Report - gcare.live/

Report Overview

Submitted URL
gcare.live/
IP
193.233.202.124
ASN
#200019 Alexhost Srl
Submitted
2024-05-10 05:02:19
Access
public
Website Title
Support
Final URL
gcare.live/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
gcare.live	unknown	2023-11-01	2021-04-13	2024-04-09	2.8 kB	55 kB	193.233.202.124
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-05-09	872 B	34 kB	104.18.10.207
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-09	850 B	64 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	gcare.live	Sinkholed
2024-05-10	medium	gcare.live	Sinkholed
2024-05-10	medium	gcare.live	Sinkholed
2024-05-10	medium	gcare.live	Sinkholed
2024-05-10	medium	gcare.live	Sinkholed
2024-05-10	medium	gcare.live	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	gcare.live/	0 B	2023-03-07	2024-05-20
Pretty URL gcare.live/ IP 193.233.202.124 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 18:50:07 Times Seen37887489 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js	90 kB	2023-03-07	2024-05-20
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:27 Last Seen2024-05-20 18:17:53 Times Seen23976 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js	40 kB	2023-03-07	2024-05-20
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-20 16:21:13 Times Seen12532 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

	gcare.live/	0 B	2023-03-07	2024-05-20
Pretty URL gcare.live/ IP 193.233.202.124 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 18:50:07 Times Seen37887489 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-20
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-20 18:45:25 Times Seen145849 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

HTTP Transactions (10)

URL IP Response Size

gcare.live/

193.233.202.124

200 OK

2.6 kB

URL User Request GET HTTP/1.1
gcare.live/
IP
193.233.202.124:443
ASN
#200019 Alexhost Srl

Certificate
IssuerLet's Encrypt
Subjectgcare.live
Fingerprint28:16:14:F1:23:DC:7E:8B:92:F7:D3:94:18:EA:5C:64:1F:C8:75:DE
ValidityThu, 11 Apr 2024 08:22:25 GMT - Wed, 10 Jul 2024 08:22:24 GMT

File type
HTML document, ASCII text
Size
2.6 kB (2644 bytes)
Hash
d59e9ae0cea818b588f59bb6d12a3c78
679ca3404454725f5b4377324f1f2bae9897cb49
0702259b5efa3a9450df437fa7a673ab1a97bc742d5a10af43703a89eff0bef7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: gcare.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:01:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Set-Cookie: PHPSESSID=q226vj0so1u55o0lnodvsiu9vh; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2644
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

104.18.10.207

200 OK

21 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gcare.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65369)
Size
21 kB (20806 bytes)
Hash
7f89537eaf606bff49f5cc1a7c24dbca
b0972fdcce82fd583d4c2ccc3f2e3df7404a19d0
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

HTTP Headers

GET /bootstrap/3.4.1/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gcare.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 05:01:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"7f89537eaf606bff49f5cc1a7c24dbca"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 01/04/2023 09:19:49
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1077
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7a8d1f92759b360c967b5fb361e39826
cdn-cache: HIT
cf-cache-status: HIT
age: 823453
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 88175fbd4d7b0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.10

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://gcare.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gcare.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 10:06:43 GMT
expires: Sat, 03 May 2025 10:06:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 586511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

104.18.10.207

200 OK

12 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gcare.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (39553)
Size
12 kB (11758 bytes)
Hash
2f34b630ffe30ba2ff2b91e3f3c322a1
b16fd8226bd6bfb08e568f1b1d0a21d60247cefb
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

HTTP Headers

GET /bootstrap/3.4.1/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gcare.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 05:01:54 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 08/07/2023 07:43:09
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4ee37cfb4e854232a98222bcb496cfa9
cdn-cache: HIT
cf-cache-status: HIT
age: 819329
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 88175fbd4d7f0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

142.250.74.10

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://gcare.live/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31100 bytes)
Hash
00727d1d5d9c90f7de826f1a4a9cc632
ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

HTTP Headers

GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gcare.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 06:09:53 GMT
expires: Sat, 03 May 2025 06:09:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 600721
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gcare.live/assets/login.png

193.233.202.124

200 OK

2.3 kB

URL GET HTTP/1.1
gcare.live/assets/login.png
IP
193.233.202.124:443
ASN
#200019 Alexhost Srl

Requested by
https://gcare.live/
Certificate
IssuerLet's Encrypt
Subjectgcare.live
Fingerprint28:16:14:F1:23:DC:7E:8B:92:F7:D3:94:18:EA:5C:64:1F:C8:75:DE
ValidityThu, 11 Apr 2024 08:22:25 GMT - Wed, 10 Jul 2024 08:22:24 GMT

File type
PNG image data, 50 x 17, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2262 bytes)
Hash
8784cc5e0aa91cd82b66264dff332196
2814aa8edbe5b18ace0548ebac04f992a48b5ad8
ff6b5f026f7c434334d8adb9c110f007264a8473ffeed391e6541e812d1c5223

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/login.png HTTP/1.1
Host: gcare.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gcare.live/
Cookie: PHPSESSID=q226vj0so1u55o0lnodvsiu9vh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:01:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 12 Apr 2024 03:45:20 GMT
ETag: "8d6-615de19d18086"
Accept-Ranges: bytes
Content-Length: 2262
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

gcare.live/images/procesing2.gif

193.233.202.124

404 Not Found

273 B

URL GET HTTP/1.1
gcare.live/images/procesing2.gif
IP
193.233.202.124:443
ASN
#200019 Alexhost Srl

Requested by
https://gcare.live/
Certificate
IssuerLet's Encrypt
Subjectgcare.live
Fingerprint28:16:14:F1:23:DC:7E:8B:92:F7:D3:94:18:EA:5C:64:1F:C8:75:DE
ValidityThu, 11 Apr 2024 08:22:25 GMT - Wed, 10 Jul 2024 08:22:24 GMT

File type
HTML document, ASCII text
Size
273 B (273 bytes)
Hash
42d7b189d1d62fa2f000276b0eb3a267
726403a675aab62428d416cfdb283494538ac625
2880e1c408f9e58993fd7fd8d58b3609bae1d89f082a2d6c5587686b7dd85dbf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/procesing2.gif HTTP/1.1
Host: gcare.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gcare.live/
Cookie: PHPSESSID=q226vj0so1u55o0lnodvsiu9vh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 10 May 2024 05:01:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 273
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

gcare.live/images/arrow.png

193.233.202.124

200 OK

1.5 kB

URL GET HTTP/1.1
gcare.live/images/arrow.png
IP
193.233.202.124:443
ASN
#200019 Alexhost Srl

Requested by
https://gcare.live/
Certificate
IssuerLet's Encrypt
Subjectgcare.live
Fingerprint28:16:14:F1:23:DC:7E:8B:92:F7:D3:94:18:EA:5C:64:1F:C8:75:DE
ValidityThu, 11 Apr 2024 08:22:25 GMT - Wed, 10 Jul 2024 08:22:24 GMT

File type
PNG image data, 73 x 78, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1548 bytes)
Hash
b911c48124977a456fa0f8d4244c00c8
7b404d018c5a8c2e6e73463690b308daeed9822b
4f182b4853cb89dce9d89145a384b539180dd0b678f21487a5869be73d8fb49f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/arrow.png HTTP/1.1
Host: gcare.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gcare.live/
Cookie: PHPSESSID=q226vj0so1u55o0lnodvsiu9vh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:01:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 12 Apr 2024 03:45:22 GMT
ETag: "60c-615de19ee7e70"
Accept-Ranges: bytes
Content-Length: 1548
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

gcare.live/administrator/uploads/banner_image/29352449.jpg

193.233.202.124

200 OK

47 kB

URL GET HTTP/1.1
gcare.live/administrator/uploads/banner_image/29352449.jpg
IP
193.233.202.124:443
ASN
#200019 Alexhost Srl

Requested by
https://gcare.live/
Certificate
IssuerLet's Encrypt
Subjectgcare.live
Fingerprint28:16:14:F1:23:DC:7E:8B:92:F7:D3:94:18:EA:5C:64:1F:C8:75:DE
ValidityThu, 11 Apr 2024 08:22:25 GMT - Wed, 10 Jul 2024 08:22:24 GMT

File type
PNG image data, 2600 x 1900, 8-bit grayscale, non-interlaced
Size
47 kB (46565 bytes)
Hash
25bc19ea1c45106556723eb2a34a8c27
fbf21a7a4ebf4d833aab113a274b2765f514a017
3f53d3c4efa7df3bbb3466c3fa091f3dd99b040443098c477a1a939944b5ad4a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /administrator/uploads/banner_image/29352449.jpg HTTP/1.1
Host: gcare.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gcare.live/
Cookie: PHPSESSID=q226vj0so1u55o0lnodvsiu9vh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 05:01:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 12 Apr 2024 03:45:20 GMT
ETag: "b5e5-615de19d0c506"
Accept-Ranges: bytes
Content-Length: 46565
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

gcare.live/favicon.ico

193.233.202.124

404 Not Found

273 B

URL GET HTTP/1.1
gcare.live/favicon.ico
IP
193.233.202.124:443
ASN
#200019 Alexhost Srl

Requested by
https://gcare.live/
Certificate
IssuerLet's Encrypt
Subjectgcare.live
Fingerprint28:16:14:F1:23:DC:7E:8B:92:F7:D3:94:18:EA:5C:64:1F:C8:75:DE
ValidityThu, 11 Apr 2024 08:22:25 GMT - Wed, 10 Jul 2024 08:22:24 GMT

File type
HTML document, ASCII text
Size
273 B (273 bytes)
Hash
42d7b189d1d62fa2f000276b0eb3a267
726403a675aab62428d416cfdb283494538ac625
2880e1c408f9e58993fd7fd8d58b3609bae1d89f082a2d6c5587686b7dd85dbf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: gcare.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gcare.live/
Cookie: PHPSESSID=q226vj0so1u55o0lnodvsiu9vh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 10 May 2024 05:01:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 273
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (10)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers