| simonsautobody.com/blog/post/449/how-to-safely-tow-a-trailer | 107.180.119.249 | 302 Found | 236 B |
URL User Request GET HTTP/2simonsautobody.com/blog/post/449/how-to-safely-tow-a-trailer IP107.180.119.249:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectsimonsautobody.com FingerprintD4:4A:29:6A:F8:07:A8:BD:81:DF:E0:5B:B2:19:B7:F9:58:DF:4A:F3 ValidityThu, 21 Sep 2023 16:16:06 GMT - Sat, 21 Sep 2024 15:55:03 GMT
File typeHTML document, ASCII text Hashab4ab5a7a9aca26f8d2c181452bdab18 65f2852d006521f783a9eba7f067139de4b2ee50 c9d0b10c047f2b79c60296257c7858cef3540b068e258e0496492bd12c51cb1d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /blog/post/449/how-to-safely-tow-a-trailer HTTP/1.1
Host: simonsautobody.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://simonsautobody.com/cgi-sys/suspendedpage.cgi
content-length: 236
content-type: text/html; charset=iso-8859-1
date: Wed, 24 Apr 2024 14:11:10 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| simonsautobody.com/cgi-sys/suspendedpage.cgi | 107.180.119.249 | 200 OK | 3.8 kB |
URL User Request GET HTTP/2simonsautobody.com/cgi-sys/suspendedpage.cgi IP107.180.119.249:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectsimonsautobody.com FingerprintD4:4A:29:6A:F8:07:A8:BD:81:DF:E0:5B:B2:19:B7:F9:58:DF:4A:F3 ValidityThu, 21 Sep 2023 16:16:06 GMT - Sat, 21 Sep 2024 15:55:03 GMT
File typeHTML document, ASCII text, with very long lines (4070) Hashb7de268b351cf198b917bbc8dae63966 b730d24278e91251e08b221a860da4fed26560ba 36a200a2f28c33331ef1b952eeebce8d6b57c81aed276cd1f0d3df0c6fbf05b6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: simonsautobody.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-length: 3819
content-type: text/html
date: Wed, 24 Apr 2024 14:11:10 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.woff2 | 172.67.142.245 | 200 OK | 39 kB |
URL GET HTTP/2use.fontawesome.com/releases/v5.0.6/webfonts/fa-solid-900.woff2 IP172.67.142.245:443
Requested byhttps://simonsautobody.com/cgi-sys/suspendedpage.cgi CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 38784, version 1.0 Hashf9b85c9463af7103b9b24bbbf09a06ed d28d7222bcbeb8ea701a771e85f7efe006e62fb1 62554277d07b20c6bfae7c6267b3198b4846f604a37d4085bf9f54c392210b56
GET /releases/v5.0.6/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://simonsautobody.com
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 14:11:11 GMT
content-type: application/font-woff2
content-length: 38784
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "f9b85c9463af7103b9b24bbbf09a06ed"
last-modified: Fri, 22 Sep 2023 01:44:10 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZ8MkUGynsTX2PsTB7Agc%2FyNysA1O9VEu%2FSPfBeLU7EvXD4VsygO1TzsvrReDXPpG0PQoO%2BUBdvOeA00i1hcyC0ZJlOi%2Fs0aDnnGlxwxpjU6NfyNbU9UbcBnNh6S2yl68H%2Fqlh%2F2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796ae5c9eae56af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.0.6/css/all.css | 172.67.142.245 | 200 OK | 7.9 kB |
URL GET HTTP/2use.fontawesome.com/releases/v5.0.6/css/all.css IP172.67.142.245:443
Requested byhttps://simonsautobody.com/cgi-sys/suspendedpage.cgi CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (34556) Hash42eaa52604673b64d6b356c2fd7f87e3 6b59cb703b2d4a7a2691f13008062b46a6bc7fdb ed0f122470c4d13d86bbabdc38046d743d0228204a56d786d2e17bd83fd358ce
GET /releases/v5.0.6/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://simonsautobody.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 14:11:11 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"42eaa52604673b64d6b356c2fd7f87e3"
last-modified: Fri, 22 Sep 2023 01:44:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2448574
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RyIkQ7ZoWdX4jGMS%2FjP7x5A90Cz3e8q5hPSteY29hyXk7ClD1uzlbkrduRPXTjQfcTTLBdFe%2BdHfNOtdKexgdxpiHMA2AmETyI%2FjF8Q0GC6AtyrXa05V3WUmmukCMMlw5MpZ8rqX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796ae5c1b0256bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| simonsautobody.com/cgi-sys/suspendedpage.cgi | 107.180.119.249 | 200 OK | 3.8 kB |
URL User Request GET HTTP/2simonsautobody.com/cgi-sys/suspendedpage.cgi IP107.180.119.249:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
CertificateIssuerGoDaddy.com, Inc. Subjectsimonsautobody.com FingerprintD4:4A:29:6A:F8:07:A8:BD:81:DF:E0:5B:B2:19:B7:F9:58:DF:4A:F3 ValidityThu, 21 Sep 2023 16:16:06 GMT - Sat, 21 Sep 2024 15:55:03 GMT
File typeHTML document, ASCII text, with very long lines (4070) Hashb7de268b351cf198b917bbc8dae63966 b730d24278e91251e08b221a860da4fed26560ba 36a200a2f28c33331ef1b952eeebce8d6b57c81aed276cd1f0d3df0c6fbf05b6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: simonsautobody.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://simonsautobody.com/cgi-sys/suspendedpage.cgi
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-length: 3819
content-type: text/html
date: Wed, 24 Apr 2024 14:11:11 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| simonsautobody.com/favicon.ico | 107.180.119.249 | 302 Found | 7.6 kB |
URL GET HTTP/2simonsautobody.com/favicon.ico IP107.180.119.249:443 ASN#26496 AS-26496-GO-DADDY-COM-LLC
Requested byhttps://simonsautobody.com/cgi-sys/suspendedpage.cgi CertificateIssuerGoDaddy.com, Inc. Subjectsimonsautobody.com FingerprintD4:4A:29:6A:F8:07:A8:BD:81:DF:E0:5B:B2:19:B7:F9:58:DF:4A:F3 ValidityThu, 21 Sep 2023 16:16:06 GMT - Sat, 21 Sep 2024 15:55:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: simonsautobody.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://simonsautobody.com/cgi-sys/suspendedpage.cgi
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://simonsautobody.com/cgi-sys/suspendedpage.cgi
content-length: 236
content-type: text/html; charset=iso-8859-1
date: Wed, 24 Apr 2024 14:11:11 GMT
server: Apache
X-Firefox-Spdy: h2
|
|