Report - trade500intal.org/

Report Overview

Visited public
2024-12-20 16:43:25
Tags
Submit Tags
URL
trade500intal.org/
Finishing URL
trade500intal.org/
IP / ASN
172.67.209.11
#13335 CLOUDFLARENET
Title
Immediate Pump ™ | The Updated & Official Site【2024】

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
trade500intal.org	unknown	2023-07-03	2023-07-24	2024-09-22	19 kB	909 kB	172.67.209.11
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-18	1.6 kB	95 kB	216.58.207.227
www.googletagmanager.com	75	2011-11-11	2012-10-04	2024-12-18	909 B	323 kB	142.250.74.168
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2024-12-18	1.3 kB	58 kB	104.17.25.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed
2024-12-20	medium	trade500intal.org	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	trade500intal.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-07-25
Pretty URL trade500intal.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.209.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-25 03:52 Times Seen94570 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	trade500intal.org/main.js	ScriptElement	122 kB	2024-08-19	2025-05-12
Pretty URL trade500intal.org/main.js IP 172.67.209.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 20:50 Last Seen2025-05-12 07:20 Times Seen5 Hash 8b575a5d49e87c4e2a5edf5052f6b559 07a4daf6fd44a80b5600f63235e8482d32a2f989 96b6c2acc1a0b54ff7ecf555b1856f93dff80c880c0a589c1e6fe636944b9bd1 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-WDC8W4LW	ScriptElement	211 kB	2024-12-20	2024-12-20
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-WDC8W4LW IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-20 16:43 Last Seen2024-12-20 16:43 Times Seen1 Hash 6521afc7565303d1a2f34241073a43dd 37fdbb60ec0c0a168967a9a6916f5ee58727f644 0da34ed95d15b7b1f635e4165ec1d156a2ae8870c3409deba84c4cd783292dcb Loading...

	www.googletagmanager.com/gtag/js?id=G-C9K99C6T3W&l=dataLayer&cx=c&gtm=45He4cc1v9135991281za200	ScriptElement	331 kB	2024-12-20	2024-12-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-C9K99C6T3W&l=dataLayer&cx=c&gtm=45He4cc1v9135991281za200 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-20 16:43 Last Seen2024-12-20 16:43 Times Seen1 Hash 4a0558fceda2f59a7e45855c5dfe90d9 81d094f5f2b8291dbcac9ccf6b34f992787a7d51 0a33da0e70c6d974e009e227d63627ebb4119bb30a6be931837724767e57f926 Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/intlTelInput.min.js	ScriptElement	28 kB	2023-04-16	2025-07-24
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/intlTelInput.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-16 08:36 Last Seen2025-07-24 15:04 Times Seen186 Hash bec2ce5bb7962581da9ed1294b5fa90f 106adc98ab4e63e6e7ba88cd08e70847b36f96c7 3d8976c77d9e1e49779d82a83efd68b4df1846dc3acefb64f8e6a4f274e5d42a Loading...

	cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/utils.js	ScriptElement	239 kB	2023-03-07	2025-07-24
Pretty URL cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/utils.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:45 Last Seen2025-07-24 15:04 Times Seen277 Hash 6cbc725386e043d896c9379c1c21a311 24f601db0688c59c0d8c43b5ff88081b144b638e 8171bc06dd2686fa266edbf806141c2aab2cacd093a0691ae61fa84f839b73d4 Loading...

	trade500intal.org/	ScriptElement	368 B	2024-12-20	2024-12-20
Pretty URL trade500intal.org/ IP 172.67.209.11 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-20 16:43 Last Seen2024-12-20 16:43 Times Seen1 Hash 01686fe098071edd7a353031bfd3b83c e96b4b11b35b0c75eac44234720ec633295e4abe 164b12ef25a286637b91f2064fbfddd944550b669215ad33affcb7f7474b1d2e Loading...

HTTP Transactions (51)

URL IP Response Size

GET trade500intal.org/assets/logo.webp

172.67.209.11

200 OK

2.2 kB

URL GET HTTP/3
trade500intal.org/assets/logo.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.2 kB (2200 bytes)
Hash
08cf3c3863bb21ef2b72479352bcae2a
a84d5d0086f8a82a6d76d0bbc94ef8498c109725
64a79b40a4af244517c849c7fe8addd2e3c8c1e9574559ecd13aac9d03967b7f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/logo.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/webp
content-length: 2200
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-898"
expires: Fri, 19 Dec 2025 16:51:56 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172262
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jfwv56NI%2FJ1dD5aVlykmM8VQI4ypCs%2BVFMa2ZP6moEiQ0PnPwHdA5gbKFgtw0ZvGCE8PIIZny8BD7BtiACo0UFOhs1QfRXkqwqWJnixECmoGvKHVFa4P%2BqrMAdI18alNuE80ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b55eef7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7090&min_rtt=5278&rtt_var=3273&sent=21&recv=19&lost=0&retrans=0&sent_bytes=4341&recv_bytes=4271&delivery_rate=112524&cwnd=12000&unsent_bytes=0&cid=96dea1a9cc111f51&ts=341&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/da.png

172.67.209.11

200 OK

251 B

URL GET HTTP/3
trade500intal.org/assets/icons/da.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
251 B (251 bytes)
Hash
59f0d08e30804839e320439b2f4d23fc
e2e1dfb2ba387c6119317d7a78dfdadce4bc16f0
2a16f797e58ecf36c8369c1ed5259da0f5a42b78de06723c788030be7acd89b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/da.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 251
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-fb"
expires: Fri, 19 Dec 2025 16:52:06 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172252
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FLCv7queSY%2F%2FHiMYHQY4fRefKnVUGYxVJ2xSm3DQPFirNs%2BTOL1ge77qN1%2F93gAaSzATrExH4TBcjAtDUnyS6Lt%2FAAm%2FWO0CzAW2a2w01IIxUIe4IXk8ggaegU9WPRp9ACD9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b56efe7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6934&min_rtt=5278&rtt_var=2768&sent=29&recv=27&lost=0&retrans=0&sent_bytes=7523&recv_bytes=6513&delivery_rate=9341&cwnd=12000&unsent_bytes=0&cid=96dea1a9cc111f51&ts=349&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/en.png

172.67.209.11

200 OK

3.7 kB

URL GET HTTP/3
trade500intal.org/assets/icons/en.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
3.7 kB (3693 bytes)
Hash
a16411b04b03b3c325049ff7b3b0072f
4aca6465e46584209ed9349dd971b22fe62fdcff
e2fbc2ab0f9373519f74d3a02af0a485579766143d57c6691787ea585295e60a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/en.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 3693
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-e6d"
expires: Fri, 19 Dec 2025 16:51:56 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172262
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sKXKx0BCrdYivQV%2FzQdYUokFgcoJyhSqho5nnkq810MBpsI1p3YYdY7tBxI%2BlZxhNTR34nRI6EfwzvTQKhfkBQcewfN6ZuuLCSdzoWBUk4Hd9xkFMwYfcdp%2FR%2BLH7PrJhIVggQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b55ef27131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6934&min_rtt=5278&rtt_var=2768&sent=31&recv=28&lost=0&retrans=0&sent_bytes=8554&recv_bytes=6793&delivery_rate=9341&cwnd=12000&unsent_bytes=0&cid=96dea1a9cc111f51&ts=350&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/in.png

172.67.209.11

200 OK

2.0 kB

URL GET HTTP/3
trade500intal.org/assets/icons/in.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.0 kB (2003 bytes)
Hash
ba6f4e076b48155d51f6afbf51a86a96
16dfc0a66551592f57f9fc87a1fdb5b6eefa26ee
dc8e41f700bc22d983d8e6924372cf9bcff3da75766ff7962d11d955fbd3b0ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/in.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 2003
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-7d3"
expires: Fri, 19 Dec 2025 16:52:08 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172250
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YIATuhOMAVSWrWwv6d5bmIDFsm46X9R%2BMXBWaZNRipd%2FAbpgBkgqQuDRh4sSxNswnUQI9x%2F3rcrb8Y3E3tLr8ZrSbQz9EvC10ZWCixwlHslitlRlgDVzSLnaFi7iZXxNiX2vCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b56f1c7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6934&min_rtt=5278&rtt_var=2768&sent=35&recv=28&lost=0&retrans=0&sent_bytes=13081&recv_bytes=6793&delivery_rate=9341&cwnd=12000&unsent_bytes=0&cid=96dea1a9cc111f51&ts=351&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/fi.png

172.67.209.11

200 OK

419 B

URL GET HTTP/3
trade500intal.org/assets/icons/fi.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
419 B (419 bytes)
Hash
48ff34927f2f6eeccc987c9347fc5df6
619a9e68fe8317f44c99e742df7eb334dc56dfa2
4b5938e17ee6642b79e507a7783576c35d0756ce672a48ffba492d3ba448449d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/fi.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 419
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-1a3"
expires: Fri, 19 Dec 2025 16:52:07 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172251
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OsLjyx%2FDkhf6%2BhvBk0%2BV%2B6nbKs8yMhhi1H4aW69bhQlszEeDA5pjsNSnkKVeaF20XpdroA1fTq%2B9G7PulDqBevUZfpQbjL7MqYUshKLe%2B1eEjI5YWnExqv%2BkmGcNLO25SILdhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b56f077131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6934&min_rtt=5278&rtt_var=2768&sent=38&recv=28&lost=0&retrans=0&sent_bytes=15889&recv_bytes=6793&delivery_rate=9341&cwnd=12000&unsent_bytes=0&cid=96dea1a9cc111f51&ts=353&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/jp.png

172.67.209.11

200 OK

2.3 kB

URL GET HTTP/3
trade500intal.org/assets/icons/jp.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2300 bytes)
Hash
637fab2b8368e5155ef33ae81628ef2c
1503ac1eca67b8fb50da950b9223676adde81943
2ba674e9ba937c063f83f3e473027918ec3a9c156a56599945b4511d082463b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/jp.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 2300
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-8fc"
expires: Fri, 19 Dec 2025 16:52:08 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172250
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xv7oreyOHeI94etzn2X0iBGJeiPc%2BKIqXHQRdxPEBdNzenkx0JFf3viuDXzfgFR5FzFSPXqLojFGd%2BEttwq46B6sufVt9tde6bBCBXqxQPbva5cfSGYiP4eGbJkia7NtELI3eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b57f247131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6934&min_rtt=5278&rtt_var=2768&sent=39&recv=28&lost=0&retrans=0&sent_bytes=17063&recv_bytes=6793&delivery_rate=9341&cwnd=12000&unsent_bytes=0&cid=96dea1a9cc111f51&ts=353&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/

172.67.209.11

200 OK

13 kB

URL User Request GET HTTP/2
trade500intal.org/
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8221)
Size
13 kB (13411 bytes)
Hash
94f072b446fc31abb5503bff9dafc061
6d8bb2db0a913dbfb6ab55c054522bfe882fc43d
2d09e912ec4ea2c6fea1712a004bf9600a2b7fb14188c93f74d1957c8711ca88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4nyNoHCar%2BfWmFcX9VhgwFN5DpEGwqlDKN8X6AnCIrMkwOT9eWfg0ARC3UaILnbTC8s4MhyE7CyfqpTBHioKjVSvMZA1vDG%2BbGHzqosRtOb5oE5YisrVoN7ssZC%2BBClHweqE5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5116b269be0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5900&min_rtt=432&rtt_var=10920&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3289&recv_bytes=1248&delivery_rate=7362711&cwnd=252&unsent_bytes=0&cid=d28f8607902d1575&ts=148&x=0"
X-Firefox-Spdy: h2

GET trade500intal.org/assets/icons/gr.png

172.67.209.11

200 OK

2.7 kB

URL GET HTTP/3
trade500intal.org/assets/icons/gr.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.7 kB (2745 bytes)
Hash
50149f3d3a8af9aff955dda43485a36e
df47be32471bea0d7f0f4a32bcb6960a9e71b415
3adda58caec30c844fcc6deb151f9a5d57b9c6c38ef0930b0bca899a4f10b68d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/gr.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 2745
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-ab9"
expires: Fri, 19 Dec 2025 16:52:07 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172251
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MnkUy94YRvjKt%2FYY5ICyuLJrSPqsESyvG2Qg%2Ft9mmjFYNhKXWf3hqyCRNYodjpxvTLAIDAy9VoSddkQMUlFs8M2hcCsy%2BBXXdaFZ9y1bISktdWWbq7u9XRKzcEijsGvNasrdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b56f157131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=45&recv=36&lost=0&retrans=0&sent_bytes=20249&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=362&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/it.png

172.67.209.11

200 OK

112 B

URL GET HTTP/3
trade500intal.org/assets/icons/it.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
112 B (112 bytes)
Hash
0920e0f318cbc4d7c9c9fe78148eff07
244e7c6a0809182624b230209535fd56a4d10391
ff5cc900a03ba70d608c503e4a6c03f6cb86f8c1f975b249495d512608fd8d2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/it.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 112
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-70"
expires: Fri, 19 Dec 2025 16:52:08 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172250
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2B7%2BmO%2FHrvf7i6XceyG%2BzeNP6JHj8xA2DNQL3EdsxayEBf11E4%2FsHFYvBAQ%2FHHyuhDIjklWcPGBxZapsTkpyuVwi6NsHTC6Znpt4gFYumfkhdc%2BvfdYRIn23c84%2FTtTTdyLA8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b56f1f7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=48&recv=36&lost=0&retrans=0&sent_bytes=23694&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=363&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/pl.png

172.67.209.11

200 OK

166 B

URL GET HTTP/3
trade500intal.org/assets/icons/pl.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
166 B (166 bytes)
Hash
289e75b9d83687783b74a5cc73bbc540
b4fdeb0c9f27b7ffac663d299de65d001a81fc43
b33c524786004dec4a21b87f190f2269e4867afe743e76e92257fbd80c8b6653

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/pl.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 166
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-a6"
expires: Fri, 19 Dec 2025 16:52:09 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172249
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aVgCeVjPC3QB7U4tjxl%2FZOJjoBc9%2FdeWJYIcq0GazeASlpFV2%2BKjDDUKEA7Z%2F3UcyDltExb%2BPQwTOZbi4ULvP9JZ9%2Fp4F8XrKNbGWR%2BRYpDACiaNQhjIA32ldsovTWWZf0UOqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b57f2f7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=45&recv=36&lost=0&retrans=0&sent_bytes=20249&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=362&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/sv.png

172.67.209.11

200 OK

299 B

URL GET HTTP/3
trade500intal.org/assets/icons/sv.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
299 B (299 bytes)
Hash
5038aab7b509086316efa0ba41ac29f3
41eeb7f50c7b2f36e8547b2f71d33c1a9a867d94
5ee163817f52cfdca1013b84473936b4666dc3e42e2931f21fb093d3a024cd7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/sv.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 299
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-12b"
expires: Fri, 19 Dec 2025 16:52:09 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172249
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=41dofLlhZlNJwjXWi7zHVojedYu0T54Hj9qXFzLA8qAHHXwkseUbR0UcWZmJFmZlvr9O%2ByZqVAg0fZht6tRp%2BCftTRzZMxq7j7QPfJh%2Fjmp3HgkMmet5cFQjXzQ7%2BksMgcSEVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b57f367131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=45&recv=36&lost=0&retrans=0&sent_bytes=20249&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=362&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/tr.png

172.67.209.11

200 OK

2.9 kB

URL GET HTTP/3
trade500intal.org/assets/icons/tr.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.9 kB (2901 bytes)
Hash
31e5709a7795b1264067087c5283b86c
3523e074484df68d8d4d6830d3d0d9c68438b10f
6a1872aaeedce73aabb063ebf9746245fc6a89ad7374c9ed29a9308476e6dbf7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/tr.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 2901
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-b55"
expires: Fri, 19 Dec 2025 16:52:09 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172249
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0A8Pvi%2BQp8svdvvBMXijT1rnwDq6WbP1oYXexXx1s69%2FYK7Zb6u5R%2BpuY8j%2FOlu3Fb4rYo9LK7kwdzcg9kPyFPRrJms%2Fq%2BoLEqoCNU9LqyTzU%2BA2YXLlpRIdLHCc%2BTcrD4K4WA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b58f3e7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=55&recv=36&lost=0&retrans=0&sent_bytes=31237&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=366&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/img-2.webp

172.67.209.11

200 OK

14 kB

URL GET HTTP/3
trade500intal.org/assets/img-2.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 230x179, Scaling: [none]x[none], YUV color, decoders should clamp
Size
14 kB (14224 bytes)
Hash
029a83cef63e9601e6b92b23365bc68b
a34722f0463656b73e07c0f0fd1ac0ea01392883
8e1c757702ab86931551b631340fd6b52ba7d13a61d1472819700ad93a95cca2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img-2.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/webp
content-length: 14224
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-3790"
expires: Fri, 19 Dec 2025 16:52:10 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172248
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWFvQQxvfzoNujmnbr7HLiMdKpeFIje1UtF0wmuvVvNPTNbQor%2FeODaz9rCsbIvqS65hszLyHQWY75Jv0%2BqAisPSu1IwacgfsbHrTJ8bzAeDDV8GEfD7fB4QUmFJ3NKTJ%2Fc0sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b58f4c7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=64&recv=36&lost=0&retrans=0&sent_bytes=39449&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=373&x=1", cfExtPri, cfHdrFlush;dur=21

GET trade500intal.org/assets/img-1.webp

172.67.209.11

200 OK

29 kB

URL GET HTTP/3
trade500intal.org/assets/img-1.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
29 kB (29076 bytes)
Hash
6b539631d721a5a3071ed97c13802e2d
63892672de3fce277027330ace0430dea0f7a351
738ef5e6afa21c4cfe7c1f81a2f369d9334937f771ebda5758846247c01f2915

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img-1.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/webp
content-length: 29076
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-7194"
expires: Fri, 19 Dec 2025 16:52:09 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172249
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ODoFSzyQFc6DrQrAxunjLgRzxGIsYn4u3F2gtG7gRIIMwTmgJqBOzzXezYgikvOOD3c0m1YJ0bo6OfKWBDeeq5CC9joJdLZpTLpLN7CgQ%2F6bR3Bn0iMzqVBirMDSpW6z34Lu2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b58f4a7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=61&recv=36&lost=0&retrans=0&sent_bytes=36293&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=369&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/main-bg.webp

172.67.209.11

200 OK

130 kB

URL GET HTTP/3
trade500intal.org/assets/main-bg.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x901, Scaling: [none]x[none], YUV color, decoders should clamp
Size
130 kB (130008 bytes)
Hash
76084f8041b9163534c1065f6c7c8851
4faa4199bac7e7ee90e6208e886d2112c8a62cb2
78f16c8ab8dc7b7deffaa7db016227853e804592dae0ac1abdab2c161faf328f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/main-bg.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/webp
content-length: 130008
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-1fbd8"
expires: Fri, 19 Dec 2025 16:52:05 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172253
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZmIi0QD59oCIJkwosFlIWWfn4r8xhhpnV9DZXb8UDftsmZ49b5XdhLSAVy5JGA2Ui2l9dO34JUQbhwBHAFl%2B7h0m4S5kEf2U8ggylwAzl9btwnxpL3LTImhNKu5N1sAvq%2Br0tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b58f517131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=64&recv=36&lost=0&retrans=0&sent_bytes=39449&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=372&x=1", cfExtPri, cfHdrFlush;dur=25

GET trade500intal.org/assets/half-1.webp

172.67.209.11

200 OK

29 kB

URL GET HTTP/3
trade500intal.org/assets/half-1.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
29 kB (29320 bytes)
Hash
053ee6e2bc660aae3a4cd9e086b18fb9
d152900665f5bf6c3a1911e3bd968f16e6482312
908672c4242f6e7414705593352b3b6a710ddc4f2aecbf356d39802dad34278f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/half-1.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/webp
content-length: 29320
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-7288"
expires: Fri, 19 Dec 2025 16:52:11 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172247
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NM7rbyEL%2BvfC0DAVSdi3c4IfE3VELNJc5nDF9F7VQYK82CgxHi3XU%2BO%2BV2yZ%2Bhmrh2Ic0OUe7xF94SO2mcuLbkZk9x4HXy%2B0Y8nI%2BvdYgLU%2FQT03Gv1BIhkk%2B8fHq35jOZjAWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b58f537131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=64&recv=36&lost=0&retrans=0&sent_bytes=39449&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=371&x=1", cfExtPri, cfHdrFlush;dur=29

GET trade500intal.org/assets/icons/br.png

172.67.209.11

200 OK

3.3 kB

URL GET HTTP/3
trade500intal.org/assets/icons/br.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3322 bytes)
Hash
9bc6ab3e72eb46ed28ee648f2e51113f
4ffbdcb1ce2f5f998ee80ab7bfd09ea88876806e
e57b6f2204a43e8de7285b3ea751b9a465a25bb605b2ab34e7e6e7813ec15d2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/br.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 3322
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-cfa"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=89amt99xoVRP%2BwBC7vMQH1HaEb72lt1rR5NuUn%2FF6xZ92ruju56jXL5qgFOlIiZ3s6ICCc2XxAQWordgPf2DEPAplhXrkvmNjU2u7cHK%2FmmNoBN%2BD2jW6YvGZguxFy1EncpefA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b55ef57131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5263&min_rtt=2252&rtt_var=2948&sent=280&recv=40&lost=0&retrans=0&sent_bytes=291019&recv_bytes=10148&delivery_rate=19811009&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=436&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/cz.png

172.67.209.11

200 OK

465 B

URL GET HTTP/3
trade500intal.org/assets/icons/cz.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
465 B (465 bytes)
Hash
fe60526efe2757605be677193a77ab2b
649a95a8477ee3325ec8ec9c983f824eb6d35b35
2ba6d732f2303adccf0ef6c1bd4a663b470e364f9cc8de279946b7b817033a2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/cz.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 465
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-1d1"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
cf-cache-status: MISS
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWkrrC4Dt8YuHokWSmr1NS9fCmG2bn4BrDtvf5ebV842rUkB0DHfcnWYYMbIJl0%2BhdURHWyoQzr4%2F6Yo9dr91gJ%2BC7xBy3WAY1%2Fjua56IXeAl2ZkI7HK%2F360m1Wh3byHqMEN9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b56ef97131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5263&min_rtt=2252&rtt_var=2948&sent=284&recv=40&lost=0&retrans=0&sent_bytes=295172&recv_bytes=10148&delivery_rate=19811009&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=439&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/fr.png

172.67.209.11

200 OK

2.0 kB

URL GET HTTP/3
trade500intal.org/assets/icons/fr.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.0 kB (1995 bytes)
Hash
c5dc8d7c0b39a7ecc086abe057db616f
9fe244dd049d2aab8c1afbc34511cf683b81b265
bfbdf618fb5d0425ec374c00f5da8a9a426f6425abcafd901cc0f921e66ac341

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/fr.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 1995
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-7cb"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwgidiHHpe9ZfHe89FtcT3MAQEkjHSVG8PIFBVYPoAAI3BmFVrHPuQmf7hk%2B7t42NF7nS7gtOAOvYIIRMtiy%2BQYTo9XnFoFrDNpNvSQ07QXySLkwbk%2BUuNMV4e2NkPD5%2FmQX4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b56f0c7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5263&min_rtt=2252&rtt_var=2948&sent=286&recv=40&lost=0&retrans=0&sent_bytes=296415&recv_bytes=10148&delivery_rate=19811009&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=441&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/es.png

172.67.209.11

200 OK

266 B

URL GET HTTP/3
trade500intal.org/assets/icons/es.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
266 B (266 bytes)
Hash
49937d907fc263c01fedcf3e435a3868
d4c3c4bc48826a687ecb37ef0075295c6164f9e3
2bb28edd74862b4f070d3d19d35a898ac0e0595586231605688abc9ccd5ca884

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/es.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 266
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-10a"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q9KzccX7MTrqm2k9CwhQQSVdMdvc88gBM7huBm1RH3hz5FBtHh%2FXg6qN%2BA%2Bpf%2BTK3yi0uyIPxT4a6YM%2BJb4dOoBhK2Wvddp7hc%2Fy19Z9R6czXqTJwHDkE20dDH%2FZwjwJWLWfFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b56f027131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5263&min_rtt=2252&rtt_var=2948&sent=289&recv=40&lost=0&retrans=0&sent_bytes=299217&recv_bytes=10148&delivery_rate=19811009&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=442&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/de.png

172.67.209.11

200 OK

109 B

URL GET HTTP/3
trade500intal.org/assets/icons/de.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
109 B (109 bytes)
Hash
42a362a1f8ada846e81796767b3d9d12
05e8d6e8735da5060612a24375dc849468f13412
c049c000f26fc97af73451b93e7e158fedd7620b6b51b1acdbb0969d3330bf5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/de.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 109
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-6d"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xx%2FzR2Mj1UuTRdg62fG1qtuzJ%2ByeetHAQrC6ARCIcEVEutIuPHkACCUfH8u5%2BoUCR8FziGnMQ5rHFAB8ITAcqRXyFy361eVgRi%2FEHMaDLaSIV3xP7%2BEeKdmNEduuTMZbMOPHHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b56eff7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5263&min_rtt=2252&rtt_var=2948&sent=290&recv=40&lost=0&retrans=0&sent_bytes=300239&recv_bytes=10148&delivery_rate=19811009&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=442&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/hu.png

172.67.209.11

200 OK

2.2 kB

URL GET HTTP/3
trade500intal.org/assets/icons/hu.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2177 bytes)
Hash
02f557c5721001c20a701354f8e85674
fbcd011a0632bdd2146740597759d36710c3613c
cb05342018c60e07e7d88ae581792027f0323c60eb8ad5bae1c535c728d00fe9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/hu.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 2177
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-881"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kFneJYAAxfxu0IbtbJOXd2s7wqfzvIc3i1MtPniM9ZPPD7%2BI4bU4V2aST4S5moj2cvvHzEJWnccHZ1YbXllZBqtK%2FyGQ4sst4bLV3E5ZbuBimNWqkVUZ8TDx78EiujEIvlLIFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b56f187131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5263&min_rtt=2252&rtt_var=2948&sent=291&recv=40&lost=0&retrans=0&sent_bytes=301100&recv_bytes=10148&delivery_rate=19811009&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=444&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/nl.png

172.67.209.11

200 OK

208 B

URL GET HTTP/3
trade500intal.org/assets/icons/nl.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
208 B (208 bytes)
Hash
fb67c89b248ab93cda8b457cd2249405
85f4be606611077c24626d86284daac1438be55a
5fd087a4533085a18cb2eeb185a7d5bb742dc7c239075f3a3777d692236cc9d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/nl.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 208
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-d0"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mG6%2BJZzxRVqP33jiC%2BICaHX%2BL5RbwIe%2B3uKcZ5SQaZztW2oiuiOWw7rU69%2BKn02HiZFxii6TeSZiG0whdqgvv97fSX2pJ2TPwtPXdEV94lvJWy5asv%2BimitOMjdFVdsV2hVtYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b57f297131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7027&min_rtt=2252&rtt_var=5737&sent=294&recv=41&lost=0&retrans=0&sent_bytes=304080&recv_bytes=10194&delivery_rate=1669675&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=447&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/no.png

172.67.209.11

200 OK

188 B

URL GET HTTP/3
trade500intal.org/assets/icons/no.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
188 B (188 bytes)
Hash
9ab247293b19eae218bec13f87864e53
30c04c539f61114e76d00c6b487b671b1114aa6c
4e30891e582a3005d2f5a19a679720ae37d8c104a369ac854a24a930e816e6ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/no.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 188
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-bc"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FyB99h2A4pIrECBkPCfZ7j79GiPbeHNPs%2B042qG9ONXxsvazq1ZVMxbi06wAaojiGtsIVDbfVadSNO6Zk2fFPYDUjUNITwh%2FRlsVJL810wm1BMCOSdmqseCZQyZlehG%2F7z%2Bog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b57f2b7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7027&min_rtt=2252&rtt_var=5737&sent=295&recv=41&lost=0&retrans=0&sent_bytes=305041&recv_bytes=10194&delivery_rate=1669675&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=448&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/lt.png

172.67.209.11

200 OK

2.0 kB

URL GET HTTP/3
trade500intal.org/assets/icons/lt.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.0 kB (2043 bytes)
Hash
de6bfa58388d68a465a785ab163e6f36
ef5f925b130ea98b2c206a9b7014fe6c9d21956b
f3d05bdf0def3efa50fc7c318451ad86e44309b88ce9e7a7496a3641a55131af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/lt.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 2043
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-7fb"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yigjlZcFqzkMDmp60kFu1SAfZrlM15%2FH0%2BNa4hLWnTOZj90ySBWMVHslzXA7xZA3AR2K38OCQDdZk%2F3lb0ocwJRu8%2F1AaPIfKyzeWHGFRAH%2B%2FEO9729J5jJm0g4nQtwqaxuW5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b57f287131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7027&min_rtt=2252&rtt_var=5737&sent=296&recv=41&lost=0&retrans=0&sent_bytes=305981&recv_bytes=10194&delivery_rate=1669675&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=448&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/ro.png

172.67.209.11

200 OK

2.1 kB

URL GET HTTP/3
trade500intal.org/assets/icons/ro.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2068 bytes)
Hash
c31d2f080db103a327b410512ec012be
9b48eb709dfc10aeb339358c3411f4d238b19531
457cbf3ddc70e0cac8bd889d00564f6a19588d6015883674576ee93dcd595146

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/ro.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 2068
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-814"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLgg9JtGz8ll1NK2omTGcoC08YlQErfgSGloxPZaxvik2X3n%2B76EnMZwYvgw1fC5GrQ%2FosFR9OTEF9ItPAqrD5ughZuwCu%2BalL6m3JyKUL8fCXw%2Be2475ar3k5uOR%2F0FwlDPXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b57f327131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7027&min_rtt=2252&rtt_var=5737&sent=299&recv=41&lost=0&retrans=0&sent_bytes=308833&recv_bytes=10194&delivery_rate=1669675&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=450&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icon-2.webp

172.67.209.11

200 OK

3.9 kB

URL GET HTTP/3
trade500intal.org/assets/icon-2.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.9 kB (3896 bytes)
Hash
f2576eff8aad5f3578a476afabf693cc
dd635c8aeb5d8476ede950b94fec969a591978d3
b9b05c1f9e3bc5764e1c72597893f1c6ad601a39b1f4919d3cc0d66b6c709aaf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icon-2.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/webp
content-length: 3896
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-f38"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2BjXPkgsSRLtoyu8LFjKW%2B9fZM57p8nzqjrp%2BOXcx3XqaVbJXnWltq6VUVmXWi86wcViq12Kdag5GXMfncktd4nj0pG55KkjNYWQ45S0v5ouqPS6Dikeeffe2vxyYdnPDYp3MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b58f487131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6942&min_rtt=2252&rtt_var=4491&sent=302&recv=43&lost=0&retrans=0&sent_bytes=311710&recv_bytes=10286&delivery_rate=493123&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=460&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icon-1.webp

172.67.209.11

200 OK

4.3 kB

URL GET HTTP/3
trade500intal.org/assets/icon-1.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.3 kB (4330 bytes)
Hash
1dcc1a58ebb2afe68f919e15be2e04a5
b0f5fcd198c42a051747e18e68dd1fe5a796f33b
9055d3745e0169770f48767f8d4b331678b408cb7b3a4f84184f6e3565c109cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icon-1.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/webp
content-length: 4330
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-10ea"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2FimQcxulin%2FgfOpniuUQET0F1TNTcC0bcZRg%2FV2sKhfFb2r3WDk6ZZ%2B%2FrpDo9EsT1EfnOErd%2FFTRn0aQMwd4ceYaLziTgoGBWfjqnzB3OwrmnrB8QIXrbMSCaIu1KCRH3ITog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b58f477131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6942&min_rtt=2252&rtt_var=4491&sent=306&recv=43&lost=0&retrans=0&sent_bytes=316450&recv_bytes=10286&delivery_rate=493123&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=461&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/video-image.webp

172.67.209.11

200 OK

106 kB

URL GET HTTP/3
trade500intal.org/assets/video-image.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 831x584, Scaling: [none]x[none], YUV color, decoders should clamp
Size
106 kB (105722 bytes)
Hash
73f7d60123f6e1b0e8cdb6733f6827c4
25687e9537660da703b8f2fd1d501ca94a3d96f0
c737f8cf6b4e19768a216d47729b9e382fed5a9aea49431f67d66ba5cde5a2de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video-image.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/webp
content-length: 105722
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-19cfa"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9iBHhbQYjpJHQiYKqPthIK5zS9jOxkniQoRcA%2F1UaLQG1u8R4oqT16iHxkYnojxFHaZAfJVrFKAYChOjEmDDzZYPHLgfDJOcfFv0J46niPC5ZRxrcr83miDCIr6IUse3yVXgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b58f407131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5146&min_rtt=1405&rtt_var=4596&sent=321&recv=46&lost=0&retrans=0&sent_bytes=332715&recv_bytes=10421&delivery_rate=7240963&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=516&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/half-2.webp

172.67.209.11

200 OK

24 kB

URL GET HTTP/3
trade500intal.org/assets/half-2.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
24 kB (24250 bytes)
Hash
08524b38677dc64c891ed649587fa494
14a8093beee6c2dff5bd94d73e873bf2fc1ed2eb
da479e0773ba81510413b7be106dde87788f092aa169369cf205208e12400b44

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/half-2.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:59 GMT
content-type: image/webp
content-length: 24250
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-5eba"
expires: Fri, 19 Dec 2025 16:52:12 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172247
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxxr3UbcnkfSc9HRXN%2FLxdaw4Ox1p1ChNVDWu9Gt3Cka4dt7yT%2FYkHfYw89MQUJGkVVtJbC6KTVSpi%2B%2BNA11My%2FYmY5gxZA5Im%2F9XTstuJzUZMlkPdIkkdS%2B9KXpz%2BVFN0uiyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b749837131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4620&min_rtt=1405&rtt_var=3408&sent=418&recv=54&lost=0&retrans=0&sent_bytes=442051&recv_bytes=12473&delivery_rate=15945944&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=651&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/half-4.webp

172.67.209.11

200 OK

45 kB

URL GET HTTP/3
trade500intal.org/assets/half-4.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
45 kB (45294 bytes)
Hash
fbf51bf9a06ef21d63bd905ed7ee163a
24e0d62493cd61ef1f611d3f1f9a7ca23d3836d9
d2420db4cb3b315204815d9790d0fba0888033d45aa544d7b1c1caa90bc33089

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/half-4.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:59 GMT
content-type: image/webp
content-length: 45294
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-b0ee"
expires: Fri, 19 Dec 2025 16:52:12 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172247
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TwrdeWUye8HJDbYpb%2FqmsXqHpnQYuNZ9JmHdEcESk2lzCJZPfzmsKDOUwsfIcnvxmj8dwC0b3VeC%2FX0qpUCs5QGag4NXLDiSHzkr%2BYIqHBfGZ56dxSDiK4rsfLlT69ON8ZXMGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b759877131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4620&min_rtt=1405&rtt_var=3408&sent=440&recv=54&lost=0&retrans=0&sent_bytes=467691&recv_bytes=12473&delivery_rate=15945944&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=653&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/bg-image-1.webp

172.67.209.11

200 OK

9.0 kB

URL GET HTTP/3
trade500intal.org/assets/bg-image-1.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x461, Scaling: [none]x[none], YUV color, decoders should clamp
Size
9.0 kB (9000 bytes)
Hash
0cfa79acd2c771f16bd5c8db9ecd19e1
88364005adb6efe690336193c73423a423e2dbf6
88ea6f64b915efa18bd10147baf1b9e2fc8881f67568c81e273f0c273823afa0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/bg-image-1.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:59 GMT
content-type: image/webp
content-length: 9000
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-2328"
expires: Fri, 19 Dec 2025 16:52:12 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172247
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MlenKFnhjc%2B5RjPYINuDjSPvZWBPHPQG%2FV%2FbwLpuAp5mlOw8uWND5GC%2B0Lq09kGBwcBRBoRfYm1afqw5OwdAWHO67PXXB0dGAR5tCmOcRq9RL5L4cQSnluSrI5PaI6oVgWrIug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b7598a7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4370&min_rtt=1405&rtt_var=3054&sent=480&recv=55&lost=0&retrans=0&sent_bytes=514905&recv_bytes=12519&delivery_rate=2168582&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=656&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/main.js

172.67.209.11

200 OK

110 kB

URL GET HTTP/3
trade500intal.org/main.js
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
gzip compressed data, from Unix
Size
110 kB (109470 bytes)
Hash
7c7625338d1f665780dad71ddbda6786
4b2d70fea4af7a65d1f1728aa2e7f1ff6eaded7d
f182ebb833bc5ae7481b2921ac3c74e3dcde37f6c500a5f44004835975c97ae3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main.js HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
vary: Accept-Encoding
etag: W/"675af481-1da7d"
expires: Fri, 19 Dec 2025 16:51:57 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: HIT
age: 172261
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8YJYPZZoyRGD264Gfibig88s4hg%2FZJEU63r6VVOMQHmOtxujXADVy9kVmwX0XTDf7kqTNfHN3d7gbvHO0lT4ECIVNeU3fN2y0ocig%2FIxsoFvigKUswYeJ%2BAAiYgP79ekAuDPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5116b58f507131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=64&recv=36&lost=0&retrans=0&sent_bytes=39449&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=377&x=1", cfExtPri, cfHdrFlush;dur=17

GET trade500intal.org/assets/half-6.webp

172.67.209.11

200 OK

20 kB

URL GET HTTP/3
trade500intal.org/assets/half-6.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
20 kB (19472 bytes)
Hash
dda663037edb8be1304b5e1796c7bd9a
232ccb1c38a4a37c003acf7f11c046bc93330ad0
be7e1e801b90c366522d879084808ccf4498b2d15a7cd0b0d9d07f71167615c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/half-6.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:59 GMT
content-type: image/webp
content-length: 19472
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-4c10"
expires: Fri, 19 Dec 2025 16:52:13 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172246
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hks51JxBk4EYJ1dC3mrPE3UE3K5Wh6ALvu74GwlsYNzU3Li0lANz6vKPfPz4I3EOcBQKQhSam24vJ88KrZYvlLZmvMLD4cn7tG4hXDbZKFXWdXcZovhWr5ijWZnwczJNjBCpgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b759947131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4002&min_rtt=1405&rtt_var=3027&sent=548&recv=56&lost=0&retrans=0&sent_bytes=594933&recv_bytes=12565&delivery_rate=6157184&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=660&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/bg-image-2.webp

172.67.209.11

200 OK

24 kB

URL GET HTTP/3
trade500intal.org/assets/bg-image-2.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
24 kB (24176 bytes)
Hash
931053e7100e86c9f2030baff1c36966
a5b14b10f1881e9a9431b1727a76cc8fee0af87b
23d8cf0aad038379bb6ed6b77115b779278b15c08193f97bca25affc660ebaac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/bg-image-2.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:59 GMT
content-type: image/webp
content-length: 24176
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-5e70"
expires: Sun, 21 Dec 2025 16:42:59 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjSv5SEsO7MxmBxiZf0r%2FaSKDxvCL%2BQ9M%2F2xsRlqcWJsCm7mLN7F7Ke5dqUYuBmihFolc8BXShAmOXYNUYioG432Ac4INOHuYVIdW9ZU2RuR%2F7uHzXtTEfkTo0AvevE7ecfmqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b759917131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11062&min_rtt=1405&rtt_var=13719&sent=568&recv=58&lost=0&retrans=1&sent_bytes=616891&recv_bytes=12656&delivery_rate=1749429&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=778&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/half-3.webp

172.67.209.11

200 OK

37 kB

URL GET HTTP/3
trade500intal.org/assets/half-3.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
37 kB (37312 bytes)
Hash
e81ea40d045f610ff2fd5df6cd675e50
a39ff80021eaf8e0846a49e9b3b0bf23ad98e071
5bad1ba6160ab388ec1ed949e7609cd3d0baf00a622800f0c8a96d9cdedf0b6a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/half-3.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:59 GMT
content-type: image/webp
content-length: 37312
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-91c0"
expires: Sun, 21 Dec 2025 16:42:59 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qi1%2BdNWdKmxsGKYELUXe04q3a4kbKE3Tgb6OQuxgRk0hqwSYMjutSYSJgZN4mw%2FC8ui2Q8G6s10pGn%2FVsuursdMKlYLu5FYxlIAs6kCDCoF5GJuOT95AZE79W7Jbf6l2ISL3nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b749847131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10161&min_rtt=1405&rtt_var=12092&sent=590&recv=59&lost=0&retrans=1&sent_bytes=642438&recv_bytes=12702&delivery_rate=4273838&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=863&x=1", cfExtPri, cfHdrFlush;dur=0

GET fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0
Size
31 kB (30928 bytes)
Hash
57cf39e316b7e79e7cd2c70bdd01c8a0
3cb638f40c93c286c90f8b3bbc179ecd9fd182a5
fab57614b562fa655d1663afa2720078a3b016e0fd780cf7305c06338642516f

HTTP Headers

GET /s/montserrat/v23/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://trade500intal.org
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Dec 2024 18:55:28 GMT
expires: Sat, 13 Dec 2025 18:55:28 GMT
cache-control: public, max-age=31536000
age: 596851
last-modified: Thu, 03 Feb 2022 00:12:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET trade500intal.org/main.css

172.67.209.11

200 OK

85 kB

URL GET HTTP/3
trade500intal.org/main.css
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
gzip compressed data, from Unix
Size
85 kB (84579 bytes)
Hash
863121d3fbb53ead1e768b3a04f64632
523e9319016faa4491d2a0f3bab0a2b8ce8b555f
ba6aa7c988318b811c82a3c4e5ba4f405ef76613444a446051655a5be83d0e9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main.css HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: text/css
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
vary: Accept-Encoding
etag: W/"675af481-d56d"
expires: Sun, 21 Dec 2025 16:42:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Ge69dcO4522n2YDJ9QsppUA9mTlx9Bz6k9CeFOpZMqzTkROxnYZhsFkurlvRYOLL09sxH%2FPOr9g2rf%2FNVGZUryf2WPktH0eKkYl3uXKpX0qlLemf3yeS6a2tRSJ5JtW1v%2FH%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5116b58f4f7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5663&min_rtt=1405&rtt_var=4749&sent=311&recv=45&lost=0&retrans=0&sent_bytes=321655&recv_bytes=10376&delivery_rate=6324115&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=467&x=1", cfExtPri, cfHdrFlush;dur=0

GET fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0
Size
31 kB (30928 bytes)
Hash
57cf39e316b7e79e7cd2c70bdd01c8a0
3cb638f40c93c286c90f8b3bbc179ecd9fd182a5
fab57614b562fa655d1663afa2720078a3b016e0fd780cf7305c06338642516f

HTTP Headers

GET /s/montserrat/v23/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://trade500intal.org
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Dec 2024 18:55:28 GMT
expires: Sat, 13 Dec 2025 18:55:28 GMT
cache-control: public, max-age=31536000
age: 596851
last-modified: Thu, 03 Feb 2022 00:12:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0
Size
31 kB (30928 bytes)
Hash
57cf39e316b7e79e7cd2c70bdd01c8a0
3cb638f40c93c286c90f8b3bbc179ecd9fd182a5
fab57614b562fa655d1663afa2720078a3b016e0fd780cf7305c06338642516f

HTTP Headers

GET /s/montserrat/v23/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://trade500intal.org
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Dec 2024 18:55:28 GMT
expires: Sat, 13 Dec 2025 18:55:28 GMT
cache-control: public, max-age=31536000
age: 596851
last-modified: Thu, 03 Feb 2022 00:12:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-C9K99C6T3W&l=dataLayer&cx=c&gtm=45He4cc1v9135991281za200

142.250.74.168

200 OK

110 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-C9K99C6T3W&l=dataLayer&cx=c&gtm=45He4cc1v9135991281za200
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintFA:A6:D6:5C:A6:DC:BE:D1:9A:34:42:70:3B:66:13:21:40:A4:C9:E4
ValidityMon, 02 Dec 2024 08:35:56 GMT - Mon, 24 Feb 2025 08:35:55 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
110 kB (109939 bytes)
Hash
4a0558fceda2f59a7e45855c5dfe90d9
81d094f5f2b8291dbcac9ccf6b34f992787a7d51
0a33da0e70c6d974e009e227d63627ebb4119bb30a6be931837724767e57f926

HTTP Headers

GET /gtag/js?id=G-C9K99C6T3W&l=dataLayer&cx=c&gtm=45He4cc1v9135991281za200 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 20 Dec 2024 16:42:59 GMT
expires: Fri, 20 Dec 2024 16:42:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 109939
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/intlTelInput.min.js

104.17.25.14

200 OK

8.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/intlTelInput.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26769)
Size
8.8 kB (8785 bytes)
Hash
93f6382d5133c281b06c0be5ca586758
2136ce1c821d370037d49d5a95c098ff7b57578c
a9bcec844760f8897f435bf95daede0d8096356344e3f45b634d95bcec64effa

HTTP Headers

GET /ajax/libs/intl-tel-input/16.0.8/js/intlTelInput.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Dec 2024 16:42:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 8785
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea6-6f5f"
last-modified: Mon, 04 May 2020 16:11:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2014505
expires: Wed, 10 Dec 2025 16:42:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6G5rJdZnTV2er6XhlRCKJEHocCAGib%2B0wqhXm55O4oNjqfSyoZb8VJkVKftI8ZRwinUwImzmPi2af5EXOrYC7kTIpDrj%2FvHWLamcFOcSpzyZBAYMDESZx23UQOCpZM3idBESOTvo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8f5116bc59f7568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/css/intlTelInput.css

104.17.25.14

200 OK

2.0 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/css/intlTelInput.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
ASCII text
Size
2.0 kB (1970 bytes)
Hash
a69aa970266649e0b08c2cb4bc166568
d9314a52085a2bb6d284421bb18a4c546ecb73d4
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

HTTP Headers

GET /ajax/libs/intl-tel-input/16.0.8/css/intlTelInput.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 20 Dec 2024 16:42:59 GMT
content-type: text/css; charset=utf-8
content-length: 1970
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea6-62a6"
last-modified: Mon, 04 May 2020 16:11:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4699180
expires: Wed, 10 Dec 2025 16:42:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2T6BeWbyBb4EYQVXvToJOfXCytwY9bJ13mgSfyEt15t0kg1r%2Bb9jMga6xM4RxL%2B4Ezm0Y0%2B9SpZ9VLPQkSu9lBR16PcTZ0iH%2FS3VfB%2FRwRN4U7Zf4FX2B%2FlSlw5563WF6lCRiMOL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8f5116bc69fe568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/utils.js

104.17.25.14

200 OK

44 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/utils.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
JavaScript source, ASCII text, with very long lines (1662)
Size
44 kB (44499 bytes)
Hash
6cbc725386e043d896c9379c1c21a311
24f601db0688c59c0d8c43b5ff88081b144b638e
8171bc06dd2686fa266edbf806141c2aab2cacd093a0691ae61fa84f839b73d4

HTTP Headers

GET /ajax/libs/intl-tel-input/16.0.8/js/utils.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 44499
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea6-3a59e"
last-modified: Mon, 04 May 2020 16:11:18 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5057823
expires: Wed, 10 Dec 2025 16:42:59 GMT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooXKd3K5afA%2B0Cr68NM6cHr%2BZQN62O4Wt9V1TAz75campHyld2QaZ6C4iBPOyJWm4ilkpyxF0V6qOE3S53XzhfpuU9jTPkb112nv%2B3Xd56WbE4YW5fOWFfBY3Zp0Q3mbOOHN91EN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8f5116bcdf14b517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET trade500intal.org/assets/flags.webp

172.67.209.11

200 OK

38 kB

URL GET HTTP/3
trade500intal.org/assets/flags.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
38 kB (38284 bytes)
Hash
6f1a77290dd430a55b1e92c49054dd15
a0e3a2209fe1ab512b04d21cc75911f151feda7e
04dc27defddb019429dd7fac572bd67c438279474c20e52a400a1b49e45316b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/flags.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/main.css
Cookie: _ga_C9K99C6T3W=GS1.1.1734712979.1.0.1734712979.0.0.0; _ga=GA1.1.1050043061.1734712980
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:43:00 GMT
content-type: image/webp
content-length: 38284
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-958c"
expires: Fri, 19 Dec 2025 16:52:18 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172242
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omr4nzOMksX1BOFfUcidVJHBjk1jEb5wJ0Fz2ObQ4ro75qreVFJDoECgRFQab12rUmDTf2ZkHwFGLbJfjCOdC07EPkq5VJly9Y1Opw%2Fb8fw9XzLWXUCvwmU9lWUKU7odBypUpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116bd389c7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8158&min_rtt=1405&rtt_var=10279&sent=653&recv=63&lost=0&retrans=1&sent_bytes=714395&recv_bytes=13416&delivery_rate=236747&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=1601&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/favicon.ico

172.67.209.11

200 OK

38 kB

URL GET HTTP/3
trade500intal.org/favicon.ico
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
gzip compressed data, from Unix
Size
38 kB (37957 bytes)
Hash
75a785188c33bb8cc4491246e5197d40
ff21e61a3a1ba2c5d74df91d3952fca8a444da28
60b001c75cdea23c1ccc2494bdc9be03ce3634db0327ba06bcea5634d6b1238e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:59 GMT
content-type: image/x-icon
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
vary: Accept-Encoding
etag: W/"675af481-1b219"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1MBLEodSUFI5K3U7t9dRqiRvognUoRHYOzh%2FX8PhFB7Brnp24Ss7EGyocbLenBa7FNZPL3NexHwhYjo2t5TH5LSIO8bklgktngcOJajYPDodSadAQt0grzCQenm6sz3YSKiKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5116b9dc8f7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9104&min_rtt=1405&rtt_var=11182&sent=624&recv=61&lost=0&retrans=1&sent_bytes=681479&recv_bytes=13023&delivery_rate=10748730&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=1189&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.209.11

200 OK

1.2 kB

URL GET HTTP/3
trade500intal.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
HTML document, ASCII text, with very long lines (1271), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
40d981045a7516cdadd00e8dccc9c58d
8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3
71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 15:31:09 GMT
etag: W/"675318bd-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ao%2FlMq6mCENytXBsPpwhL07l7Opzm1ElNEdeag3mxf%2FHC1znDxc6vMpdVnn4ktRFFw3d%2FLR88jf75zn0buXCIZVK%2FO8ExM1LxUCyE8d1eR71c9t1SFH48QwMf4I4XPnIsMfavw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b58f4e7131-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 22 Dec 2024 16:42:58 GMT
cache-control: max-age=172800, public
content-encoding: gzip

GET www.googletagmanager.com/gtm.js?id=GTM-WDC8W4LW

142.250.74.168

200 OK

211 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-WDC8W4LW
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintFA:A6:D6:5C:A6:DC:BE:D1:9A:34:42:70:3B:66:13:21:40:A4:C9:E4
ValidityMon, 02 Dec 2024 08:35:56 GMT - Mon, 24 Feb 2025 08:35:55 GMT

File type
JavaScript source, ASCII text, with very long lines (2530)
Size
211 kB (210623 bytes)
Hash
6521afc7565303d1a2f34241073a43dd
37fdbb60ec0c0a168967a9a6916f5ee58727f644
0da34ed95d15b7b1f635e4165ec1d156a2ae8870c3409deba84c4cd783292dcb

HTTP Headers

GET /gtm.js?id=GTM-WDC8W4LW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 20 Dec 2024 16:42:59 GMT
expires: Fri, 20 Dec 2024 16:42:59 GMT
cache-control: private, max-age=900
last-modified: Fri, 20 Dec 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
server: Google Tag Manager
content-length: 74520
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET trade500intal.org/assets/footer/form/en/risk.svg

172.67.209.11

200 OK

1.0 kB

URL GET HTTP/3
trade500intal.org/assets/footer/form/en/risk.svg
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1021 bytes)
Hash
afe2676e04b3d9ba566bdff8951d2013
f8a62edb9953ce4589198f7c8a9fe5fb92b95e4b
c7a65770e11a7d2ff556240c70837fb462d3a56d6094d8feae96cb557eabbee9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/footer/form/en/risk.svg HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/svg+xml
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
vary: Accept-Encoding
etag: W/"675af481-3fd"
expires: Fri, 19 Dec 2025 16:52:11 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: HIT
age: 172247
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LmfMJB%2FTpskDYdAmuTaqueIqgPKWMWsV%2BktQRsSmZ2gymhFmnm%2FXZGItEkPeCCUDp21arGgbrnMl7k%2FTLiBXFLn7r4WQSe4Jk0q48k9zhIOhcKsSzo5j2bVoKsTAyoWF9EQBhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5116b58f467131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=59&recv=36&lost=0&retrans=0&sent_bytes=34984&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=368&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/half-5.webp

172.67.209.11

200 OK

68 kB

URL GET HTTP/3
trade500intal.org/assets/half-5.webp
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
RIFF (little-endian) data, Web/P image
Size
68 kB (67540 bytes)
Hash
d05973d44a507a3989e947c9dc8e6cfd
d9042f0da3ae431aabac62ae7c32fd8b99c4e7d8
f1e809c1812dfc608679c1a682ee02efe9468925f5c301657798e01f59f3ef1c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/half-5.webp HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:59 GMT
content-type: image/webp
content-length: 67540
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-107d4"
expires: Fri, 19 Dec 2025 16:52:12 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172247
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zaQQJ1EFAvGJXmWdnwMTtmQjFyq%2FxtWIf9oQGcMgXQPIb27dtSNLyjfhMh%2BwSWyRqbFX6wJoTOfLpHzMcVKXELEDPdfuf0lNnK6ZMFm0NRuebXWzwSQ1lnZhvkzfKTDPbHkifA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b7598e7131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4370&min_rtt=1405&rtt_var=3054&sent=489&recv=55&lost=0&retrans=0&sent_bytes=524899&recv_bytes=12519&delivery_rate=2168582&cwnd=208200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=657&x=1", cfExtPri, cfHdrFlush;dur=0

GET trade500intal.org/assets/icons/ae.png

172.67.209.11

200 OK

2.6 kB

URL GET HTTP/3
trade500intal.org/assets/icons/ae.png
IP
172.67.209.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://trade500intal.org/
Certificate
IssuerGoogle Trust Services
Subjecttrade500intal.org
Fingerprint50:3B:5C:4E:E4:F2:80:EC:2C:04:11:38:A8:90:21:33:69:95:2A:89
ValidityThu, 07 Nov 2024 18:09:39 GMT - Wed, 05 Feb 2025 18:09:38 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2636 bytes)
Hash
7e91c35e14525844d660075974817cb9
2f8e9f21f112cdd12c6cb6ffafca6882a8d854f0
b04c8b81bc009bd81239e19e6ef62930079bbd2ceee13d695754aa75b81bdbd5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/icons/ae.png HTTP/1.1
Host: trade500intal.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://trade500intal.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 20 Dec 2024 16:42:58 GMT
content-type: image/png
content-length: 2636
last-modified: Thu, 12 Dec 2024 14:34:41 GMT
etag: "675af481-a4c"
expires: Fri, 19 Dec 2025 16:51:58 GMT
cache-control: max-age=31622400
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 172260
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BBgUjg8RoHShKbtuapMVWoWN%2FVr7tjhtyxC5bj%2BczrDk%2BfczAugfWUoazyyjvC3miPhK1XYDbLD2L5i6oJLt4AiLnSVmvw4%2FQrk9v%2FNGwti78xfbPQaqiwcFkO6yEwvIKZSj0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5116b55ef37131-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6425&min_rtt=3542&rtt_var=2526&sent=45&recv=36&lost=0&retrans=0&sent_bytes=20249&recv_bytes=9966&delivery_rate=639973&cwnd=19200&unsent_bytes=0&cid=96dea1a9cc111f51&ts=362&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (51)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash