| | 170.64.175.16 | 200 OK | 11 kB |
URL User Request GET HTTP/1.1IP170.64.175.16:80 ASN#14061 DIGITALOCEAN-ASN
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hashf61fe881aebd14488805045572e506a1 2f463ea9e66d5a3f4a8de2660ea913193089ca41 4f521f81ba7165d9a04d5f687ec024859551e930039d1906d167905f2b701a08
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 170.64.175.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 22:23:12 GMT
Content-Type: text/html
Last-Modified: Fri, 12 Apr 2024 09:22:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6618fd61-f06c"
Content-Encoding: gzip
|
|
| cdn.ampproject.org/v0/amp-carousel-0.1.mjs | 216.58.207.193 | 200 OK | 10 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-carousel-0.1.mjs IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33361) Hash1c475333ad86aa3ff828dd8672cb38c2 201e834dc9bbe1fd98ceab751646c5b59b6cae68 72ca3b368dcf6efa96167bd739647957c50cabb81e7b13fcc5e620ddbdc9dfb5
GET /v0/amp-carousel-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://170.64.175.16
DNT: 1
Connection: keep-alive
Referer: http://170.64.175.16/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 10085
date: Tue, 07 May 2024 22:23:13 GMT
expires: Tue, 07 May 2024 22:23:13 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "d09c750934eeb6e1"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0/amp-youtube-0.1.mjs | 216.58.207.193 | 200 OK | 10 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-youtube-0.1.mjs IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (31465) Hash338f773d5b22b91be82fcaffa1672317 f06c08885a5a2bc12328b738d627bbd6f389d6e2 c3abc5a9da59432e44f387f43796348b14e3af2819dc81129d6c4355a97241dd
GET /v0/amp-youtube-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://170.64.175.16
DNT: 1
Connection: keep-alive
Referer: http://170.64.175.16/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 10330
date: Tue, 07 May 2024 22:23:13 GMT
expires: Tue, 07 May 2024 22:23:13 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "900fecbbb60706d0"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs | 216.58.207.193 | 200 OK | 2.4 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (6424) Hashfdb0b646cb3c94506df758143e752238 de59114e64326979b48685746b7ca6694e919173 6e4268c440ac490c2878275028d788d73643b4c9a8c379973f7c500618e966f5
GET /v0/amp-install-serviceworker-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://170.64.175.16
DNT: 1
Connection: keep-alive
Referer: http://170.64.175.16/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 2371
date: Tue, 07 May 2024 22:23:13 GMT
expires: Tue, 07 May 2024 22:23:13 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "5ac07e3b764cc0c8"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0/amp-accordion-0.1.mjs | 216.58.207.193 | 200 OK | 4.9 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-accordion-0.1.mjs IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (14003) Hash36a8ba42dd9d5155c36db809e345d377 7f6a1afd59c296d3b7f28091cb41ea16730c9e34 9ee4efb31ecb04a10d60daa45fb06341700fc93d84a793082525f57b19a4ffc2
GET /v0/amp-accordion-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://170.64.175.16
DNT: 1
Connection: keep-alive
Referer: http://170.64.175.16/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 4860
date: Tue, 07 May 2024 22:23:13 GMT
expires: Tue, 07 May 2024 22:23:13 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "9f128eae6784bb01"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0.mjs | 216.58.207.193 | 200 OK | 64 kB |
URL GET HTTP/2cdn.ampproject.org/v0.mjs IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64648) Hash6d191203ef60710cac04b5f62cec68eb 81ae21d54e0403173ac0d0aca137e6cce61d8f17 0d4bbdab97e43b27341632a25fdf45e78602b68e4603f714d2b1c21d367eb840
GET /v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://170.64.175.16
DNT: 1
Connection: keep-alive
Referer: http://170.64.175.16/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 63633
date: Tue, 07 May 2024 22:23:13 GMT
expires: Tue, 07 May 2024 22:23:13 GMT
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "f7ebac4fea03da2e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 170.64.175.16/logo.png | 170.64.175.16 | 200 OK | 4.7 kB |
IP170.64.175.16:80 ASN#14061 DIGITALOCEAN-ASN
File typePNG image data, 230 x 53, 8-bit/color RGBA, non-interlaced Hashe9923fcc38f32db5a17d7f0a04ddcec2 bcce6761cefe7f7df01c0542bfcccb525f57732c de3b0248bf28b849fda538e314fb483813864645b860e25eed2dffdac6754bd8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /logo.png HTTP/1.1
Host: 170.64.175.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://170.64.175.16/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 22:23:13 GMT
Content-Type: image/png
Content-Length: 4679
Last-Modified: Tue, 26 Mar 2024 09:53:02 GMT
Connection: keep-alive
ETag: "66029afe-1247"
Accept-Ranges: bytes
|
|
| 170.64.175.16/klik99-promotion.webp | 170.64.175.16 | 200 OK | 53 kB |
URL GET HTTP/1.1170.64.175.16/klik99-promotion.webp IP170.64.175.16:80 ASN#14061 DIGITALOCEAN-ASN
File typeRIFF (little-endian) data, Web/P image Hash14453b9c33608d8bdd907259014cf29d f7f22c3b74eb3248ac07589f692456e58a38f38f 077404a1cccdde93bdc57366f88ce1a815e1d1025914cc59e6bbbbad642ba46c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /klik99-promotion.webp HTTP/1.1
Host: 170.64.175.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://170.64.175.16/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 22:23:13 GMT
Content-Type: image/webp
Content-Length: 52756
Last-Modified: Mon, 08 Apr 2024 13:50:46 GMT
Connection: keep-alive
ETag: "6613f636-ce14"
Accept-Ranges: bytes
|
|
| cdn.ampproject.org/rtv/012404181825000/v0/amp-loader-0.1.mjs | 216.58.207.193 | 200 OK | 3.9 kB |
URL GET HTTP/2cdn.ampproject.org/rtv/012404181825000/v0/amp-loader-0.1.mjs IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (12245) Hash76c8ff0749479405c16003591bb45a2c 61f43db436fae1f08069464c4039f7c6b478a7fb 1ab2942e015a02e74d7d72f90bf1a07b1b361cf52f704df2ff7b66611b913fd4
GET /rtv/012404181825000/v0/amp-loader-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://170.64.175.16
DNT: 1
Connection: keep-alive
Referer: http://170.64.175.16/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 3928
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:15:25 GMT
expires: Fri, 02 May 2025 02:15:25 GMT
cache-control: public, max-age=31536000
etag: "65bda207504b08af"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 504469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 170.64.175.16/favicon.ico | 170.64.175.16 | 200 OK | 4.4 kB |
URL GET HTTP/1.1170.64.175.16/favicon.ico IP170.64.175.16:80 ASN#14061 DIGITALOCEAN-ASN
File typeRIFF (little-endian) data, Web/P image Hash1509600493ecb5e3e301ae20f000c496 3ab6b6a16c49d0b8de9168570d2c0937678fe707 7cf0a95602410af9ae8a94cc80457ade787b999924da30545279c4bf01b04026
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 170.64.175.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://170.64.175.16/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 22:23:14 GMT
Content-Type: image/x-icon
Content-Length: 4404
Last-Modified: Tue, 26 Mar 2024 09:52:48 GMT
Connection: keep-alive
ETag: "66029af0-1134"
Accept-Ranges: bytes
|
|
| 170.64.175.16/klik99.gif | 170.64.175.16 | 200 OK | 262 kB |
IP170.64.175.16:80 ASN#14061 DIGITALOCEAN-ASN
File typeGIF image data, version 89a, 720 x 89 Size262 kB (262128 bytes) Hash993d381a4293f9ed060b2e9f5f551d6f 867d16ca1faa6ef362dd60717220e45b2272fd80 16c27719f5f909383de2ae6bda64fff8f48654dc84ebf00aa2f170b01f262087
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /klik99.gif HTTP/1.1
Host: 170.64.175.16
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://170.64.175.16/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 22:23:14 GMT
Content-Type: image/gif
Content-Length: 262128
Last-Modified: Fri, 29 Mar 2024 09:29:50 GMT
Connection: keep-alive
ETag: "66068a0e-3fff0"
Accept-Ranges: bytes
|
|