ez-mobi.net/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp
301 Moved Permanently 162 B URL User Request GET HTTP/2 ez-mobi.net/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp
IP
Certificate IssuerAmazon
Subjectmobicube.net
Fingerprint2E:88:17:81:78:75:A5:CA:27:58:AB:37:A4:A9:87:0E:11:FF:10:E1
ValidityTue, 23 May 2023 00:00:00 GMT - Thu, 20 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp HTTP/1.1
Host: ez-mobi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 162
location: http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
date: Mon, 04 Dec 2023 06:26:23 GMT
server: nginx
x-cache: Miss from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DIgG9CRnV6Y3B1EAJaTwv79bsz6UUQKJ67x7LMhOko0Vjw1e3EzBcA==
X-Firefox-Spdy: h2
mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
200 OK 13 kB URL User Request GET HTTP/1.1 mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (963)
Hash 5743844d6b11e5f90d6f0ef86cfd1ee7
04684c1ea6ff5d6eb7e52e22b2dbdf935f3c043e
18e41f37ce31ba9dbce7ee79321dc511ee3875f8e65ac2a282dde21be480a618
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/ HTTP/1.1
Host: mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 06:26:24 GMT
Content-Type: text/html
Content-Length: 13140
Connection: keep-alive
Server: nginx
Last-Modified: Sat, 29 Oct 2022 18:04:54 GMT
ETag: "635d6b46-3354"
Accept-Ranges: bytes
mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/js-2rs.js
200 OK 2.4 kB URL GET HTTP/1.1 mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/js-2rs.js
IP
Requested by http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
File type ASCII text, with CRLF line terminators
Hash a7f3272b893ce800c15a5b5f6e3d3f29
0b4ea12cbaaac783400c3331c910e2b4d12a20b7
b9d7ef97530b99694ac3cb24f465f816a790d8836e0de1ec632ddc9b915d6853
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/js-2rs.js HTTP/1.1
Host: mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 06:26:24 GMT
Content-Type: application/javascript
Content-Length: 2381
Connection: keep-alive
Server: nginx
Last-Modified: Fri, 19 May 2023 02:04:54 GMT
ETag: "6466d946-94d"
Accept-Ranges: bytes
mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/jquery-3.6.0.min.js
200 OK 90 kB URL GET HTTP/1.1 mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/jquery-3.6.0.min.js
IP
Requested by http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/jquery-3.6.0.min.js HTTP/1.1
Host: mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 06:26:24 GMT
Content-Type: application/javascript
Content-Length: 89501
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 06 Jan 2022 15:49:08 GMT
ETag: "61d70f74-15d9d"
Accept-Ranges: bytes
mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/loading2.gif
200 OK 37 kB URL GET HTTP/1.1 mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/loading2.gif
IP
Requested by http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
File type GIF image data, version 89a, 70 x 70\012- data
Hash c26c3f849a5b578ed5494ade3dfb6837
add1f2224f425c034f040973e83edd798f0727a9
3dfebea695e74f95113339686c6167ecd8e05afb20d69e3fd74d2acc8689e39b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/loading2.gif HTTP/1.1
Host: mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 06:26:24 GMT
Content-Type: image/gif
Content-Length: 37009
Connection: keep-alive
Server: nginx
Last-Modified: Sat, 12 Mar 2016 19:28:38 GMT
ETag: "56e46de6-9091"
Accept-Ranges: bytes
deefauph.com/pfe/current/micro.tag.min.js?z=5101589&ymid=null&var=null&sw=/sw-check-permissions-4e1e4.js
200 OK 11 kB URL GET HTTP/1.1 deefauph.com/pfe/current/micro.tag.min.js?z=5101589&ymid=null&var=null&sw=/sw-check-permissions-4e1e4.js
IP
Requested by http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
File type ASCII text, with very long lines (27007), with no line terminators
Hash 5ccd2d5882a06f293d07510ac91c92e6
b44dc0eaa03981adb70d3313e728f9359c1d21c1
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba
GET /pfe/current/micro.tag.min.js?z=5101589&ymid=null&var=null&sw=/sw-check-permissions-4e1e4.js HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 06:26:25 GMT
Content-Type: application/javascript
Last-Modified: Mon, 27 Nov 2023 17:44:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6564d577-697f"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/sw-check-permissions-4e1e4.js?var=null&ymid=null
200 OK 566 B URL GET HTTP/1.1 mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/sw-check-permissions-4e1e4.js?var=null&ymid=null
IP
Requested by http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
Hash 4926ad62fc01ecfbe8225653b1202737
bf4b858281bc7a6d5c73a37b1b27434e94b4c1b4
cdaee50cc9d7ae2fad4d3b4fce6e3e2590ace2be29110373f550ce11f8ab98bd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sw-check-permissions-4e1e4.js?var=null&ymid=null HTTP/1.1
Host: mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 06:26:25 GMT
Content-Type: application/javascript
Content-Length: 566
Connection: keep-alive
Server: nginx
Last-Modified: Sat, 04 Mar 2023 03:34:54 GMT
ETag: "6402bc5e-236"
Accept-Ranges: bytes
deefauph.com/zone?&pub=0&zone_id=5101589&is_mobile=false&domain=mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com&var=null&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
200 OK 0 B URL POST HTTP/2 deefauph.com/zone?&pub=0&zone_id=5101589&is_mobile=false&domain=mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com&var=null&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest
IP
Requested by http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/2sp/mob/th/mtz790924game/age21-btn-p-th-mc-2sp/
Certificate IssuerLet's Encrypt
Subjectdeefauph.com
FingerprintC9:BF:8F:4B:E8:EB:DC:8F:83:22:79:96:21:1A:B7:59:F3:02:A6:28
ValiditySat, 28 Oct 2023 05:38:23 GMT - Fri, 26 Jan 2024 05:38:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5101589&is_mobile=false&domain=mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com&var=null&ymid=null&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest HTTP/1.1
Host: deefauph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com
DNT: 1
Connection: keep-alive
Referer: http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:26:25 GMT
content-length: 0
x-trace-id: 5ab69da8cc30fd88de3547d88dd14fd3
access-control-allow-origin: http://mobicubenet-env.eba-jahsrmiz.us-east-1.elasticbeanstalk.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
143.204.55.5
139.45.197.251