![](/screenshots/b02eb839-a861-437a-87b6-42e17e0607c0.png)
sayhellotomalware.shop
Open in
urlscan Pro
2606:4700:3030::ac43:cf74
Public Scan
Submission: On February 08 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on January 17th 2024. Valid for: 3 months.
This is the only time sayhellotomalware.shop was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 2606:4700:303... 2606:4700:3030::ac43:cf74 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
sayhellotomalware.shop
sayhellotomalware.shop |
2 MB |
4 | 1 |
Domain | Requested by | |
---|---|---|
4 | sayhellotomalware.shop |
sayhellotomalware.shop
|
4 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sayhellotomalware.shop GTS CA 1P5 |
2024-01-17 - 2024-04-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sayhellotomalware.shop/get/65b897fcf73152c22b46900f
Frame ID: 092926F81B783DE70D7D7F5641DCF971
Requests: 4 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
65b897fcf73152c22b46900f
sayhellotomalware.shop/get/ |
4 MB 2 MB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blazor.server.js
sayhellotomalware.shop/_framework/ |
132 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
initializers
sayhellotomalware.shop/_blazor/ |
2 B 511 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
negotiate
sayhellotomalware.shop/_blazor/ |
316 B 626 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| DotNet object| Blazor0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sayhellotomalware.shop
2606:4700:3030::ac43:cf74
24bc10d0d7489e9b4ed6ccbe3cdfff068622bfa87f229101d2b0d0f6923c14cf
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
75fe040aea56ee1f704872de00c809f167f42aec7c438467e9304e8c08d27825
e4fc477462aedb4bc20af48d1c9008bdc8e3245e566fa3b6cae77b12f09d40ab