Sample details: 0cc806be7eaaec124833050899112976 --

Hashes
MD5: 0cc806be7eaaec124833050899112976
SHA1: a91bde6f742fe565a69ffc216199eabe1de56aaa
SHA256: fbf40ce70eb85d0f9229baf3d3efa4d5bacb8b5465fcb2675def682ce74641de
SSDEEP: 96:e49FIFhjJJE5C+hZTv7OXqofcXqowJ7epXD3m0/:vIF7JE5CGv6XqocXq5J7epD3/
Details
File Type: HTML
Added: 2019-10-09 15:21:58
Yara Hits
YRP/possible_includes_base64_packed_functions | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 | YRP/Big_Numbers1 |
Source
http://wolmedia.net/zdgfarragd2/paclm/IIYbncXznEjsmCHAxRQRPUQRaHe/
Strings
		<!DOCTYPE html>
<html lang="en-US" prefix="og: http://ogp.me/ns#">
<head>
  <meta charset="utf-8" />
  <meta name="robots" content="noindex, nofollow" />
  <meta name="generator" content="AntiBot.Cloud v. 5.06" />
  <meta name="referrer" content="unsafe-url" />
  <meta name="robots" content="noarchive" />
  <meta name="google" content="notranslate" />
  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
  <meta property="og:title" content="AntiBot Cloud: 
  <meta property="og:type" content="article" />
  <meta property="og:url" content="//5.45.79.15/input/?mark=404" />
  <meta property="og:image" content="https://antibot.cloud/logo.png" />
  <link rel="icon" href="/favicon.ico">
<link rel= "dns-prefetch" href="https://ipv4alt.antibot.cloud/" />
<link rel= "dns-prefetch" href="https://ipv4main.antibot.cloud/" />
  <title>Just a moment...</title>
  <style>
    html, body {width: 100%; height: 100%; margin: 0; padding: 0;}
    body {background-color: #ffffff; font-family: Helvetica, Arial, sans-serif; font-size: 100%;}
    h1 {font-size: 1.5em; color: #404040; text-align: center;}
    p {font-size: 1em; color: #404040; text-align: center; margin: 10px 0 0 0;}
    #spinner {margin: 0 auto 30px auto; display: block;}
    .attribution {margin-top: 20px;}
    @-webkit-keyframes bubbles { 33%: { -webkit-transform: translateY(10px); transform: translateY(10px); } 66% { -webkit-transform: translateY(-10px); transform: translateY(-10px); } 100% { -webkit-transform: translateY(0); transform: translateY(0); } }
    @keyframes bubbles { 33%: { -webkit-transform: translateY(10px); transform: translateY(10px); } 66% { -webkit-transform: translateY(-10px); transform: translateY(-10px); } 100% { -webkit-transform: translateY(0); transform: translateY(0); } }
    .bubbles { background-color: #404040; width:15px; height: 15px; margin:2px; border-radius:100%; -webkit-animation:bubbles 0.6s 0.07s infinite ease-in-out; animation:bubbles 0.6s 0.07s infinite ease-in-out; -webkit-animation-fill-mode:both; animation-fill-mode:both; display:inline-block; }
  </style>
</head>
<body>
<script>
if (window.location.hostname !== window.atob("NS40NS43OS4xNQ==")) {
window.location = window.atob("aHR0cDovLzUuNDUuNzkuMTUvaW5wdXQvP21hcms9NDA0");
function timer(){
 var obj=document.getElementById('timer');
 obj.innerHTML--;
 if(obj.innerHTML==0){
setTimeout(function(){},1000);
document.getElementById("btn").innerHTML = window.atob('PGZvcm0gYWN0aW9uPSIiIG1ldGhvZD0icG9zdCI+PGlucHV0IG5hbWU9InRpbWUiIHR5cGU9ImhpZGRlbiIgdmFsdWU9IjE1NzA2MzQ1MTgiPjxpbnB1dCBuYW1lPSJhbnRpYm90IiB0eXBlPSJoaWRkZW4iIHZhbHVlPSIwNDk5YTM4N2M0NmI3ZWQyMjA1ODY1YWEzYjRhZjQwNiI+PGlucHV0IHR5cGU9InN1Ym1pdCIgbmFtZT0ic3VibWl0IiB2YWx1ZT0iQ2xpY2sgdG8gY29udGludWUiPjwvZm9ybT4=');
 else{setTimeout(timer,1000);}
setTimeout(timer,1000);
function LoadTest() {
if (window.atob("MTU3MDYzNDUxOA==") == '1570634518') {
var script = document.createElement('script');
script.src = "https://ipv4alt.antibot.cloud/content/cloud5.php?h1=595a6ce19d1326b51d7e73dba0faf7b3&h2=37d3ead0b33026f7922163ffb12ecf71&ip=173.254.233.139&via=&v=5.06&r=&rand=1570634518";
document.getElementsByTagName('head')[0].appendChild(script);
var script = document.createElement('script');
script.src = "https://ipv4main.antibot.cloud/content/cloud5.php?h1=595a6ce19d1326b51d7e73dba0faf7b3&h2=37d3ead0b33026f7922163ffb12ecf71&ip=173.254.233.139&via=&v=5.06&r=&rand=1570634518";
document.getElementsByTagName('head')[0].appendChild(script);
setTimeout(LoadTest, 3000);
</script>
  <table style="width:100%; height:100%; padding:20px;">
    <tr>
      <td style="vertical-align:middle; text-align:center;">
          <div class="cf-browser-verification cf-im-under-attack">
  <noscript><h1 style="color:#bd2426;">Please turn JavaScript on and reload the page.</h1></noscript>
  <div id="cf-content">
    <div>
      <div class="bubbles"></div>
      <div class="bubbles"></div>
      <div class="bubbles"></div>
    </div>
    <h1>Checking your browser before accessing 5.45.79.15.</h1>
    <p>This process is automatic. Your browser will redirect to your requested content shortly.</p>
    <p id="btn">Please allow up to <span style="color:red; font-weight:bold;" id="timer">3</span> seconds...</p>
  </div>
</div>
<div class="attribution">
<p><a href="https://antibot.cloud/" target="_blank" style="font-size:12px;">Bad Bot protection by AntiBot.Cloud</a></p>
<p><small>Your IP: 173.254.233.139<br />
<span id="response_code" style="color:red;"></span></small></p>
          </div>
      </td>
    </tr>
  </table>
<span style="text-align:center;">
</span>
</body>
</html>
<!-- Time: 0.09117 Sec. -->