IP 45.56.79.23:0
ASN#63949 Akamai Connected Cloud
File typeHTML document, ASCII text Hash32060c324d687caae6bc169beb2863a3 da4a19bd2d336bd818df3246fe9f7cf8e18a2cbe 49c769b327c8c2c7e2d7e24d587e3128dd853d5196846230d94804ba805fa720
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 45.56.79.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Fri, 10 May 2024 15:08:59 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close
|
| 45.56.79.23/?gp=1&js=1&uuid=1715353739.0005309406&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 | 45.56.79.23 | 200 OK | 4 B |
URL User Request GET HTTP/1.145.56.79.23/?gp=1&js=1&uuid=1715353739.0005309406&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 IP45.56.79.23:80 ASN#63949 Akamai Connected Cloud
File typeASCII text, with no line terminators Hashffc58105bf6f8a91aba0fa2d99e6f106 ca02fe21eb58820de9bcc4d3162c2809d0e26ff9 b0efc797ea75795a4fc4d408463c70b8900e59baf58a91b6fa9761ec77e1681c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /?gp=1&js=1&uuid=1715353739.0005309406&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9 HTTP/1.1
Host: 45.56.79.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://45.56.79.23/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Fri, 10 May 2024 15:08:59 GMT
content-type: text/html; charset=utf-8
content-length: 4
vary: Accept-Language
content-language: en
connection: close
|
IP45.56.79.23:80 ASN#63949 Akamai Connected Cloud
Requested byhttp://45.56.79.23/?gp=1&js=1&uuid=1715353739.0005309406&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9
File typeGIF image data, version 89a, 1 x 1 Hashad4b0f606e0f8465bc4c4c170b37e1a3 50b30fd5f87c85fe5cba2635cb83316ca71250d7 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 45.56.79.23
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.56.79.23/?gp=1&js=1&uuid=1715353739.0005309406&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLCovKjtxPTAuOCJ9
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Fri, 10 May 2024 15:09:00 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
connection: close
|