URL User Request GET HTTP/1.1IP35.169.233.230:80
File typeHTML document, ASCII text, with very long lines (574), with no line terminators Hash12a81651e1a3c581d0ffe4702956e683 675b478c3a0961cd4a6bd7b7277035d6f8bd5c03 fc261edffb1a3671c9e109276291b6790a4a3cef1deac811563ccb6a7589078d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 35.169.233.230
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: awselb/2.0
Date: Wed, 08 May 2024 06:07:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 574
Connection: keep-alive
|
| www.googletagmanager.com/gtag/js?id=UA-179022768-1 | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-179022768-1 IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashfcd148aca006b3ce6a0c7da9b8131a57 67741690170bfd61ac0762c3d4aae9f4fd38c413 8564f6cfe86685c52578110c900c8f2767892a2c2e200e85ab71594461550a43
GET /gtag/js?id=UA-179022768-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://35.169.233.230/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 06:07:56 GMT
expires: Wed, 08 May 2024 06:07:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74739
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
| 35.169.233.230/favicon.ico | 35.169.233.230 | 200 OK | 574 B |
URL GET HTTP/1.135.169.233.230/favicon.ico IP35.169.233.230:80
File typeHTML document, ASCII text, with very long lines (574), with no line terminators Hash12a81651e1a3c581d0ffe4702956e683 675b478c3a0961cd4a6bd7b7277035d6f8bd5c03 fc261edffb1a3671c9e109276291b6790a4a3cef1deac811563ccb6a7589078d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 35.169.233.230
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://35.169.233.230/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: awselb/2.0
Date: Wed, 08 May 2024 06:07:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 574
Connection: keep-alive
|
| www.googletagmanager.com/gtag/js?id=G-S2QK3JGNM7&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 90 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-S2QK3JGNM7&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hash1f8741b2a6f35e1958a1e44fc0927aed 7c07f4f38cf09e597f328b0e8451a6a5d3efb58b 3d9c21cf90cdc5d23939831fd7bd7b2fb48bc505709aec38942919121fbc922d
GET /gtag/js?id=G-S2QK3JGNM7&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://35.169.233.230/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 06:07:56 GMT
expires: Wed, 08 May 2024 06:07:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 90007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|