Report - ufyx22ah.top/index/user/register/invite

Report Overview

Visited public
2025-04-16 09:58:53
Tags
Submit Tags
URL
ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Finishing URL
ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
IP / ASN
70.39.119.100
#46844 SHARKTECH
Title
Cuenta registrada

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ufyx22ah.top	unknown	2024-12-26	2025-03-06	2025-03-06	8.8 kB	731 kB	70.39.119.100
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-04-16	912 B	24 kB	142.250.178.106
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-16	1.6 kB	211 kB	142.250.178.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed
2025-04-16	medium	ufyx22ah.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	ufyx22ah.top/red/jquery.cookie.js	ScriptElement	3.1 kB	2023-03-07	2025-07-19
Pretty URL ufyx22ah.top/red/jquery.cookie.js IP 70.39.119.100 ASN #46844 SHARKTECH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-07-19 05:20 Times Seen8258 Hash d5528dde0006c78be04817327c2f9b6f 31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8 b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8 Loading...

	ufyx22ah.top/red/jquery-3.3.1.min.js	ScriptElement	87 kB	2023-03-07	2025-07-19
Pretty URL ufyx22ah.top/red/jquery-3.3.1.min.js IP 70.39.119.100 ASN #46844 SHARKTECH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-19 06:19 Times Seen66038 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	ufyx22ah.top/static_new/js/dialog.min.js	ScriptElement	28 kB	2023-04-07	2025-07-17
Pretty URL ufyx22ah.top/static_new/js/dialog.min.js IP 70.39.119.100 ASN #46844 SHARKTECH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-07 00:16 Last Seen2025-07-17 05:13 Times Seen3420 Hash 5b00205ad1fe51bf8f61bcb3de292faa 4b12f988964d29bd82b14e71b86104a1a91b667b d1eef2b2ff683e089b9d124aa8090e174252e0894af20ae6d78fed7dc69744d5 Loading...

	ufyx22ah.top/red/swiper/swiper-bundle.min.js	ScriptElement	140 kB	2023-03-07	2025-07-19
Pretty URL ufyx22ah.top/red/swiper/swiper-bundle.min.js IP 70.39.119.100 ASN #46844 SHARKTECH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:20 Last Seen2025-07-19 01:46 Times Seen3342 Hash c4358cb63a4b96c5d71a2fb630871f30 be3b7d9d5bbd680d035f768345778d84eb08fe23 c26293076ae548cd0614c5946e9c16f34bd7810fd2f63deeaa28df61ce935229 Loading...

	ufyx22ah.top/red/bootstrap/js/bootstrap.min.js	ScriptElement	64 kB	2023-03-07	2025-07-19
Pretty URL ufyx22ah.top/red/bootstrap/js/bootstrap.min.js IP 70.39.119.100 ASN #46844 SHARKTECH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-19 05:43 Times Seen6511 Hash f0c2bcf5ef0c4476508d79ec9cdcce07 3beed68ed7d753c6bf4f61c26386ddd7929ba030 edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba Loading...

	ufyx22ah.top/red/popper.min.js	ScriptElement	21 kB	2023-03-07	2025-07-18
Pretty URL ufyx22ah.top/red/popper.min.js IP 70.39.119.100 ASN #46844 SHARKTECH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-07-18 20:57 Times Seen10679 Hash 56456db9d72a4b380ed3cb63095e6022 6dbce88aee15b42f29083df7a07513cf3b486ba0 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Loading...

	ufyx22ah.top/static_new/js/common.js	ScriptElement	2.1 kB	2023-03-07	2025-07-17
Pretty URL ufyx22ah.top/static_new/js/common.js IP 70.39.119.100 ASN #46844 SHARKTECH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20 Last Seen2025-07-17 05:40 Times Seen1322 Hash 406be4345cfb532036cad97a814bc41a 675d6a1546566c56cbfdd718373b19f26f79f3bc c086a692a01d650dccb602faf9fbea54f920546532821ad19cdefeb750eea586 Loading...

HTTP Transactions (21)

URL IP Response Size

GET ufyx22ah.top/index/user/register/invite_code/2V489P.html.html

70.39.119.100

302 Found

16 kB

URL User Request GET
ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type

Size
16 kB (16016 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/user/register/invite_code/2V489P.html.html HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: openresty
date: Wed, 16 Apr 2025 09:58:31 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; path=/; HttpOnly
think_var=es-mx; expires=Wed, 16-Apr-2025 10:28:31 GMT; Max-Age=1800; path=/; HttpOnly
cache-control: no-cache,must-revalidate
location: /index/user/register/invite_code/2V489P.html.html
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

GET ufyx22ah.top/index/user/register/invite_code/2V489P.html.html

70.39.119.100

200 OK

16 kB

URL User Request GET
ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2808)
Size
16 kB (16016 bytes)
Hash
f16065099f17052f3836aa4ba164d54f
c6909f17b473d5a410fdc65d9e3aab94256c5256
0759ef685c740683e3969150ba5fbfbe37ecc26327164d38cda04c9f345b1b97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/user/register/invite_code/2V489P.html.html HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

142.250.178.106

200 OK

22 kB

URL GET
fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint3C:2E:67:30:A6:95:F3:D3:61:49:AB:AC:BC:D1:CF:77:3E:33:8F:B7
ValidityThu, 20 Mar 2025 11:19:46 GMT - Thu, 12 Jun 2025 11:19:45 GMT

File type
ASCII text, with very long lines (1572)
Size
22 kB (22340 bytes)
Hash
1f909c4000109a6d5ae4bcd93d60cff9
a0ee88aefa18f7b4c1a0a69fff4bacccc77250dd
e03021bbfb5ae6e1dee9f03d868637c4e90af3fc5f445c520579fe8152521948

HTTP Headers

GET /css?family=Roboto:300,400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Apr 2025 09:58:32 GMT
date: Wed, 16 Apr 2025 09:58:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET ufyx22ah.top/red/swiper/swiper-bundle.min.css

70.39.119.100

200 OK

14 kB

URL GET
ufyx22ah.top/red/swiper/swiper-bundle.min.css
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
ASCII text, with very long lines (13663)
Size
14 kB (13921 bytes)
Hash
4d0619d7577a990881a0079718c5c92e
02553ae8ed1026ae5e1fe6cc5883fd42379e5e68
f9a55bcc80d6d8b2815299c5501cddaa8e5f3f697cdb8f5ce1e3e924097117ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /red/swiper/swiper-bundle.min.css HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: text/css
last-modified: Sat, 06 Mar 2021 08:40:02 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60433fe2-3661"
expires: Wed, 16 Apr 2025 21:58:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ufyx22ah.top/red/swiper/swiper-bundle.min.js

70.39.119.100

200 OK

140 kB

URL GET
ufyx22ah.top/red/swiper/swiper-bundle.min.js
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65278)
Size
140 kB (139961 bytes)
Hash
c4358cb63a4b96c5d71a2fb630871f30
be3b7d9d5bbd680d035f768345778d84eb08fe23
c26293076ae548cd0614c5946e9c16f34bd7810fd2f63deeaa28df61ce935229

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /red/swiper/swiper-bundle.min.js HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: application/javascript
last-modified: Sat, 06 Mar 2021 08:40:04 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60433fe4-222b9"
expires: Wed, 16 Apr 2025 21:58:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.178.99

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8
ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ufyx22ah.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Apr 2025 18:15:43 GMT
expires: Fri, 10 Apr 2026 18:15:43 GMT
cache-control: public, max-age=31536000
age: 488570
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET ufyx22ah.top/favicon.ico

70.39.119.100

301 Moved Permanently

13 kB

URL GET
ufyx22ah.top/favicon.ico
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type

Size
13 kB (12729 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: openresty
date: Wed, 16 Apr 2025 09:58:33 GMT
content-type: text/html; charset=utf-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache,must-revalidate
location: /index/user/login.html
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

GET fonts.googleapis.com/icon?family=Material+Icons

142.250.178.106

200 OK

565 B

URL GET
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint3C:2E:67:30:A6:95:F3:D3:61:49:AB:AC:BC:D1:CF:77:3E:33:8F:B7
ValidityThu, 20 Mar 2025 11:19:46 GMT - Thu, 12 Jun 2025 11:19:45 GMT

File type
ASCII text
Size
565 B (565 bytes)
Hash
736c83e15fc300de505f6ce9762a9396
31c0f11ada78e92970ff42d990116d77c169c6d7
c31266310101d0b1607937a7baf07f1601b7637bd2373176696488a07d7b4302

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 16 Apr 2025 09:58:32 GMT
date: Wed, 16 Apr 2025 09:58:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET ufyx22ah.top/red/bootstrap/css/bootstrap.min.css

70.39.119.100

200 OK

161 kB

URL GET
ufyx22ah.top/red/bootstrap/css/bootstrap.min.css
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
ASCII text, with very long lines (65326)
Size
161 kB (161409 bytes)
Hash
d432e4222814b62dd30c9513dcc29440
2cac4afc120983921411296bd4e8fd8a94ba237e
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /red/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: text/css
last-modified: Sat, 06 Mar 2021 19:08:22 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6043d326-27681"
expires: Wed, 16 Apr 2025 21:58:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ufyx22ah.top/red/bootstrap/js/bootstrap.min.js

70.39.119.100

200 OK

64 kB

URL GET
ufyx22ah.top/red/bootstrap/js/bootstrap.min.js
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
JavaScript source, ASCII text, with very long lines (63188)
Size
64 kB (63467 bytes)
Hash
f0c2bcf5ef0c4476508d79ec9cdcce07
3beed68ed7d753c6bf4f61c26386ddd7929ba030
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /red/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: application/javascript
last-modified: Sat, 06 Mar 2021 19:08:34 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6043d332-f7eb"
expires: Wed, 16 Apr 2025 21:58:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ufyx22ah.top/red/jquery.cookie.js

70.39.119.100

200 OK

3.1 kB

URL GET
ufyx22ah.top/red/jquery.cookie.js
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
JavaScript source, ASCII text
Size
3.1 kB (3121 bytes)
Hash
d5528dde0006c78be04817327c2f9b6f
31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /red/jquery.cookie.js HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: application/javascript
last-modified: Sat, 06 Mar 2021 08:36:04 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60433ef4-c31"
expires: Wed, 16 Apr 2025 21:58:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ufyx22ah.top/static_new/js/dialog.min.js

70.39.119.100

200 OK

28 kB

URL GET
ufyx22ah.top/static_new/js/dialog.min.js
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
28 kB (27898 bytes)
Hash
5b00205ad1fe51bf8f61bcb3de292faa
4b12f988964d29bd82b14e71b86104a1a91b667b
d1eef2b2ff683e089b9d124aa8090e174252e0894af20ae6d78fed7dc69744d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static_new/js/dialog.min.js HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: application/javascript
last-modified: Sun, 16 Feb 2020 02:13:12 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5e48a538-6cfa"
expires: Wed, 16 Apr 2025 21:58:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ufyx22ah.top/red/style.css?v=V1.24

70.39.119.100

200 OK

126 kB

URL GET
ufyx22ah.top/red/style.css?v=V1.24
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
assembler source, Unicode text, UTF-8 text
Size
126 kB (125834 bytes)
Hash
dbff198b72185b1dcb0459530d3448d0
27cfb810e436d0056c61a31ded4a44f38dddee78
3cbb519777e7344cda59466cb5a6abdbce1cd039e877a352138e67dc0bc797bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /red/style.css?v=V1.24 HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: text/css
last-modified: Wed, 19 Jan 2022 21:58:46 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"61e88996-1eb8a"
expires: Wed, 16 Apr 2025 21:58:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ufyx22ah.top/upload/dcf4623faf84d832/fa0d43f68d9d8905.png

70.39.119.100

200 OK

5.8 kB

URL GET
ufyx22ah.top/upload/dcf4623faf84d832/fa0d43f68d9d8905.png
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 225x225, components 3
Size
5.8 kB (5808 bytes)
Hash
dcf4623faf84d832fa0d43f68d9d8905
3f5fec3fd971f000df2d7364f4b4ac92a6235c90
f3f8ee67e4cd7465fbc08edf3921eb77a34e150ffd22b30827bbb83c0b81190f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/dcf4623faf84d832/fa0d43f68d9d8905.png HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: image/png
content-length: 5808
last-modified: Tue, 24 Dec 2024 16:16:51 GMT
etag: "676ade73-16b0"
expires: Fri, 16 May 2025 09:58:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.178.99

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8
ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ufyx22ah.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Apr 2025 18:15:43 GMT
expires: Fri, 10 Apr 2026 18:15:43 GMT
cache-control: public, max-age=31536000
age: 488570
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/materialicons/v143/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

142.250.178.99

200 OK

128 kB

URL GET
fonts.gstatic.com/s/materialicons/v143/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8
ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v143/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ufyx22ah.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Apr 2025 18:17:11 GMT
expires: Fri, 10 Apr 2026 18:17:11 GMT
cache-control: public, max-age=31536000
age: 488482
last-modified: Wed, 08 Jan 2025 18:24:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET ufyx22ah.top/index/user/login.html

70.39.119.100

200 OK

13 kB

URL GET
ufyx22ah.top/index/user/login.html
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (7466)
Size
13 kB (12729 bytes)
Hash
63ae4d29c44e35fc6e3771b074bc9f39
1b0c328dbf6eb96fb31b4ca1e26909851cba0919
64dfcd742958cdd596d59a3eff6bd8ca2a057d77106d3a8be313859d1ab6aa74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index/user/login.html HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
DNT: 1
Connection: keep-alive
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:34 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ufyx22ah.top/static_new/css/public.css?v=V1.24

70.39.119.100

200 OK

16 kB

URL GET
ufyx22ah.top/static_new/css/public.css?v=V1.24
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
ASCII text, with CRLF line terminators
Size
16 kB (16218 bytes)
Hash
8d9acb36e3f61379b86658df119cbe5f
4b40186551b53328baedb162e495dd276620c3fe
2509b72d37e08bbb3d3107b1cf2a5412c2cd17ca5b2949857b37557e192152d0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static_new/css/public.css?v=V1.24 HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: text/css
last-modified: Sun, 16 Feb 2020 02:13:12 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5e48a538-3f5a"
expires: Wed, 16 Apr 2025 21:58:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ufyx22ah.top/red/jquery-3.3.1.min.js

70.39.119.100

200 OK

87 kB

URL GET
ufyx22ah.top/red/jquery-3.3.1.min.js
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /red/jquery-3.3.1.min.js HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: application/javascript
last-modified: Sat, 06 Mar 2021 08:34:36 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60433e9c-1538f"
expires: Wed, 16 Apr 2025 21:58:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ufyx22ah.top/red/popper.min.js

70.39.119.100

200 OK

21 kB

URL GET
ufyx22ah.top/red/popper.min.js
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
JavaScript source, ASCII text, with very long lines (20831)
Size
21 kB (21004 bytes)
Hash
56456db9d72a4b380ed3cb63095e6022
6dbce88aee15b42f29083df7a07513cf3b486ba0
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /red/popper.min.js HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: application/javascript
last-modified: Sat, 06 Mar 2021 08:34:54 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"60433eae-520c"
expires: Wed, 16 Apr 2025 21:58:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

GET ufyx22ah.top/static_new/js/common.js

70.39.119.100

200 OK

2.1 kB

URL GET
ufyx22ah.top/static_new/js/common.js
IP
70.39.119.100:443
ASN
#46844 SHARKTECH

Requested by
https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Certificate
IssuerLet's Encrypt
Subjectufyx22ah.top
FingerprintB5:89:35:65:AC:E1:8B:D1:1F:0C:61:D4:32:93:D2:AC:F8:B0:1C:74
ValidityWed, 26 Mar 2025 13:23:26 GMT - Tue, 24 Jun 2025 13:23:25 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.1 kB (2126 bytes)
Hash
406be4345cfb532036cad97a814bc41a
675d6a1546566c56cbfdd718373b19f26f79f3bc
c086a692a01d650dccb602faf9fbea54f920546532821ad19cdefeb750eea586

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static_new/js/common.js HTTP/1.1
Host: ufyx22ah.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ufyx22ah.top/index/user/register/invite_code/2V489P.html.html
Cookie: sbc014fe5=7sld5mveiudn0f67gunfq7u1a2; think_var=es-mx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 16 Apr 2025 09:58:32 GMT
content-type: application/javascript
last-modified: Mon, 30 Mar 2020 04:03:20 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"5e816f88-84e"
expires: Wed, 16 Apr 2025 21:58:32 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers