| www.testupdate.info/updates/ya/wrtzr_ytab_a_1/win/version.txt?pPWqUplRJKjAVdugNvwFlzlDKcsxhmnLz | 185.22.66.16 | 502 Bad Gateway | 131 kB |
URL User Request GET HTTP/1.1www.testupdate.info/updates/ya/wrtzr_ytab_a_1/win/version.txt?pPWqUplRJKjAVdugNvwFlzlDKcsxhmnLz IP185.22.66.16:80 ASN#48716 PS Internet Company LLP
File typeHTML document, ASCII text, with very long lines (64150) Size131 kB (130909 bytes) Hashbd466b1f3a87179af301ed5b91e13e8e 8bd624c7bb7f98e4eabdf1a8c57f07ead317dcd8 88f2ab5ef92fa7c4fbb6d8756fb0ed5c620fdb6e13974dc7187f18ffdb968326
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /updates/ya/wrtzr_ytab_a_1/win/version.txt?pPWqUplRJKjAVdugNvwFlzlDKcsxhmnLz HTTP/1.1
Host: www.testupdate.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 502 Bad Gateway
Server: openresty
Date: Tue, 07 May 2024 12:40:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
|
| fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 | 142.250.74.67 | 200 OK | 19 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 IP142.250.74.67:443
Requested byhttp://www.testupdate.info/updates/ya/wrtzr_ytab_a_1/win/version.txt?pPWqUplRJKjAVdugNvwFlzlDKcsxhmnLz CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18668, version 1.0 Hash8655d20bbcc8cdbfab17b6be6cf55df3 90edbfa9a7dabb185487b4774076f82eb6412270 e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.testupdate.info
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:49:21 GMT
expires: Fri, 02 May 2025 01:49:21 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
age: 471072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
| www.testupdate.info/favicon.ico | 185.22.66.16 | 502 Bad Gateway | 131 kB |
URL GET HTTP/1.1www.testupdate.info/favicon.ico IP185.22.66.16:80 ASN#48716 PS Internet Company LLP
Requested byhttp://www.testupdate.info/updates/ya/wrtzr_ytab_a_1/win/version.txt?pPWqUplRJKjAVdugNvwFlzlDKcsxhmnLz
File typeHTML document, ASCII text, with very long lines (64150) Size131 kB (130909 bytes) Hashbd466b1f3a87179af301ed5b91e13e8e 8bd624c7bb7f98e4eabdf1a8c57f07ead317dcd8 88f2ab5ef92fa7c4fbb6d8756fb0ed5c620fdb6e13974dc7187f18ffdb968326
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: www.testupdate.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.testupdate.info/updates/ya/wrtzr_ytab_a_1/win/version.txt?pPWqUplRJKjAVdugNvwFlzlDKcsxhmnLz
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 502 Bad Gateway
Server: openresty
Date: Tue, 07 May 2024 12:40:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
|
| fonts.googleapis.com/css?family=Open+Sans | 142.250.74.138 | 200 OK | 5.8 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans IP142.250.74.138:443
Requested byhttp://www.testupdate.info/updates/ya/wrtzr_ytab_a_1/win/version.txt?pPWqUplRJKjAVdugNvwFlzlDKcsxhmnLz CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (5866), with no line terminators Hash9a9a7fec0410c78b8c7601306b9fa182 7d736470060c2cbab18d2a59c043202c2d3dbaac 6a2126bd16491c04d2f664d8acb3a7ad24ec144e02bffd62db7254bee91567f0
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.testupdate.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 12:40:32 GMT
date: Tue, 07 May 2024 12:40:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|