24 Apr 2024 09:20:52 GMT
ETag: W/"7f138f84e622e6e7c9c4c6e42dd923f1"
x-amz-server-side-encryption: AES256
Content-Encoding: gzip

etfevent.live/event/source/css/style.css

31.41.44.9

200 OK

7.0 kB

URL GET HTTP/1.1
etfevent.live/event/source/css/style.css
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
Unicode text, UTF-8 text, with very long lines (2236)
Size
7.0 kB (6959 bytes)
Hash
896c7dfa54c1af252f3de17b424a89a0
55c4ad1f92f405a494b23cff0a4fa68968ebe191
4430586827408117a332818fc2b21164a9cc0d7dd52030d26c2a11656e98f414

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/source/css/style.css HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: text/css
Last-Modified: Fri, 01 Mar 2024 09:10:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"65e19b85-bb81"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

etfevent.live/event/source/js/config.js

31.41.44.9

200 OK

49 B

URL GET HTTP/1.1
etfevent.live/event/source/js/config.js
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
ASCII text, with CRLF line terminators
Size
49 B (49 bytes)
Hash
f421a7b1e6bfc6c150cadcc041be4a77
2677197b6f47400335609c11c7b19d570e0b7d9e
37aab0173d5fb93bea9ccaebfdbad6aee891f639be3ae465ea9c8000b4f12f99

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/source/js/config.js HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: application/javascript
Content-Length: 49
Last-Modified: Fri, 01 Mar 2024 09:10:33 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "65e19b89-31"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

etfevent.live/event/source/js/main.js

31.41.44.9

200 OK

2.3 kB

URL GET HTTP/1.1
etfevent.live/event/source/js/main.js
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.3 kB (2256 bytes)
Hash
39eb5b1b79645ccf71575e38bdf93dd6
2221ecf73eaac05915c67230b0dd6b9a53d397be
bcf4d502813d75fdc734c43540ecbe1be0b80a4a4363560ef3fb5d3e6af1d91e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/source/js/main.js HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: application/javascript
Last-Modified: Fri, 01 Mar 2024 09:10:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"65e19b8b-1843"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

etfevent.live/event/source/js/jquery.min.js

31.41.44.9

200 OK

31 kB

URL GET HTTP/1.1
etfevent.live/event/source/js/jquery.min.js
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/source/js/jquery.min.js HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: application/javascript
Last-Modified: Fri, 01 Mar 2024 09:10:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"65e19b8a-15d9d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

etfevent.live/event/source/img/BTC.svg

31.41.44.9

404 Not Found

719 B

URL GET HTTP/1.1
etfevent.live/event/source/img/BTC.svg
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
HTML document, ASCII text
Size
719 B (719 bytes)
Hash
cf7699130cf8c58fefc3ba0d71e508fe
d9f3096841214d637092f55f6d08cf68661a889c
d93db5491e287a4ba0f2fb024091068d282426c475d538d992667966fa17627e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/source/img/BTC.svg HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"65dfa9af-586"
Content-Encoding: gzip

etfevent.live/event/source/img/logo2.svg

31.41.44.9

200 OK

1.7 kB

URL GET HTTP/1.1
etfevent.live/event/source/img/logo2.svg
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
SVG Scalable Vector Graphics image
Size
1.7 kB (1705 bytes)
Hash
78b2915b21e673b15957e22970b36c40
d147dd4dde281e9c200ed77ecb29cdaf0f1377e6
126270d27d1ac1a29b8d7d01238377840fe79b70212bd230adc6b2d9da82bf38

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/source/img/logo2.svg HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: image/svg+xml
Last-Modified: Fri, 01 Mar 2024 09:10:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"65e19ba1-ecc"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

etfevent.live/event/source/img/hero.png

31.41.44.9

200 OK

53 kB

URL GET HTTP/1.1
etfevent.live/event/source/img/hero.png
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
PNG image data, 421 x 367, 8-bit/color RGBA, non-interlaced
Size
53 kB (52880 bytes)
Hash
ee333a7cb5b7c7df01f10dc93748c3be
1c24949867b07335116bb7e240662e70048771c7
e2517a3d2d26caf191d237ec9fd22d8abd8e01b71cceece2b58328537cb15ace

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/source/img/hero.png HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: image/png
Content-Length: 52880
Last-Modified: Fri, 01 Mar 2024 09:10:46 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "65e19b96-ce90"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

etfevent.live/event/source/css/fonts/Avenir.tff

31.41.44.9

404 Not Found

719 B

URL GET HTTP/1.1
etfevent.live/event/source/css/fonts/Avenir.tff
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
HTML document, ASCII text
Size
719 B (719 bytes)
Hash
cf7699130cf8c58fefc3ba0d71e508fe
d9f3096841214d637092f55f6d08cf68661a889c
d93db5491e287a4ba0f2fb024091068d282426c475d538d992667966fa17627e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/source/css/fonts/Avenir.tff HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/source/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Wed, 28 Feb 2024 21:46:23 GMT
ETag: W/"586-6127812ecb3f9"
Content-Encoding: gzip

cdn.pulse.is/livechat/bundle.js

18.193.126.142

200 OK

78 kB

URL GET HTTP/1.1
cdn.pulse.is/livechat/bundle.js
IP
18.193.126.142:443
ASN
#16509 AMAZON-02

Requested by
https://etfevent.live/event/
Certificate
IssuerSectigo Limited
Subject*.pulse.is
FingerprintCA:EC:C9:FE:8F:FE:17:97:4D:44:90:D2:55:7E:C0:17:06:B1:37:2A
ValiditySat, 10 Feb 2024 00:00:00 GMT - Thu, 13 Feb 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (29753)
Size
78 kB (78071 bytes)
Hash
85f43a499d86187cab499581627059bb
15ff5476b2db27d438d5bcdb685f0b182ea4dbbc
e2df0b7349c59e66048e7ebf8871cd2dcd23a6118c87ea607da952528d28bc1d

HTTP Headers

GET /livechat/bundle.js HTTP/1.1
Host: cdn.pulse.is
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-amz-id-2: +ewWMVOYNS0wvWSkM+Vw5bPuorM2MW7HUWaFNoJyCNncwmmzURzlCNxRHTObTmE2KiUiuZzfyW4=
x-amz-request-id: DF3FCXVAVMN3M9QT
Last-Modified: Wed, 24 Apr 2024 09:20:51 GMT
ETag: W/"85f43a499d86187cab499581627059bb"
x-amz-server-side-encryption: AES256
Content-Encoding: gzip

cdn.matomo.cloud/myxrp.matomo.cloud/matomo.js

54.230.111.108

200 OK

45 kB

URL GET HTTP/2
cdn.matomo.cloud/myxrp.matomo.cloud/matomo.js
IP
54.230.111.108:443
ASN
#16509 AMAZON-02

Requested by
https://etfevent.live/event/
Certificate
IssuerAmazon
Subjectcdn.matomo.cloud
Fingerprint82:AD:7C:C7:03:79:96:F4:55:20:84:14:6B:42:42:99:FB:DC:33:DD
ValidityFri, 27 Oct 2023 00:00:00 GMT - Sat, 23 Nov 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
45 kB (45438 bytes)
Hash
8cc5a4feb3ef6eb9421a20994a5f7897
e10fcb3b2649764a50bcd896df888ccfec428071
73fdb0f774a107b9757e8b128e779f8a98321ca0a724efc8d197e251bf1c4bd0

HTTP Headers

GET /myxrp.matomo.cloud/matomo.js HTTP/1.1
Host: cdn.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: CloudFront
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:18:23 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 21 Mar 2024 01:03:08 GMT
etag: W/"08d8eb7b093edde4626db538c8e161e4"
cache-control: max-age=691200
x-amz-version-id: 7W7PTuBtVkA.aQR8m5NPCgSMGULIg3W1
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eAwC-pUsNPCBQWmTrdtpvCsHFb-LliAqgdJhGbQLRUHRBdV0qUQ3dw==
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

etfevent.live/event/wallets.txt

31.41.44.9

200 OK

2.7 kB

URL GET HTTP/1.1
etfevent.live/event/wallets.txt
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2662 bytes)
Hash
2bfe3788636a53774cfa39ca019bf49a
af4ac48ad4f9a395fd8bb3c39447021e66578900
faa2238a119ad7e1f1df083e6b788e81c9fac7591a7888e0ab1784c3a1b07d5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/wallets.txt HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etfevent.live/event/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: text/plain
Last-Modified: Fri, 01 Mar 2024 09:10:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
ETag: W/"65e19b7c-e0c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

etfevent.live/event/source/img/Wallet.png

31.41.44.9

200 OK

596 kB

URL GET HTTP/1.1
etfevent.live/event/source/img/Wallet.png
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
PNG image data, 724 x 1378, 8-bit/color RGBA, non-interlaced
Size
596 kB (596467 bytes)
Hash
e10970b0d792bf83353a25c7014b0d59
eac9e19671c186925becaa2a8095ce35eeb13e47
25470f4e32484a9c6b9885e585092b936ea8a4d904e68d286b48b307a46900b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/source/img/Wallet.png HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: image/png
Content-Length: 596467
Last-Modified: Fri, 01 Mar 2024 09:10:45 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "65e19b95-919f3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

s3.eu-central-1.amazonaws.com/live-chat.sendpulse.prod/bots/65dee38604380d8db60df73c.json

52.219.171.185

200 OK

364 B

URL GET HTTP/1.1
s3.eu-central-1.amazonaws.com/live-chat.sendpulse.prod/bots/65dee38604380d8db60df73c.json
IP
52.219.171.185:443
ASN
#16509 AMAZON-02

Requested by
https://etfevent.live/event/
Certificate
IssuerAmazon
Subject*.s3.eu-central-1.amazonaws.com
FingerprintCE:EB:FB:73:EF:D1:27:E6:82:B0:89:AF:9E:8F:2D:05:8D:6C:12:C7
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 18 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
364 B (364 bytes)
Hash
7349c37d0de3ccbe9da8720e27401c79
0153d11e3fa37b56b8b81af95a970dc600e91627
39dc80e39b2138286c2840a3c0023df342d869595d2fff6df13ccfddd20881ef

HTTP Headers

GET /live-chat.sendpulse.prod/bots/65dee38604380d8db60df73c.json HTTP/1.1
Host: s3.eu-central-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://etfevent.live/
Origin: https://etfevent.live
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: aD+IwVxmR89x/5rOO7PDwVDLrEi8vXhnRQcWlBhVcI+a+g1yURHPn/nBxx8ETpzUm6rUaqZqOAg=
x-amz-request-id: DF3ACQBHJTXB6KF1
Date: Fri, 26 Apr 2024 06:18:23 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Fri, 29 Mar 2024 07:24:22 GMT
ETag: "7349c37d0de3ccbe9da8720e27401c79"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/json
Server: AmazonS3
Content-Length: 364

myxrp.matomo.cloud/matomo.php?action_name=Bitcoin%20Giveaway&idsite=3&rec=1&r=724374&h=6&m=18&s=22&url=https%3A%2F%2Fetfevent.live%2Fevent%2F&_id=19150962034d61b3&_idn=1&send_image=0&_refts=0&pv_id=Ew4da1&pf_net=359&pf_srv=76&pf_tfr=1&pf_dm1=570&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024

3.126.133.169

204 No Content

0 B

URL POST HTTP/2
myxrp.matomo.cloud/matomo.php?action_name=Bitcoin%20Giveaway&idsite=3&rec=1&r=724374&h=6&m=18&s=22&url=https%3A%2F%2Fetfevent.live%2Fevent%2F&_id=19150962034d61b3&_idn=1&send_image=0&_refts=0&pv_id=Ew4da1&pf_net=359&pf_srv=76&pf_tfr=1&pf_dm1=570&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024
IP
3.126.133.169:443
ASN
#16509 AMAZON-02

Requested by
https://etfevent.live/event/
Certificate
IssuerAmazon
Subject*.matomo.cloud
Fingerprint53:3D:4D:D3:BE:99:58:2D:15:19:20:CA:14:65:7A:20:AF:49:6F:CD
ValidityWed, 21 Jun 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?action_name=Bitcoin%20Giveaway&idsite=3&rec=1&r=724374&h=6&m=18&s=22&url=https%3A%2F%2Fetfevent.live%2Fevent%2F&_id=19150962034d61b3&_idn=1&send_image=0&_refts=0&pv_id=Ew4da1&pf_net=359&pf_srv=76&pf_tfr=1&pf_dm1=570&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 HTTP/1.1
Host: myxrp.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://etfevent.live
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 26 Apr 2024 06:18:22 GMT
server: Apache
access-control-allow-origin: https://etfevent.live
access-control-allow-credentials: true
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
X-Firefox-Spdy: h2

etfevent.live/event/source/img/Coinbase%20WC.svg

31.41.44.9

200 OK

481 B

URL GET HTTP/1.1
etfevent.live/event/source/img/Coinbase%20WC.svg
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
SVG Scalable Vector Graphics image
Size
481 B (481 bytes)
Hash
7378ba3fcf4ec360f47ffee7c850b1cb
e10367daa27fdee456d35447ac91ce2c63aef29f
def36de6172bf182fe4aab16b42419048cfb9892287d50d540cbbcfc22d4efd5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/source/img/Coinbase%20WC.svg HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/
Cookie: _pk_id.3.e5a5=19150962034d61b3.1714112303.; _pk_ses.3.e5a5=1; sbjs_migrations=1418474375998%3D1; sbjs_current_add=fd%3D2024-04-26%2006%3A18%3A22%7C%7C%7Cep%3Dhttps%3A%2F%2Fetfevent.live%2Fevent%2F%7C%7C%7Crf%3D%28none%29; sbjs_first_add=fd%3D2024-04-26%2006%3A18%3A22%7C%7C%7Cep%3Dhttps%3A%2F%2Fetfevent.live%2Fevent%2F%7C%7C%7Crf%3D%28none%29; sbjs_current=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29; sbjs_first=typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29; sbjs_udata=vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0; sbjs_session=pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fetfevent.live%2Fevent%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: image/svg+xml
Content-Length: 481
Last-Modified: Fri, 01 Mar 2024 09:10:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "65e19b98-1e1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes

stream.binance.com:9443/ws/btcusdt@ticker

52.194.116.28

0 B

URL
stream.binance.com:9443/ws/btcusdt@ticker
IP
52.194.116.28:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ws/btcusdt@ticker HTTP/1.1
Host: stream.binance.com:9443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://etfevent.live
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MxewWj0qSkeoKw9VMvpdKA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Fri, 26 Apr 2024 06:18:24 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: loOyeYqXv3TIhhYv0OepvVNS9rY=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover

myxrp.matomo.cloud/matomo.php?ma_id=OuVpAY&ma_ti=&ma_pn=html5video&ma_mt=Video&ma_re=https%3A%2F%2Fetfevent.live%2Fevent%2F1.mp4&ma_st=0&ma_ps=0&ma_le=90&ma_ttp=&ma_w=1280&ma_h=720&ma_fs=0&ma_se=&ca=1&&idsite=3&rec=1&r=445425&h=6&m=18&s=22&url=https%3A%2F%2Fetfevent.live%2Fevent%2F&_id=19150962034d61b3&_idn=0&send_image=0&_refts=0&pv_id=Ew4da1&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024

3.126.133.169

204 No Content

0 B

URL POST HTTP/2
myxrp.matomo.cloud/matomo.php?ma_id=OuVpAY&ma_ti=&ma_pn=html5video&ma_mt=Video&ma_re=https%3A%2F%2Fetfevent.live%2Fevent%2F1.mp4&ma_st=0&ma_ps=0&ma_le=90&ma_ttp=&ma_w=1280&ma_h=720&ma_fs=0&ma_se=&ca=1&&idsite=3&rec=1&r=445425&h=6&m=18&s=22&url=https%3A%2F%2Fetfevent.live%2Fevent%2F&_id=19150962034d61b3&_idn=0&send_image=0&_refts=0&pv_id=Ew4da1&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024
IP
3.126.133.169:443
ASN
#16509 AMAZON-02

Requested by
https://etfevent.live/event/
Certificate
IssuerAmazon
Subject*.matomo.cloud
Fingerprint53:3D:4D:D3:BE:99:58:2D:15:19:20:CA:14:65:7A:20:AF:49:6F:CD
ValidityWed, 21 Jun 2023 00:00:00 GMT - Fri, 19 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /matomo.php?ma_id=OuVpAY&ma_ti=&ma_pn=html5video&ma_mt=Video&ma_re=https%3A%2F%2Fetfevent.live%2Fevent%2F1.mp4&ma_st=0&ma_ps=0&ma_le=90&ma_ttp=&ma_w=1280&ma_h=720&ma_fs=0&ma_se=&ca=1&&idsite=3&rec=1&r=445425&h=6&m=18&s=22&url=https%3A%2F%2Fetfevent.live%2Fevent%2F&_id=19150962034d61b3&_idn=0&send_image=0&_refts=0&pv_id=Ew4da1&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1280x1024 HTTP/1.1
Host: myxrp.matomo.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://etfevent.live
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 26 Apr 2024 06:18:25 GMT
server: Apache
access-control-allow-origin: https://etfevent.live
access-control-allow-credentials: true
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=LAvK9mAAqG9LPrjCP4MUXTtVvESLQHkyFszZ2huIx3n3b9jVqov_GjqoBVEfSt9OrCyx2TVR1sBcaemycFpxALBN4l-hc02WeMGKj_EAvLLPNif6OkcMQr9WTrtlXiFW
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 26 Apr 2024 06:18:39 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 1
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

stream.binance.com:9443/ws/btcusdt@ticker

52.194.116.28

101 Switching Protocols

0 B

URL GET HTTP/1.1
stream.binance.com:9443/ws/btcusdt@ticker
IP
52.194.116.28:9443
ASN
#16509 AMAZON-02

Requested by
https://etfevent.live/event/
Certificate
IssuerDigiCert Inc
Subject*.binance.com
Fingerprint9B:8A:1F:BC:5D:B7:2C:25:77:E2:84:EA:7F:03:7A:89:D7:D5:E9:44
ValidityThu, 11 Jan 2024 00:00:00 GMT - Mon, 10 Feb 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ws/btcusdt@ticker HTTP/1.1
Host: stream.binance.com:9443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://etfevent.live
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MxewWj0qSkeoKw9VMvpdKA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Fri, 26 Apr 2024 06:18:24 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: loOyeYqXv3TIhhYv0OepvVNS9rY=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover

etfevent.live/event/1.mp4

31.41.44.9

206 Partial Content

294 kB

URL GET HTTP/1.1
etfevent.live/event/1.mp4
IP
31.41.44.9:443
ASN
#56577 Relink LTD

Requested by
https://etfevent.live/event/
Certificate
IssuerLet's Encrypt
Subjectetfevent.live
Fingerprint6B:E0:63:E4:CB:F9:7A:70:85:1B:00:70:49:01:9D:F5:B2:CB:9C:E1
ValidityWed, 28 Feb 2024 20:47:45 GMT - Tue, 28 May 2024 20:47:44 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
294 kB (294541 bytes)
Hash
0ef23f656d01650970601fc7e8fb65c8
c7b622cb952816d19b1ea3075d202401c39c1aca
ee1f8d142f34f967c02f0507db403f5891e4fc993b4865f66cc3ad86704fa892

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /event/1.mp4 HTTP/1.1
Host: etfevent.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://etfevent.live/event/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Server: nginx
Date: Fri, 26 Apr 2024 06:18:22 GMT
Content-Type: video/mp4
Content-Length: 47101688
Last-Modified: Fri, 01 Mar 2024 09:11:02 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "65e19ba6-2ceb6f8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Range: bytes 0-47101687/47101688

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML