URL User Request GET HTTP/1.1IP18.172.242.52:80
File typeHTML document, ASCII text Hashfaa60c90dedb2304f2b89608e86980ec 33bb43e023a11d13ca6a8b9cfde3c8370d70c4ed a44610d09c7912f1bf291e52d40008885e0c201499749176168eddf4beb06dd1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 18.172.242.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: CloudFront
Date: Wed, 08 May 2024 04:38:43 GMT
Content-Type: text/html
Content-Length: 915
Connection: keep-alive
X-Cache: Error from cloudfront
Via: 1.1 0ab878730f4869757e319be8e5f8e4a8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BUD50-P1
X-Amz-Cf-Id: PDq5TIpb4FkYq_Po0nW3yXg30FavzH1l3b8tQxRe6jeXu1sBQImwCg==
|
| 18.172.242.52/favicon.ico | 18.172.242.52 | 403 Forbidden | 915 B |
URL GET HTTP/1.118.172.242.52/favicon.ico IP18.172.242.52:80
File typeHTML document, ASCII text Hash2130fe3acc58db1fdc5a0ab5b232aaa7 afc37a940554035487b169f88129bf11ee96e0da 593c8d37a9df4083e5b504e70b02aa36d464dc23c95f9b10ce2af1fcb72daa4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 18.172.242.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://18.172.242.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: CloudFront
Date: Wed, 08 May 2024 04:38:44 GMT
Content-Type: text/html
Content-Length: 915
Connection: keep-alive
X-Cache: Error from cloudfront
Via: 1.1 0ab878730f4869757e319be8e5f8e4a8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BUD50-P1
X-Amz-Cf-Id: ZY8QTAfEyYECy4_2SvfdS0vSCwH9BFutveEwV83pkHUTGAwr-vVyfQ==
|