Report - thisnot.business/player.php?id=Uno_ITindex.phpindex.phpindex.phpindex.phpindex.phpindex.php

Report Overview

Visited public
2024-12-31 06:53:26
Tags
URL
thisnot.business/player.php?id=Uno_ITindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Finishing URL
thisnot.business/index.php
IP / ASN
172.67.160.169
#13335 CLOUDFLARENET
Title
Eventi Sportivi

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
thisnot.business	unknown	2024-12-03	2024-12-20	2024-12-20	3.7 kB	96 kB	188.114.97.1
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2024-12-25	432 B	28 kB	104.17.25.14
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-12-25	496 B	86 kB	104.16.80.73
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-12-25	888 B	194 kB	104.18.11.207
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-12-25	964 B	135 kB	172.67.142.245
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2024-12-25	433 B	88 kB	142.250.74.138
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-04-05	2024-12-25	455 B	142 kB	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-31	medium	thisnot.business	Sinkholed
2024-12-31	medium	thisnot.business	Sinkholed
2024-12-31	medium	thisnot.business	Sinkholed
2024-12-31	medium	thisnot.business	Sinkholed
2024-12-31	medium	thisnot.business	Sinkholed
2024-12-31	medium	thisnot.business	Sinkholed
2024-12-31	medium	thisnot.business	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-06-01
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.80.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-06-01 07:11 Times Seen54531 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	unknown	ScriptElement	49 B	2024-12-31	2025-03-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-31 06:53 Last Seen2025-03-07 17:33 Times Seen3 Hash d868a19935dcf4083cbffed96fcf14e8 93e0f852f05396e44883e7ba2efc0898627baadb 72b5f15716ff2af0d6a53920faac498d652f60d09ef8bf7d6a2448b7720705fb Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-05-31
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-05-31 02:50 Times Seen1022 Hash eb5fac582a82f296aeb74900b01a2fa3 fffea98e12e63b66693d567315a2f32392b780b0 c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-06-01
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-01 06:18 Times Seen37118 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-06-01
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-01 06:55 Times Seen58700 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	thisnot.business/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-06-01
Pretty URL thisnot.business/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-01 06:30 Times Seen32388 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

HTTP Transactions (15)

URL IP Response Size

thisnot.business/loghi/logo.png

188.114.97.1

200 OK

5.8 kB

URL GET HTTP/3
thisnot.business/loghi/logo.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectthisnot.business
Fingerprint65:22:89:3F:AE:48:B5:20:1E:65:3F:95:89:A8:8C:CA:79:E6:4E:4A
ValidityWed, 04 Dec 2024 12:10:30 GMT - Tue, 04 Mar 2025 12:10:29 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
5.8 kB (5772 bytes)
Hash
d02d7bd19afbec2df6b1798acf4277d9
1257a9d5cc6d7d57a1bf2d5055c2430552f65734
d33f909843700cef82c6cb03c248f5ec53c1ca89980602a5f30523dc73024b9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /loghi/logo.png HTTP/1.1
Host: thisnot.business
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/index.php
Cookie: PHPSESSID=1848949c65d11fc95048aa34751c2ed4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 06:53:00 GMT
content-type: image/png
content-length: 5772
cache-control: public, max-age=604800
expires: Thu, 02 Jan 2025 14:29:19 GMT
last-modified: Wed, 04 Dec 2024 13:33:34 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 404621
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3y72sjniCBIVjP3snZj1rS95NbqJrIdSZmekcU7E7w9ycEu5AqOSJgz8yLkmlVVu%2F9xGBu3IBCYWZPEBRhbBI5XX7ZN%2B9Ev%2FHGwDjSleEsC4zWS%2FEJ8LwaNL4rGE77q63sRn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa8599ffcc856c4-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3237&min_rtt=2284&rtt_var=1327&sent=22&recv=11&lost=0&retrans=0&sent_bytes=11279&recv_bytes=1935&delivery_rate=15535&cwnd=12000&unsent_bytes=0&cid=1d02a0975714ea8b&ts=570&x=1", cfExtPri, cfHdrFlush;dur=0

thisnot.business/loghi/backg.jpg

188.114.97.1

200 OK

38 kB

URL GET HTTP/3
thisnot.business/loghi/backg.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectthisnot.business
Fingerprint65:22:89:3F:AE:48:B5:20:1E:65:3F:95:89:A8:8C:CA:79:E6:4E:4A
ValidityWed, 04 Dec 2024 12:10:30 GMT - Tue, 04 Mar 2025 12:10:29 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x1200, components 3
Size
38 kB (38456 bytes)
Hash
ba911ab31416f0442f6c612f6791bf6e
9ad6ee70048d2ee4d0356699cc37829b61f0d772
bc539e71970aabcc499c887d91ffdf04e36dcadf3e22394b58f6170ea970a11a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /loghi/backg.jpg HTTP/1.1
Host: thisnot.business
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/index.php
Cookie: PHPSESSID=1848949c65d11fc95048aa34751c2ed4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 06:53:01 GMT
content-type: image/jpeg
content-length: 38456
cache-control: public, max-age=604800
expires: Thu, 02 Jan 2025 14:29:19 GMT
last-modified: Mon, 18 Dec 2023 19:50:36 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 404622
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tSavznxkxLq58jiFUMnI6XxWh30jX7sq8YlyKGiz00fCM8JIFYXdQs9AruF0KZzac8X2vbJMKJ7NZqgPVewYlihjr8RZEwtlV6xtPeig8k0kJxTJD4InY3%2FA85NCOP1mGTjf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa859a1bdfb56c4-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3947&min_rtt=2284&rtt_var=2025&sent=29&recv=14&lost=0&retrans=0&sent_bytes=17962&recv_bytes=2338&delivery_rate=1048521&cwnd=12000&unsent_bytes=0&cid=1d02a0975714ea8b&ts=850&x=1", cfExtPri, cfHdrFlush;dur=0

cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
27 kB (27277 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 06:53:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 796492
expires: Sun, 21 Dec 2025 06:53:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dCp%2BsYGr%2Fwrm6CBypLIDZgarXpm9b8kbSkj10xQNqauLeLkn8LnR0ldk1LI2sVTq6EtuNtw%2BjoWxxkiaFXoZ2yv6OB1zVJ5EXT9TMbWxksCXO9z7Ycca%2F%2F8lwXJIyqR%2BzssDrDtj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8fa859a22e5b712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.80.73

200 OK

86 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
Fingerprint68:D3:62:56:06:F9:32:39:3B:2D:19:7E:B1:45:4B:2C:76:5F:73:C6
ValidityMon, 30 Dec 2024 10:58:15 GMT - Sun, 30 Mar 2025 11:58:10 GMT

File type
gzip compressed data, from Unix
Size
86 kB (85950 bytes)
Hash
48daed258c6d6a792fb90f2a77108c1b
fad78c962130b68b40dc30c8e8fe0e0c80a442fb
10309a8ff1cbe964d147d2439906c7f9c7a50c248af7c5db9e14ea3dbd8feb19

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thisnot.business
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 06:53:00 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa859a07f7fb4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

thisnot.business/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

188.114.97.1

200 OK

34 kB

URL GET HTTP/3
thisnot.business/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectthisnot.business
Fingerprint65:22:89:3F:AE:48:B5:20:1E:65:3F:95:89:A8:8C:CA:79:E6:4E:4A
ValidityWed, 04 Dec 2024 12:10:30 GMT - Tue, 04 Mar 2025 12:10:29 GMT

File type
JavaScript source, ASCII text, with very long lines (53119)
Size
34 kB (34285 bytes)
Hash
14014da0beace65811e91d32fbdd9c60
57adcbe1294ad52c3c9bd6cdbed929b8ff732240
ce3e103a2314b3535d551e4180c17402e1b1508c3f3c9e76b8be90eeece64de4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: thisnot.business
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/index.php
Cookie: PHPSESSID=1848949c65d11fc95048aa34751c2ed4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 31 Dec 2024 06:53:00 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 15:31:09 GMT
etag: W/"675318bd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCTaYb21mksDtgwc2dW9R4Nellnb%2B1xEsWb2sw%2FIGn3cBvG%2BFfwiiIO7vJDzCrHp7LphL7DbKc4D1TgxxvVrSus%2Bcye8eEFFLpAJzyggtk5yYmPXcUw7TCXxOSNnM3%2BtX614"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa8599ffcca56c4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 02 Jan 2025 06:53:00 GMT
cache-control: max-age=172800, public
content-encoding: gzip

thisnot.business/cdn-cgi/rum?

188.114.97.1

204 No Content

0 B

URL POST HTTP/3
thisnot.business/cdn-cgi/rum?
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectthisnot.business
Fingerprint65:22:89:3F:AE:48:B5:20:1E:65:3F:95:89:A8:8C:CA:79:E6:4E:4A
ValidityWed, 04 Dec 2024 12:10:30 GMT - Tue, 04 Mar 2025 12:10:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: thisnot.business
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1371
Origin: https://thisnot.business
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/index.php
Cookie: PHPSESSID=1848949c65d11fc95048aa34751c2ed4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 31 Dec 2024 06:53:01 GMT
access-control-allow-origin: https://thisnot.business
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8fa859a3bf3c56c4-OSL
x-frame-options: DENY
x-content-type-options: nosniff

thisnot.business/index.php

188.114.97.1

200 OK

5.0 kB

URL User Request GET HTTP/3
thisnot.business/index.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectthisnot.business
Fingerprint65:22:89:3F:AE:48:B5:20:1E:65:3F:95:89:A8:8C:CA:79:E6:4E:4A
ValidityWed, 04 Dec 2024 12:10:30 GMT - Tue, 04 Mar 2025 12:10:29 GMT

File type
HTML document, ASCII text, with very long lines (5546), with no line terminators
Size
5.0 kB (4994 bytes)
Hash
6b112a939afe4e226df3d72c8368b34d
818e578c1c24a1bad18fdff2ea4534c80e31501e
efa680f95368f34393284f6583aabfd3ec13d1bec2b6bc1603340cea0da7afdc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index.php HTTP/1.1
Host: thisnot.business
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=1848949c65d11fc95048aa34751c2ed4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 06:53:00 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPaTyjQZbMMlaOhY5vwXKS6KvVVyVxePBcTHBPXtLrahXtPzdFrjqMijASjFesTPm48DDoeGk%2Bw0KTnHOikWB92DqjedcUXk7njHunF9KZzksMaFbP8GUn5gAjvBHQtleshw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa8599c8ab756c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=QUIC&rtt=3373&min_rtt=3286&rtt_var=1406&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4211&recv_bytes=1261&delivery_rate=159839&cwnd=12000&unsent_bytes=0&cid=1d02a0975714ea8b&ts=180&x=1", cfExtPri, cfHdrFlush;dur=0

maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css

104.18.11.207

200 OK

141 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint4C:46:68:E4:35:94:CF:F1:17:E4:0B:28:EF:F8:44:64:A1:01:5A:ED
ValidityMon, 18 Nov 2024 00:43:34 GMT - Sun, 16 Feb 2025 00:43:33 GMT

File type
ASCII text, with very long lines (65324)
Size
141 kB (140930 bytes)
Hash
a7022c6fa83d91db67738d6e3cd3252d
1ae238d0c533b209ea5becf4317e13237ed3d42e
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

HTTP Headers

GET /bootstrap/4.1.1/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 06:53:00 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"a7022c6fa83d91db67738d6e3cd3252d"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 03/18/2024 12:49:44
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1077
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: b6c416a53c293df68cafaccf70e47b59
cdn-cache: HIT
cf-cache-status: HIT
age: 3121681
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8fa859a048ea56c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

thisnot.business/player.php?id=Uno_ITindex.phpindex.phpindex.phpindex.phpindex.phpindex.php

188.114.97.1

302 Found

5.0 kB

URL User Request GET HTTP/2
thisnot.business/player.php?id=Uno_ITindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectthisnot.business
Fingerprint65:22:89:3F:AE:48:B5:20:1E:65:3F:95:89:A8:8C:CA:79:E6:4E:4A
ValidityWed, 04 Dec 2024 12:10:30 GMT - Tue, 04 Mar 2025 12:10:29 GMT

File type

Size
5.0 kB (4994 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /player.php?id=Uno_ITindex.phpindex.phpindex.phpindex.phpindex.phpindex.php HTTP/1.1
Host: thisnot.business
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 31 Dec 2024 06:53:00 GMT
content-type: text/html; charset=UTF-8
location: index.php
set-cookie: PHPSESSID=1848949c65d11fc95048aa34751c2ed4; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7%2B7rWhpdRLD8S%2F8w%2BRIWs%2BxC4DJjouyEL1jAi%2Byw42RxaXMElTyCKPc5oyYEKTbAMAV0xJGyrFpmpu53JQ%2F18r3PyFScP2M14Rb3dkmhJgSmELriHw9etiKOqasCQtR8HhG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa8599b786356aa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=5852&min_rtt=629&rtt_var=10295&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3289&recv_bytes=1301&delivery_rate=5648894&cwnd=254&unsent_bytes=0&cid=05eeeeb18194ac2f&ts=169&x=0"
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.6.1/css/all.css

172.67.142.245

200 OK

54 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.6.1/css/all.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint05:31:F4:38:90:E5:B9:DA:3F:69:54:FA:D4:B6:58:60:69:5D:E8:A0
ValidityThu, 07 Nov 2024 23:24:31 GMT - Thu, 06 Feb 2025 00:24:26 GMT

File type
ASCII text, with very long lines (53556)
Size
54 kB (53741 bytes)
Hash
b8085bf2c839791244bd95f56fb93c01
9d272f6a226adc587b4c3e470cc146edd8c92f75
453893f7daa3d8fe9716f8c6d0f36f8ade8cacfc0093e164f4f998b46427959e

HTTP Headers

GET /releases/v5.6.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 06:53:00 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"b8085bf2c839791244bd95f56fb93c01"
last-modified: Fri, 22 Sep 2023 01:45:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 536350
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PHFbpiKQMJgjoLeynWg0R8oowE%2BiMqo92ZFC4zpcBuc%2F2E4psj0jajEAXC46IwOqBduDiVt2PauFDwHVzM%2B%2B4fjWUIN0npvjMRLDdO8XsalgvwHeJXVZAVYdqtoJRe%2FpY3CHU0eU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa859a06f3e569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1080&min_rtt=464&rtt_var=706&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3201&recv_bytes=1083&delivery_rate=7180165&cwnd=253&unsent_bytes=0&cid=2134ca59f4d782cd&ts=57&x=0"
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

142.250.74.138

200 OK

87 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Dec 2024 02:27:46 GMT
expires: Wed, 31 Dec 2025 02:27:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 15915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js

104.18.11.207

200 OK

51 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint4C:46:68:E4:35:94:CF:F1:17:E4:0B:28:EF:F8:44:64:A1:01:5A:ED
ValidityMon, 18 Nov 2024 00:43:34 GMT - Sun, 16 Feb 2025 00:43:33 GMT

File type
JavaScript source, ASCII text, with very long lines (50450)
Size
51 kB (50731 bytes)
Hash
eb5fac582a82f296aeb74900b01a2fa3
fffea98e12e63b66693d567315a2f32392b780b0
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

HTTP Headers

GET /bootstrap/4.1.1/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 31 Dec 2024 06:53:01 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: gzip
etag: W/"eb5fac582a82f296aeb74900b01a2fa3"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 10/31/2023 18:58:44
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d3d4745028d9f7186555b357cb08405f
cdn-cache: HIT
cf-cache-status: HIT
age: 6080892
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8fa859a1cab7b511-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

104.18.11.207

200 OK

141 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint4C:46:68:E4:35:94:CF:F1:17:E4:0B:28:EF:F8:44:64:A1:01:5A:ED
ValidityMon, 18 Nov 2024 00:43:34 GMT - Sun, 16 Feb 2025 00:43:33 GMT

File type
ASCII text, with very long lines (65324)
Size
141 kB (140936 bytes)
Hash
04aca1f4cd3ec3c05a75a879f3be75a3
675fcf28f9fbf37139d3b2c0b676f96f601a4203
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

HTTP Headers

GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 06:53:00 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 4bce7a1384a64f479376dd5531d3b672
cdn-cache: HIT
cf-cache-status: HIT
age: 1140060
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8fa859a0690056c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.6.1/webfonts/fa-solid-900.woff2

172.67.142.245

200 OK

79 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.6.1/webfonts/fa-solid-900.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint05:31:F4:38:90:E5:B9:DA:3F:69:54:FA:D4:B6:58:60:69:5D:E8:A0
ValidityThu, 07 Nov 2024 23:24:31 GMT - Thu, 06 Feb 2025 00:24:26 GMT

File type
Web Open Font Format (Version 2), TrueType, length 79072, version 1.0
Size
79 kB (79072 bytes)
Hash
59ea9019c9b9bc4d83ab9783e830735c
fa1fcc52e59615a6f131b9b2eff1638f0138c617
08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11

HTTP Headers

GET /releases/v5.6.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thisnot.business
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 31 Dec 2024 06:53:01 GMT
content-type: font/woff2
content-length: 79072
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "59ea9019c9b9bc4d83ab9783e830735c"
last-modified: Fri, 22 Sep 2023 01:45:43 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 156972
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uKiPqWRXFPx8i9%2F3tMJrXBogBQEOwyuFhPSGqNezIvLEpKAjQ%2BACeJ7xcJcwN1ScPe7wENI6UnjJvAqymPnk5E3mVtbPlfyYSPEcTl7mvOs1jx4PyHJn6%2B1DCywWgc7D3198LiMr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fa859a26db9b51d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=698&min_rtt=463&rtt_var=502&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3202&recv_bytes=1146&delivery_rate=7715808&cwnd=254&unsent_bytes=0&cid=9fc49c3c5a12327c&ts=64&x=0"
X-Firefox-Spdy: h2

thisnot.business/favicon.ico

188.114.97.1

404 Not Found

1.2 kB

URL GET HTTP/3
thisnot.business/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://thisnot.business/index.php
Certificate
IssuerGoogle Trust Services
Subjectthisnot.business
Fingerprint65:22:89:3F:AE:48:B5:20:1E:65:3F:95:89:A8:8C:CA:79:E6:4E:4A
ValidityWed, 04 Dec 2024 12:10:30 GMT - Tue, 04 Mar 2025 12:10:29 GMT

File type
HTML document, ASCII text, with very long lines (1276), with no line terminators
Size
1.2 kB (1238 bytes)
Hash
24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: thisnot.business
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thisnot.business/index.php
Cookie: PHPSESSID=1848949c65d11fc95048aa34751c2ed4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Tue, 31 Dec 2024 06:53:01 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMV9vPIgm93o49FkkhBFSGsm8TpytXxuMU5tiGWjA5PKsk7g%2BwlODdozrdi6jRjwZjA%2F7n%2Bf2mG7fe5O7NLueHldbAJCgbUbu6O%2BCxPfM0q3eN5tx50En%2FEH8vh00gDJN0eO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fa859a39f2656c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7897&min_rtt=2284&rtt_var=7745&sent=66&recv=21&lost=0&retrans=0&sent_bytes=58326&recv_bytes=4546&delivery_rate=3436&cwnd=48000&unsent_bytes=0&cid=1d02a0975714ea8b&ts=1290&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash