Report - grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93__

Report Overview

Visited public
2023-12-11 12:28:17
Tags
URL
grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Finishing URL
grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
IP / ASN
139.45.197.162
#9002 RETN Limited
Title
Your Device can work faster!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
grartoamp.com	unknown	2023-11-30	2023-11-30 16:42:39	2023-12-10 05:23:39	6.4 kB	33 kB	139.45.197.162
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-12-10 17:58:57	975 B	1.5 kB	139.45.195.8
datatechone.com	unknown	2021-12-24	2015-06-17 15:52:19	2023-12-05 23:02:13	538 B	464 B	37.48.68.71
littlecdn.com	11785	2019-06-04	2019-06-04 12:44:02	2023-12-09 18:44:17	1.4 kB	158 kB	104.22.25.116
cdntechone.com	64371	2021-12-24	2021-12-24 18:09:58	2023-12-10 05:18:59	411 B	20 kB	172.67.138.133

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-11	medium	grartoamp.com	Sinkholed
2023-12-11	medium	datatechone.com	Sinkholed
2023-12-11	medium	grartoamp.com	Sinkholed
2023-12-11	medium	grartoamp.com	Sinkholed
2023-12-11	medium	grartoamp.com	Sinkholed
2023-12-11	medium	grartoamp.com	Sinkholed
2023-12-11	medium	grartoamp.com	Sinkholed
2023-12-11	medium	grartoamp.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (21)

	URL	From	Size	First Seen	Last Seen
	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	32 B	2023-03-13	2024-12-01
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 19:53 Last Seen2024-12-01 14:47 Times Seen738 Hash 4e5e8fb36d83dde24fb98e62a9779375 da75c65907e31036bfef95ac91601b3d748c1344 5c68e3331e69338f026762bb1b00dc710d7fe9c4eb0ae299d534010aa9ab33ab Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	679 B	2023-09-30	2024-08-21
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-30 06:56 Last Seen2024-08-21 05:28 Times Seen5057 Hash 81f2b3d0597f5fb3e59f0de7c72e56b0 f7fe43ee0344359c42a4501460b2d06dfcbeb46a 5fe54923fddbb41708ee1edb5375baafddf99ddca22cbb74e0350e498cbf4b3e Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	1.0 kB	2023-09-15	2025-01-21
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-15 06:48 Last Seen2025-01-21 11:42 Times Seen6367 Hash 1e000d88343060c761e3d7ae644a8732 98f67005a3b038378596137e93681310c394d980 cea17ebf90b967d519365b4f2c3a89f73e6b70003e81841d6b8696df4304210e Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	2.4 kB	2024-08-20	2024-08-20
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:07 Last Seen2024-08-20 16:07 Times Seen1 Hash e1b5dd0e2437817022c28ce88bec1713 60ec202f7082e04486af8d59abc398679108c723 3f70de1e711eb81a7e9e3f8ee25cee04e6f2d833888715eae7519fd536b092c4 Loading...

	grartoamp.com/pfe/current/micro.tag.min.js?uhd=1&z=6304462&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&var=6635775&sw=/sw-check-permissions/6304462&var_3=19644116_431655&os_version=10.0	ScriptElement	27 kB	2023-11-02	2024-08-20
Pretty URL grartoamp.com/pfe/current/micro.tag.min.js?uhd=1&z=6304462&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&var=6635775&sw=/sw-check-permissions/6304462&var_3=19644116_431655&os_version=10.0 IP 139.45.197.162 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 09:44 Last Seen2024-08-20 21:23 Times Seen8998 Hash 5ccd2d5882a06f293d07510ac91c92e6 b44dc0eaa03981adb70d3313e728f9359c1d21c1 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba Loading...

	cdntechone.com/stattag.js	ScriptElement	19 kB	2023-09-07	2024-08-21
Pretty URL cdntechone.com/stattag.js IP 172.67.138.133 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 10:30 Last Seen2024-08-21 07:21 Times Seen1442 Hash 8ec0c661780569e42736cfc20e4c69d7 0d857c9b9813975179cf323a344c934bcae598c6 38831e62c2e99f2f64b0352f13ef7daaa7c97e31dac314bb52caa89a6a7f58f5 Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	2.1 kB	2024-08-20	2024-08-20
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:07 Last Seen2024-08-20 16:07 Times Seen1 Hash e60e8f05a70d30778f06e44098140091 c44d6d1519fc18fe3d9358f165e59d56d456d412 5cc74b7d678ec936aae425949a4ab23a66cd74f5f10b02fa1f2b05517080360d Loading...

	littlecdn.com/apps/templates/applab/btstrp-app/src/assets/bootstrap.min.js	ScriptElement	60 kB	2023-10-23	2024-08-21
Pretty URL littlecdn.com/apps/templates/applab/btstrp-app/src/assets/bootstrap.min.js IP 104.22.25.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-23 22:20 Last Seen2024-08-21 03:41 Times Seen79 Hash 5276f4969182991f6d6ad117edbebda0 626e383729ba2289931daea38fae56d7f2a78be8 e3b9d28d4f701764b8a2ca030b96f5ab1b1967d3ce10aa044db1066128106f1d Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	38 B	2023-03-13	2025-01-21
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 22:51 Last Seen2025-01-21 11:42 Times Seen5557 Hash 3ea1379d18e4ec6bccefeba76a1b33b4 90afb068cee6917494ddd820bcb2fe44de7e5e43 15c832dee58f1c08fb6bf51935a10f95cb0482d19441cefbb469a82278e54bae Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	11 kB	2024-08-20	2024-08-20
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:07 Last Seen2024-08-20 16:07 Times Seen1 Hash a77233ab84525ffc9c53bbdad9d5bb26 e6891427f9a5c248b440080e1f0bfcd446ee3171 8769d67f6526ff029cf0ca833d2f4d6b49e58695c2671604ffc5003d08619f7d Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	432 B	2023-08-15	2025-01-21
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-15 17:07 Last Seen2025-01-21 11:42 Times Seen6382 Hash a68df917a9d58006028bbbc7b6f30aa0 8412b7650e9351c4826eee83dc944ab8e7a5a660 003c5bfe078f1901b11f14e32f824a1696e54b3a72cd7462395986063f0cd571 Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	4.1 kB	2024-08-20	2024-08-20
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:07 Last Seen2024-08-20 16:07 Times Seen1 Hash 5c822519b52b9cfc4b40cf06225f4e12 41456b8a131d9bff21ef2654c7e492f42f63a725 238c96ba62345b9d746eb09ae1cbbc4e2c57fe88d44e170279c97b9a6c4686e8 Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	489 B	2023-03-07	2024-08-21
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2024-08-21 09:42 Times Seen4398 Hash b59d52e5c8c1c905dd20084f27bc5261 492b79822be8f2f1d46714e43274e2500de5c0c5 4795baeddefb045a60541029990e6da282eb7d0cb2f9d20da866382567029649 Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	27 B	2023-03-07	2025-01-21
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:27 Last Seen2025-01-21 11:42 Times Seen2810 Hash dcdca1271ff14fa2a37aac2fdd562ad7 6f8d97801b33f24f2a736c00e1bc5805d9fd5eb7 66d82b0643143d1e9fa6ec2c7e07af701b2b274bc4db74b60ee4dcf5862d229c Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	6.7 kB	2024-08-20	2024-08-20
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:07 Last Seen2024-08-20 16:07 Times Seen1 Hash b66e13bf398221647c722204f6d44ea6 c09dd9786ecc09d9fa129783cdf56c60af00f029 89c85e9c2bc2904e391f6d34199153e224b77369361c4c0bf75d719c1cb12d9c Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	72 B	2023-03-07	2024-08-21
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 15:07 Last Seen2024-08-21 03:41 Times Seen79 Hash 82bd2c6d4fcef804c5931a70b0af10f7 2b2ebc1ab9f2f81dd7211160b19f885172c38def c6dd204e94afea4f45c9dcbcc14f22872d0f3455b80a804007fe2de260c73d92 Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	4.0 kB	2024-08-20	2024-08-20
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:07 Last Seen2024-08-20 16:07 Times Seen1 Hash 0ce45e794c4cee3c80a6943fc61422d2 09d406f177df5aa9d5eb0556cdd784a7bec5ba63 489731368edd5b711f577d7769b292049740bd87c0764c5b218822cbd3424ae1 Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	2.9 kB	2024-08-20	2024-08-20
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:07 Last Seen2024-08-20 16:07 Times Seen1 Hash e8fc1fd26a2a069b7e3fa6d8bce94a4a ce1f9ad6c12b97216975248dd8ac906c2988c9bb 566ee380a5bb30de51285c817ac958a88e6cbc40c4e8f3113a3a3f07bde2e01a Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	2.8 kB	2024-08-20	2024-08-20
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:07 Last Seen2024-08-20 16:07 Times Seen1 Hash 25f4455dee7dc9381d508378f7095c3f 4e766d7296830ee2c417a89f62d0171ee8250362 e704ef6308fd740ad1823ebc9f2696f9d9c4f0f2494eaf562c6bd6485a251d1c Loading...

	littlecdn.com/apps/templates/applab/btstrp-app/src/assets/jquery.min.js	ScriptElement	88 kB	2023-10-23	2024-08-21
Pretty URL littlecdn.com/apps/templates/applab/btstrp-app/src/assets/jquery.min.js IP 104.22.25.116 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-23 22:20 Last Seen2024-08-21 03:41 Times Seen79 Hash 51380249d7ea3b2c3dd5cd51db7e6586 a39febde3a61a9769505b3f4d54958470e7de30d 922c42b88314b04fba4f23bb741e45c885adb1c737c4e15e4286f15d7eb03e1e Loading...

	grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4	ScriptElement	2.1 kB	2024-08-20	2024-08-20
Pretty URL grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:07 Last Seen2024-08-20 16:07 Times Seen1 Hash e36e2b0855baadcecad8b5c106d51c36 dc97d6262afda997bddaea051641b2151187de21 e3cb3ec66fd96a15d80eef2c003ceeb72c6e1905b3fa50506aebfbdae64ef703 Loading...

HTTP Transactions (14)

URL IP Response Size

grartoamp.com/zone?&pub=0&zone_id=6304462&is_mobile=false&domain=grartoamp.com&var=6635775&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&var_3=19644116_431655&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

139.45.197.162

200 OK

0 B

URL POST HTTP/2
grartoamp.com/zone?&pub=0&zone_id=6304462&is_mobile=false&domain=grartoamp.com&var=6635775&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&var_3=19644116_431655&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
IP
139.45.197.162:443
ASN
#9002 RETN Limited

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerLet's Encrypt
Subjectgrartoamp.com
FingerprintE8:E9:8F:45:34:5D:AE:24:42:A9:EE:61:55:E9:B2:3C:63:69:C6:61
ValidityThu, 30 Nov 2023 14:21:24 GMT - Wed, 28 Feb 2024 14:21:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=6304462&is_mobile=false&domain=grartoamp.com&var=6635775&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&var_3=19644116_431655&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest HTTP/1.1
Host: grartoamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://grartoamp.com
DNT: 1
Connection: keep-alive
Referer: https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Cookie: reverse=hvs6RIqMDk0hdf5chSGB1T_j4GlQwFrynnHZw4zvoqw; OAID=7fc266f46a45e861376c91173afc2d16; oaidts=1702297672
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 12:27:52 GMT
content-length: 0
x-trace-id: 186fbc62001a0cca68c106109024a43a
access-control-allow-origin: https://grartoamp.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=7fc266f46a45e861376c91173afc2d16

139.45.195.8

65 B

URL
my.rtmark.net/gid.js?userId=7fc266f46a45e861376c91173afc2d16
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data - , ASCII text
Size
65 B (65 bytes)
Hash
6fc4a9c998dc156c3a7c69707465d142
17eef63cba6042644b43eab9241591cfa74cc259
25822380c7f1b7d440a62410a2f8abb49ec2357ece3632028be926bfdb5d79a9

HTTP Headers

GET /gid.js?userId=7fc266f46a45e861376c91173afc2d16 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grartoamp.com/
Origin: https://grartoamp.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 12:27:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://grartoamp.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7fc266f46a45e861376c91173afc2d16; expires=Tue, 10 Dec 2024 12:27:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintE8:81:4E:79:89:89:BE:CE:75:1F:E0:2A:60:54:8A:A4:11:2E:F7:42
ValiditySat, 07 Oct 2023 15:22:00 GMT - Fri, 05 Jan 2024 15:21:59 GMT

File type
JSON data - , ASCII text
Size
65 B (65 bytes)
Hash
6fc4a9c998dc156c3a7c69707465d142
17eef63cba6042644b43eab9241591cfa74cc259
25822380c7f1b7d440a62410a2f8abb49ec2357ece3632028be926bfdb5d79a9

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grartoamp.com/
Origin: https://grartoamp.com
DNT: 1
Connection: keep-alive
Cookie: ID=7fc266f46a45e861376c91173afc2d16
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 12:27:52 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://grartoamp.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=7fc266f46a45e861376c91173afc2d16; expires=Tue, 10 Dec 2024 12:27:52 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

datatechone.com/log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81

37.48.68.71

200 OK

2 B

URL POST HTTP/1.1
datatechone.com/log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81
IP
37.48.68.71:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerSectigo Limited
Subjectdatatechone.com
Fingerprint8E:B7:22:E4:97:95:3C:60:FC:7C:41:39:A6:B7:B7:E2:48:B2:D0:18
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1557
Origin: https://grartoamp.com
DNT: 1
Connection: keep-alive
Referer: https://grartoamp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 11 Dec 2023 12:27:52 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://grartoamp.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

grartoamp.com/favicon.ico

139.45.197.162

0 B

URL
grartoamp.com/favicon.ico
IP
139.45.197.162:0
ASN
#9002 RETN Limited

Certificate
IssuerLet's Encrypt
Subjectgrartoamp.com
FingerprintE8:E9:8F:45:34:5D:AE:24:42:A9:EE:61:55:E9:B2:3C:63:69:C6:61
ValidityThu, 30 Nov 2023 14:21:24 GMT - Wed, 28 Feb 2024 14:21:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: grartoamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Cookie: reverse=hvs6RIqMDk0hdf5chSGB1T_j4GlQwFrynnHZw4zvoqw; OAID=7fc266f46a45e861376c91173afc2d16; oaidts=1702297672; syncedCookie=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Mon, 11 Dec 2023 12:27:53 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

littlecdn.com/apps/templates/applab/btstrp-app/src/assets/jquery.min.js

104.22.25.116

200 OK

88 kB

URL GET HTTP/2
littlecdn.com/apps/templates/applab/btstrp-app/src/assets/jquery.min.js
IP
104.22.25.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF9:14:9E:F3:4F:17:83:0E:22:54:EF:3E:FD:37:20:6C:1D:08:CE:1F
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65450)
Size
88 kB (88146 bytes)
Hash
51380249d7ea3b2c3dd5cd51db7e6586
a39febde3a61a9769505b3f4d54958470e7de30d
922c42b88314b04fba4f23bb741e45c885adb1c737c4e15e4286f15d7eb03e1e

HTTP Headers

GET /apps/templates/applab/btstrp-app/src/assets/jquery.min.js HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grartoamp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 12:27:52 GMT
content-type: application/javascript
last-modified: Mon, 11 Dec 2023 10:55:22 GMT
vary: Accept-Encoding
etag: W/"6576ea9a-15852"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: MISS
server: cloudflare
cf-ray: 833db9642f9b56aa-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

172.67.138.133

200 OK

19 kB

URL GET HTTP/2
cdntechone.com/stattag.js
IP
172.67.138.133:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (18335)
Size
19 kB (18985 bytes)
Hash
8ec0c661780569e42736cfc20e4c69d7
0d857c9b9813975179cf323a344c934bcae598c6
38831e62c2e99f2f64b0352f13ef7daaa7c97e31dac314bb52caa89a6a7f58f5

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grartoamp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 12:27:52 GMT
content-type: application/javascript
last-modified: Thu, 07 Sep 2023 08:19:46 GMT
etag: W/"64f987a2-4a29"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3587
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVh4XkBm%2B3giQ2SSBTm%2BiIBEashSRheF6BOVoObVCHgRf6tzA0c6k40lCdeq8QY%2FI8zMt7hw9uIoi9uVwuz0eMdPjlv4IdNGlQdO4n%2Ff5wG3tm%2BtLqO%2B%2BY%2FLVuCUIwhoFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833db964bae30b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

grartoamp.com/track-impression-applab?z=6635775&b=19644116&ymid=6577002c1551be0001f743c4&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&var_3=19644116_431655&redirect=false&redirectUrl=https%3A%2F%2Feasybonus.xyz%2FCb7whYb8%3Fexternal_id%3D%24%7BSUBID%7D%26source%3D6635775_474_89a3984a-749c-48ba-be56-29d12d6d1b93___%26ad_campaign_id%3Dzeydoocrypto%26land_state%3Dbefore_render%26land_id%3DYdvVj4ZhfT1ELFW%26land_generation_time%3D2023-12-11_07%3A27%3A52%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D7fc266f46a45e861376c91173afc2d16%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=10.0

139.45.197.162

200 OK

855 B

URL GET HTTP/2
grartoamp.com/track-impression-applab?z=6635775&b=19644116&ymid=6577002c1551be0001f743c4&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&var_3=19644116_431655&redirect=false&redirectUrl=https%3A%2F%2Feasybonus.xyz%2FCb7whYb8%3Fexternal_id%3D%24%7BSUBID%7D%26source%3D6635775_474_89a3984a-749c-48ba-be56-29d12d6d1b93___%26ad_campaign_id%3Dzeydoocrypto%26land_state%3Dbefore_render%26land_id%3DYdvVj4ZhfT1ELFW%26land_generation_time%3D2023-12-11_07%3A27%3A52%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D7fc266f46a45e861376c91173afc2d16%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=10.0
IP
139.45.197.162:443
ASN
#9002 RETN Limited

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerLet's Encrypt
Subjectgrartoamp.com
FingerprintE8:E9:8F:45:34:5D:AE:24:42:A9:EE:61:55:E9:B2:3C:63:69:C6:61
ValidityThu, 30 Nov 2023 14:21:24 GMT - Wed, 28 Feb 2024 14:21:23 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (913), with no line terminators
Size
855 B (855 bytes)
Hash
c562b8590197d4b5e4c4f385b87254c5
069368f81b3483cd16a409fcc02a8dd29348ff65
4dbaeb9de54ae51a4b2ad46f861bce81a439d2e9685f1e57b3718c01ac103991

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /track-impression-applab?z=6635775&b=19644116&ymid=6577002c1551be0001f743c4&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&var_3=19644116_431655&redirect=false&redirectUrl=https%3A%2F%2Feasybonus.xyz%2FCb7whYb8%3Fexternal_id%3D%24%7BSUBID%7D%26source%3D6635775_474_89a3984a-749c-48ba-be56-29d12d6d1b93___%26ad_campaign_id%3Dzeydoocrypto%26land_state%3Dbefore_render%26land_id%3DYdvVj4ZhfT1ELFW%26land_generation_time%3D2023-12-11_07%3A27%3A52%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D7fc266f46a45e861376c91173afc2d16%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=10.0 HTTP/1.1
Host: grartoamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
DNT: 1
Connection: keep-alive
Cookie: reverse=hvs6RIqMDk0hdf5chSGB1T_j4GlQwFrynnHZw4zvoqw; OAID=7fc266f46a45e861376c91173afc2d16; oaidts=1702297672; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 12:27:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: e18f7db4006829b25cfbec0da18fbfcc
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

grartoamp.com/rotate?zz=6355835&var=6635775&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&uid=7fc266f46a45e861376c91173afc2d16&var_4=6577002c1551be0001f743c4&os_version=10.0

139.45.197.162

200 OK

993 B

URL GET HTTP/2
grartoamp.com/rotate?zz=6355835&var=6635775&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&uid=7fc266f46a45e861376c91173afc2d16&var_4=6577002c1551be0001f743c4&os_version=10.0
IP
139.45.197.162:443
ASN
#9002 RETN Limited

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerLet's Encrypt
Subjectgrartoamp.com
FingerprintE8:E9:8F:45:34:5D:AE:24:42:A9:EE:61:55:E9:B2:3C:63:69:C6:61
ValidityThu, 30 Nov 2023 14:21:24 GMT - Wed, 28 Feb 2024 14:21:23 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1003), with no line terminators
Size
993 B (993 bytes)
Hash
549bebe7759166158aab454788011ff2
9c504428f07f339a9e51fafa9eefb75f175740ad
475f6262dc544556e4b32e1c6c0f61177cc390546ddf548fac4203898c7c5fb6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rotate?zz=6355835&var=6635775&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&uid=7fc266f46a45e861376c91173afc2d16&var_4=6577002c1551be0001f743c4&os_version=10.0 HTTP/1.1
Host: grartoamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
DNT: 1
Connection: keep-alive
Cookie: reverse=hvs6RIqMDk0hdf5chSGB1T_j4GlQwFrynnHZw4zvoqw; OAID=7fc266f46a45e861376c91173afc2d16; oaidts=1702297672; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 12:27:52 GMT
content-type: application/javascript
x-trace-id: 919addc7dc70b4a31649d28eb51d421d
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Accept-Encoding, Origin
access-control-allow-origin: https://grartoamp.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=7fc266f46a45e861376c91173afc2d16; expires=Tue, 10 Dec 2024 12:27:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

littlecdn.com/apps/templates/applab/btstrp-app/src/assets/bootstrap.min.js

104.22.25.116

200 OK

60 kB

URL GET HTTP/2
littlecdn.com/apps/templates/applab/btstrp-app/src/assets/bootstrap.min.js
IP
104.22.25.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF9:14:9E:F3:4F:17:83:0E:22:54:EF:3E:FD:37:20:6C:1D:08:CE:1F
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (59729)
Size
60 kB (60016 bytes)
Hash
5276f4969182991f6d6ad117edbebda0
626e383729ba2289931daea38fae56d7f2a78be8
e3b9d28d4f701764b8a2ca030b96f5ab1b1967d3ce10aa044db1066128106f1d

HTTP Headers

GET /apps/templates/applab/btstrp-app/src/assets/bootstrap.min.js HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grartoamp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 12:27:52 GMT
content-type: application/javascript
last-modified: Mon, 11 Dec 2023 10:55:22 GMT
vary: Accept-Encoding
etag: W/"6576ea9a-ea70"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 833db9643fa156aa-OSL
content-encoding: br
X-Firefox-Spdy: h2

grartoamp.com/pfe/current/micro.tag.min.js?uhd=1&z=6304462&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&var=6635775&sw=/sw-check-permissions/6304462&var_3=19644116_431655&os_version=10.0

139.45.197.162

200 OK

27 kB

URL GET HTTP/2
grartoamp.com/pfe/current/micro.tag.min.js?uhd=1&z=6304462&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&var=6635775&sw=/sw-check-permissions/6304462&var_3=19644116_431655&os_version=10.0
IP
139.45.197.162:443
ASN
#9002 RETN Limited

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerLet's Encrypt
Subjectgrartoamp.com
FingerprintE8:E9:8F:45:34:5D:AE:24:42:A9:EE:61:55:E9:B2:3C:63:69:C6:61
ValidityThu, 30 Nov 2023 14:21:24 GMT - Wed, 28 Feb 2024 14:21:23 GMT

File type
ASCII text, with very long lines (27007), with no line terminators
Size
27 kB (27007 bytes)
Hash
5ccd2d5882a06f293d07510ac91c92e6
b44dc0eaa03981adb70d3313e728f9359c1d21c1
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?uhd=1&z=6304462&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&var=6635775&sw=/sw-check-permissions/6304462&var_3=19644116_431655&os_version=10.0 HTTP/1.1
Host: grartoamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Cookie: reverse=hvs6RIqMDk0hdf5chSGB1T_j4GlQwFrynnHZw4zvoqw; OAID=7fc266f46a45e861376c91173afc2d16; oaidts=1702297672
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 12:27:52 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 20:42:33 GMT
vary: Accept-Encoding
etag: W/"655fb939-697f"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: br
X-Firefox-Spdy: h2

grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4&mprtr=1&os_version=10.0

139.45.197.162

200 OK

2 B

URL POST HTTP/2
grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4&mprtr=1&os_version=10.0
IP
139.45.197.162:443
ASN
#9002 RETN Limited

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerLet's Encrypt
Subjectgrartoamp.com
FingerprintE8:E9:8F:45:34:5D:AE:24:42:A9:EE:61:55:E9:B2:3C:63:69:C6:61
ValidityThu, 30 Nov 2023 14:21:24 GMT - Wed, 28 Feb 2024 14:21:23 GMT

File type
JSON data - , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4&mprtr=1&os_version=10.0 HTTP/1.1
Host: grartoamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://grartoamp.com
DNT: 1
Connection: keep-alive
Referer: https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Cookie: reverse=hvs6RIqMDk0hdf5chSGB1T_j4GlQwFrynnHZw4zvoqw; OAID=7fc266f46a45e861376c91173afc2d16; oaidts=1702297672
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 12:27:52 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: br
X-Firefox-Spdy: h2

littlecdn.com/apps/templates/applab/btstrp-app/build/main.css?v19387875778107

104.22.25.116

200 OK

8.1 kB

URL GET HTTP/2
littlecdn.com/apps/templates/applab/btstrp-app/build/main.css?v19387875778107
IP
104.22.25.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF9:14:9E:F3:4F:17:83:0E:22:54:EF:3E:FD:37:20:6C:1D:08:CE:1F
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (8125), with no line terminators
Size
8.1 kB (8096 bytes)
Hash
0d4e619d57de0afbfde8f2f3c8f1887b
5de96a87ef7fa9394fc4c5fc231b3f00c5d45a80
27d63646ed04d91ed3d98c007930432c037914a6efbdcb7c16612a01d48fc52a

HTTP Headers

GET /apps/templates/applab/btstrp-app/build/main.css?v19387875778107 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grartoamp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 11 Dec 2023 12:27:52 GMT
content-type: text/css
last-modified: Mon, 11 Dec 2023 10:55:22 GMT
vary: Accept-Encoding
etag: W/"6576ea9a-1fa0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: MISS
server: cloudflare
cf-ray: 833db9643fa356aa-OSL
content-encoding: br
X-Firefox-Spdy: h2

grartoamp.com/sw-check-permissions/6304462?var=6635775&var_3=19644116_431655&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&uhd=1

139.45.197.162

200 OK

932 B

URL GET HTTP/2
grartoamp.com/sw-check-permissions/6304462?var=6635775&var_3=19644116_431655&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&uhd=1
IP
139.45.197.162:443
ASN
#9002 RETN Limited

Requested by
https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Certificate
IssuerLet's Encrypt
Subjectgrartoamp.com
FingerprintE8:E9:8F:45:34:5D:AE:24:42:A9:EE:61:55:E9:B2:3C:63:69:C6:61
ValidityThu, 30 Nov 2023 14:21:24 GMT - Wed, 28 Feb 2024 14:21:23 GMT

File type
ASCII text, with very long lines (993), with no line terminators
Size
932 B (932 bytes)
Hash
ebec37aea28827d7c136733135929fca
dc8db72bdd6c671379c542874bc38f661fbcbd0b
39141ba2c5041a2d5056aebb31ff8b1838e6674ec6f300f3be37cdeea0604f3b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw-check-permissions/6304462?var=6635775&var_3=19644116_431655&ymid=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&uhd=1 HTTP/1.1
Host: grartoamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://grartoamp.com/?l=YdvVj4ZhfT1ELFW&b=19644116&z=6635775&s=6577002c1551be0001f743c4&campid=431655&var=474_89a3984a-749c-48ba-be56-29d12d6d1b93___&ymid=6577002c1551be0001f743c4
Cookie: reverse=hvs6RIqMDk0hdf5chSGB1T_j4GlQwFrynnHZw4zvoqw; OAID=7fc266f46a45e861376c91173afc2d16; oaidts=1702297672
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 12:27:52 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by