Report - 45ovpl55b6.xyz/

Report Overview

Visitedpublic

2025-06-14 19:45:52

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
45ovpl55b6.xyz	unknown	2024-06-12	2025-06-14	2025-06-14	2.7 kB	1.1 MB	54.240.174.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2025-06-14	medium	45ovpl55b6.xyz/static/20250517152357/js/chunk-vendors.js	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	45ovpl55b6.xyz/	ScriptElement	50 B	2025-04-07	2025-08-01
URL 45ovpl55b6.xyz/ IP / ASN 54.240.174.32 #16509 AMAZON-02 Introduced by ScriptElement Embedded true Resource Info First Seen 2025-04-07 Last Seen 2025-08-01 Times Seen 70 Size 50 B (50 bytes) MD5 24ac2c2a88d5c17e10e9852277c8e0df SHA1 5af5f482aaafa5f62847719e6de2a86cffb4da14 SHA256 c5852502e24470479c20fdfaa9c1c43f20175d5127efe36f45bd88ffbfc59e50 Format Code Loading...

HTTP Transactions (6)

URL IP Response Size

GET 45ovpl55b6.xyz/

54.240.174.32

200 OK

1.5 kB

URL

45ovpl55b6.xyz/

IP / ASN

54.240.174.32

#16509 AMAZON-02

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (1195)

First Seen2025-05-21

Last Seen2025-08-01

Times Seen19

Size1.5 kB (1529 bytes)

MD512571f0bf7a03b7f264415d50ae5923b

SHA1a2f5b4e7a504af38777fd09b2055b834c631df17

SHA2568bd560eeeab0aaa8174d6df27801b7b90631d71769c77c74a87eb50281611917

Certificate Info

IssuerAmazon

Subjecte29cdt7lxx.xyz

Fingerprint55:2A:DA:2C:9F:E6:35:E7:16:0E:1D:11:E8:F0:EB:F0:8E:28:D1:8B

ValidityThu, 22 May 2025 00:00:00 GMT - Sat, 20 Jun 2026 23:59:59 GMT

HTTP Headers

GET / HTTP/1.1
Host: 45ovpl55b6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
date: Fri, 13 Jun 2025 23:17:46 GMT
last-modified: Sat, 17 May 2025 07:28:27 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDdsuyYqBCiSNmeitExZENN5IsS4DZ4nZX9%2FIWY%2BrNeknvGsbiJ%2BM4R7oGDrrv4OqjVDqsEjJUEWoQ2Ug2SmxSWDpWvnMPk0Qx%2B1o1zEr5IOyMz0g3I9D2qJGvahQzvMHYi9Cksb2AVopg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94f54da26ac43736-FRA
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ExR6MmAs19t-Ooco3bywEl5f8vrztD-7orGpFr_huiItE4TJotb1LA==
age: 73664
X-Firefox-Spdy: h2

GET 45ovpl55b6.xyz/static/20250517152357/css/chunk-vendors.css

54.240.174.32

200 OK

198 kB

URL

45ovpl55b6.xyz/static/20250517152357/css/chunk-vendors.css

IP / ASN

54.240.174.32

#16509 AMAZON-02

Requested byhttps://45ovpl55b6.xyz/

Resource Info

File typeASCII text, with very long lines (65536), with no line terminators

First Seen2024-09-15

Last Seen2025-08-01

Times Seen106

Size198 kB (198450 bytes)

MD59c292bd860af13ab3f2076a4f19c3efa

SHA1bfefa5fc229447ede757a2e4d08480917a5ade29

SHA2567daa57e8b7ae49d4922ed9868771ce9ab2c1048beadb0bb43595be5115fee42f

Certificate Info

IssuerAmazon

Subjecte29cdt7lxx.xyz

Fingerprint55:2A:DA:2C:9F:E6:35:E7:16:0E:1D:11:E8:F0:EB:F0:8E:28:D1:8B

ValidityThu, 22 May 2025 00:00:00 GMT - Sat, 20 Jun 2026 23:59:59 GMT

HTTP Headers

GET /static/20250517152357/css/chunk-vendors.css HTTP/1.1
Host: 45ovpl55b6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://45ovpl55b6.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Sat, 17 May 2025 07:28:27 GMT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GgiI5AwhiSzH7kMJLZ26TOqVSZfzoCJ41t5cMf%2BqcVpg%2B8iNT1i6q9s5lwVHSLycvcDgXt745Xh5o53u2ZKSu2mwz4KwR0tMlhTLs8kmRVjGPiIAnBoYrSGinBZGlvY5t8zNxTKB4FxI%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94f150ebe85965ac-FRA
content-encoding: gzip
date: Sat, 14 Jun 2025 18:17:30 GMT
cache-control: max-age=14400
etag: W/"68283a9b-30732"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hUUIj2ZAuw2Tu-9yW0fRwRx3UAfuA0J68xuf4y7GnMRu2wz3C7K2KA==
age: 6523
X-Firefox-Spdy: h2

GET 45ovpl55b6.xyz/static/20250517152357/js/index.js

54.240.174.32

200 OK

34 kB

URL

45ovpl55b6.xyz/static/20250517152357/js/index.js

IP / ASN

54.240.174.32

#16509 AMAZON-02

Requested byhttps://45ovpl55b6.xyz/

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33758), with no line terminators

First Seen2025-05-21

Last Seen2025-08-01

Times Seen19

Size34 kB (33790 bytes)

MD5120cf62097283d6022d92e29bd6d6a13

SHA1ce4456234c616264bee00386683d1c31d0a3fc9d

SHA256d78ab3ce9e4bbf1cb9747d347a057fd7fd574ed0643924ab166428f5da996d4e

Certificate Info

IssuerAmazon

Subjecte29cdt7lxx.xyz

Fingerprint55:2A:DA:2C:9F:E6:35:E7:16:0E:1D:11:E8:F0:EB:F0:8E:28:D1:8B

ValidityThu, 22 May 2025 00:00:00 GMT - Sat, 20 Jun 2026 23:59:59 GMT

HTTP Headers

GET /static/20250517152357/js/index.js HTTP/1.1
Host: 45ovpl55b6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://45ovpl55b6.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 17 May 2025 07:28:27 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uwhX6nJpsf3n8nGzsVTLtpsLYy36Czsxv%2FUkLgM1Lko2jdKTknuLXZ9Rf%2FwZBnTQMomdmExWAnJSBz%2B%2FZCV7zcQsvwFaD1%2FwA7iK8Bq4qmX9cOeWIC7gKPH8SoZSB9T1rjEgyWefnZY4cA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94f5a3bbaf23bb71-FRA
content-encoding: gzip
date: Sat, 14 Jun 2025 18:46:45 GMT
cache-control: max-age=14400
etag: W/"68283a9b-83fe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YqQTWukkA4zunutHIzNxZU7M8fcw7f_BWxFHYcG_M8N-Qytal6AyOA==
age: 9456
X-Firefox-Spdy: h2

GET 45ovpl55b6.xyz/static/20250517152357/css/index.css

54.240.174.32

200 OK

1.0 kB

URL

45ovpl55b6.xyz/static/20250517152357/css/index.css

IP / ASN

54.240.174.32

#16509 AMAZON-02

Requested byhttps://45ovpl55b6.xyz/

Resource Info

File typeASCII text, with very long lines (1004), with no line terminators

First Seen2023-12-20

Last Seen2025-08-01

Times Seen62

Size1.0 kB (1004 bytes)

MD54848e8f8e923ad821ecf75fc736a042f

SHA1d2b2cb87f7c8fbdebb3bdd6ab0d703fe06a5638d

SHA25646024eaad803f92a09daf66a706e0de7a2baa8e52866ab6375e659871f384664

Certificate Info

IssuerAmazon

Subjecte29cdt7lxx.xyz

Fingerprint55:2A:DA:2C:9F:E6:35:E7:16:0E:1D:11:E8:F0:EB:F0:8E:28:D1:8B

ValidityThu, 22 May 2025 00:00:00 GMT - Sat, 20 Jun 2026 23:59:59 GMT

HTTP Headers

GET /static/20250517152357/css/index.css HTTP/1.1
Host: 45ovpl55b6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://45ovpl55b6.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
last-modified: Sat, 17 May 2025 07:28:27 GMT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Qsla0y2%2FAh3o3icWk4Q8Vc%2FOD1Y7QaNloZCEMiURIBut4fFtkxxQ3F%2BauwgaV%2F625R%2B6tfBv9sD9bNIDooIHOuaDkvBmMV6hKVRxbCCA7nvBrfQH2gelbDF1DPDOD0z77FRJMSRfy%2B1Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94f7d727cd2de868-FRA
content-encoding: gzip
date: Sat, 14 Jun 2025 18:17:30 GMT
cache-control: max-age=14400
etag: W/"68283a9b-3ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vNOBAoTvsIQ7CmmeIw6Ht5Yq2bEqDgI0skpgWXz-e3gREGobNVJmWQ==
age: 6523
X-Firefox-Spdy: h2

GET 45ovpl55b6.xyz/static/20250517152357/js/chunk-vendors.js

54.240.174.32

200 OK

842 kB

URL

45ovpl55b6.xyz/static/20250517152357/js/chunk-vendors.js

IP / ASN

54.240.174.32

#16509 AMAZON-02

Requested byhttps://45ovpl55b6.xyz/

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65374), with no line terminators

First Seen2025-05-21

Last Seen2025-08-01

Times Seen58

Size842 kB (842227 bytes)

MD542a0bf3eeda8f015cf57d127777e3ef6

SHA13b0b2122d084dd3820ff1e06272931839d953f44

SHA2561c5c14323e62568f8a03dc2f29202a416d5558e6d8265e983f815b10e1707abe

Certificate Info

IssuerAmazon

Subjecte29cdt7lxx.xyz

Fingerprint55:2A:DA:2C:9F:E6:35:E7:16:0E:1D:11:E8:F0:EB:F0:8E:28:D1:8B

ValidityThu, 22 May 2025 00:00:00 GMT - Sat, 20 Jun 2026 23:59:59 GMT

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

HTTP Headers

GET /static/20250517152357/js/chunk-vendors.js HTTP/1.1
Host: 45ovpl55b6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://45ovpl55b6.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 17 May 2025 07:28:27 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYsfMdXOoQ64FM1TrAiJ%2BJoDuwLRSDDu3uJct4RI3NGnB840s4o27U2IUQ%2BHWrn9Ey%2FKBIpMnMTG%2FHw3Niv8YNp%2BIJWRua54CiqZGZ4UoBUQBlUDW7Qb6K24S3iX2n5Y7zjYIDeKlblhRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94f5a3b80cd69bf7-FRA
content-encoding: gzip
date: Sat, 14 Jun 2025 18:46:44 GMT
cache-control: max-age=14400
etag: W/"68283a9b-cd9f3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RXb98qKlA0uKfWVsRsKzwsSUiig6dg08hM58rUay97eyOTCB-VF8ig==
age: 3526
X-Firefox-Spdy: h2

GET 45ovpl55b6.xyz/favicon.ico

54.240.174.32

200 OK

784 B

URL

45ovpl55b6.xyz/favicon.ico

IP / ASN

54.240.174.32

#16509 AMAZON-02

Requested byhttps://45ovpl55b6.xyz/

Resource Info

File typePNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced

First Seen2023-10-28

Last Seen2025-08-01

Times Seen309

Size784 B (784 bytes)

MD5f01fe0b27ab5620848295331cd6e8eb0

SHA1dd9018d2711a9740e1395011e8623a04da3c0ff5

SHA256d1a6467455a3522674023766194f6629c36ca79020d9b8ee0c2ae93de5c0bee7

Certificate Info

IssuerAmazon

Subjecte29cdt7lxx.xyz

Fingerprint55:2A:DA:2C:9F:E6:35:E7:16:0E:1D:11:E8:F0:EB:F0:8E:28:D1:8B

ValidityThu, 22 May 2025 00:00:00 GMT - Sat, 20 Jun 2026 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 45ovpl55b6.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://45ovpl55b6.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/x-icon
last-modified: Sat, 17 May 2025 07:28:27 GMT
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DKglMgrdL%2F50KOKzTobclb73S7a58IVkpXL8KqFABEe9ekkcFAE%2FuXe02MAAlknaEsszRoI75vm%2BrDJ4peAfCJjyyPcdhxyCwo%2FQBr283m68XKRNhict6BcAvsfZEh%2FQCav7GjWypm7eJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 94e9cf391d06a401-FRA
content-encoding: gzip
date: Sat, 14 Jun 2025 16:37:34 GMT
cache-control: max-age=14400
etag: W/"68283a9b-310"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OcfORuhE0_nBuvh8glOHFG7UpEtM5YZtnznPQMJRRk821TZjbg5BMg==
age: 14395
X-Firefox-Spdy: h2