| | 196.218.55.114 | | 8.9 kB |
IP196.218.55.114:0
File typeHTML document, ISO-8859 text, with very long lines (345), with CRLF line terminators Hashab33a632ffffb32ce3c41234978e642f ae9ec1340663dade97c95d51e7d2c8e9d22904a5 b7b18d963376487ecce911ae70b11d5e2c55e6c17d439746ca1de3843dfbc103
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
X-Powered-By: PHP/5.6.20
Set-Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| www.lexiadz.com/banner1.gif | 172.67.182.14 | | 167 B |
URL GET www.lexiadz.com/banner1.gif IP172.67.182.14:0
CertificateIssuerGoogle Trust Services LLC Subjectlexiadz.com FingerprintB4:72:4E:0A:AC:33:D4:12:3B:0A:67:C6:E9:3F:E8:2A:E1:32:71:5A ValidityWed, 03 Apr 2024 15:08:01 GMT - Tue, 02 Jul 2024 15:08:00 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /banner1.gif HTTP/1.1
Host: www.lexiadz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 26 Apr 2024 20:44:02 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 26 Apr 2024 21:44:02 GMT
Location: https://www.lexiadz.com/banner1.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=71oUemldS6UgDh2HbV2kuM5N2hmiDtIfJSy5QpwH3COrgAbqxoq0HDq8aTlGEuqH%2F7VxEUDBwcoDaYsu0DI%2B3EaQC74rp5ktYCeoCHhB7R9sGj9akxb06vhnZn5m9JB6VtI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a968944cbb7131-OSL
alt-svc: h2=":443"; ma=60
|
|
| 196.218.55.114/et/etisalat_files/mobile_ar.jpg | 196.218.55.114 | 404 Not Found | 1.2 kB |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/mobile_ar.jpg IP196.218.55.114:80
File typeXML 1.0 document, ASCII text, with CRLF line terminators Hashb6429d7c11fc98bab8aba6c5f8cb41b8 533cf9498dfaf3e8560797b676ab63eec413bf21 9ac78ca3a72bccc19db2f1589b96a800b4f666d693985389f1537c1d7baa1ca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/mobile_ar.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| 196.218.55.114/et/etisalat_files/personalBOR.jpg | 196.218.55.114 | 404 Not Found | 1.2 kB |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/personalBOR.jpg IP196.218.55.114:80
File typeXML 1.0 document, ASCII text, with CRLF line terminators Hashb6429d7c11fc98bab8aba6c5f8cb41b8 533cf9498dfaf3e8560797b676ab63eec413bf21 9ac78ca3a72bccc19db2f1589b96a800b4f666d693985389f1537c1d7baa1ca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/personalBOR.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| img.neobux.com/imagens/banner9.gif | 104.18.160.121 | 200 OK | 5.0 kB |
URL GET HTTP/2img.neobux.com/imagens/banner9.gif IP104.18.160.121:443
CertificateIssuerGoogle Trust Services LLC Subjectimg.neobux.com Fingerprint59:20:C6:C8:80:0B:67:5D:F1:CB:03:A9:7B:3B:A1:B5:42:76:B9:3C ValidityTue, 16 Apr 2024 02:39:05 GMT - Mon, 15 Jul 2024 03:37:00 GMT
File typeRIFF (little-endian) data, Web/P image Hasha77a5bdd2447326a0451042c90b02c59 582352759a160fd7658b809898d291c937d98867 faefdaa702ff995c9ca4409e4e7305389cd6bf81220298b6cd0bade19c954aef
GET /imagens/banner9.gif HTTP/1.1
Host: img.neobux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 20:44:02 GMT
content-type: image/webp
content-length: 5024
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=10278
content-disposition: inline; filename="banner9.webp"
vary: Accept
etag: "4ecac1bad673d91:0"
last-modified: Thu, 20 Apr 2023 22:23:27 GMT
x-content-type-options: nosniff
x-powered-by: NeoBux
x-xss-protection: 1; mode=block
cf-cache-status: HIT
expires: Mon, 27 May 2024 20:44:02 GMT
cache-control: public, max-age=2678400
accept-ranges: bytes
server: cloudflare
cf-ray: 87a968947a56b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 196.218.55.114/et/etisalat_files/frislogin.jpg | 196.218.55.114 | 404 Not Found | 1.2 kB |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/frislogin.jpg IP196.218.55.114:80
File typeXML 1.0 document, ASCII text, with CRLF line terminators Hashb6429d7c11fc98bab8aba6c5f8cb41b8 533cf9498dfaf3e8560797b676ab63eec413bf21 9ac78ca3a72bccc19db2f1589b96a800b4f666d693985389f1537c1d7baa1ca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/frislogin.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| 196.218.55.114/et/etisalat_files/howviewadd.jpg | 196.218.55.114 | 404 Not Found | 1.2 kB |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/howviewadd.jpg IP196.218.55.114:80
File typeXML 1.0 document, ASCII text, with CRLF line terminators Hashb6429d7c11fc98bab8aba6c5f8cb41b8 533cf9498dfaf3e8560797b676ab63eec413bf21 9ac78ca3a72bccc19db2f1589b96a800b4f666d693985389f1537c1d7baa1ca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/howviewadd.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| 196.218.55.114/et/etisalat_files/newlogin.jpg | 196.218.55.114 | 404 Not Found | 1.2 kB |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/newlogin.jpg IP196.218.55.114:80
File typeXML 1.0 document, ASCII text, with CRLF line terminators Hashb6429d7c11fc98bab8aba6c5f8cb41b8 533cf9498dfaf3e8560797b676ab63eec413bf21 9ac78ca3a72bccc19db2f1589b96a800b4f666d693985389f1537c1d7baa1ca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/newlogin.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| 196.218.55.114/et/etisalat_files/logina.jpg | 196.218.55.114 | 404 Not Found | 1.2 kB |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/logina.jpg IP196.218.55.114:80
File typeXML 1.0 document, ASCII text, with CRLF line terminators Hashb6429d7c11fc98bab8aba6c5f8cb41b8 533cf9498dfaf3e8560797b676ab63eec413bf21 9ac78ca3a72bccc19db2f1589b96a800b4f666d693985389f1537c1d7baa1ca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/logina.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| 196.218.55.114/et/etisalat_files/code.jpg | 196.218.55.114 | 404 Not Found | 1.2 kB |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/code.jpg IP196.218.55.114:80
File typeXML 1.0 document, ASCII text, with CRLF line terminators Hashb6429d7c11fc98bab8aba6c5f8cb41b8 533cf9498dfaf3e8560797b676ab63eec413bf21 9ac78ca3a72bccc19db2f1589b96a800b4f666d693985389f1537c1d7baa1ca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/code.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| 196.218.55.114/et/etisalat_files/viewadd.jpg | 196.218.55.114 | 404 Not Found | 1.2 kB |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/viewadd.jpg IP196.218.55.114:80
File typeXML 1.0 document, ASCII text, with CRLF line terminators Hashb6429d7c11fc98bab8aba6c5f8cb41b8 533cf9498dfaf3e8560797b676ab63eec413bf21 9ac78ca3a72bccc19db2f1589b96a800b4f666d693985389f1537c1d7baa1ca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/viewadd.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| trafficmonsoon.com/data/aptools/728x90.gif | 37.48.65.154 | 404 Not Found | 9 B |
URL GET HTTP/2trafficmonsoon.com/data/aptools/728x90.gif IP37.48.65.154:443 ASN#60781 LeaseWeb Netherlands B.V.
CertificateIssuerLet's Encrypt Subjecttrafficmonsoon.com Fingerprint06:81:23:3C:B6:9A:44:9D:FF:68:E3:33:29:23:3C:21:BF:17:7A:9F ValidityThu, 18 Apr 2024 10:32:18 GMT - Wed, 17 Jul 2024 10:32:17 GMT
File typeASCII text, with no line terminators Hashd8f4a1993546cc4b850cde3599e27aec 094b763b4cfcc0b05e5d040581cd513c3ca08067 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /data/aptools/728x90.gif HTTP/1.1
Host: trafficmonsoon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Fri, 26 Apr 2024 20:44:02 GMT
server: Cowboy
set-cookie: sid=b75b718a-040d-11ef-bf0f-960c941fda27; path=/; domain=.trafficmonsoon.com; expires=Wed, 14 May 2092 23:58:09 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
|
|
| 196.218.55.114/favicon.ico | 196.218.55.114 | 404 Not Found | 1.2 kB |
URL GET HTTP/1.1196.218.55.114/favicon.ico IP196.218.55.114:80
File typeXML 1.0 document, ASCII text, with CRLF line terminators Hashb6429d7c11fc98bab8aba6c5f8cb41b8 533cf9498dfaf3e8560797b676ab63eec413bf21 9ac78ca3a72bccc19db2f1589b96a800b4f666d693985389f1537c1d7baa1ca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:41 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| 196.218.55.114/et/etisalat_files/businessback.jpg | 196.218.55.114 | 404 Not Found | 10 kB |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/businessback.jpg IP196.218.55.114:80
Hasha6f2e0103b37de20619241340309b32d 442bf5fa63af1594822e4a29ea119dc114779719 4e43915c53a3cd3f36144f1d3990332a43c9da0c11b79ac842225413185ab898
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/businessback.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| 196.218.55.114/et/etisalat_files/logo_en.jpg | 196.218.55.114 | 404 Not Found | 10 kB |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/logo_en.jpg IP196.218.55.114:80
Hash186ad6d2fd26904e389026683f530e1a 4e06420a6e78897cf5141250be0a874e42925b84 34732b528a7bd8d1163719bc4e2e0bd9db7e37b914abcbaa695a470e74b5514b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/logo_en.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| www.lexiadz.com/banner1.gif | 172.67.182.14 | | 11 kB |
URL GET www.lexiadz.com/banner1.gif IP172.67.182.14:0
CertificateIssuerGoogle Trust Services LLC Subjectlexiadz.com FingerprintB4:72:4E:0A:AC:33:D4:12:3B:0A:67:C6:E9:3F:E8:2A:E1:32:71:5A ValidityWed, 03 Apr 2024 15:08:01 GMT - Tue, 02 Jul 2024 15:08:00 GMT
Hash082500c82efbd828ec5224c8ee45fdb2 2d235454835f6356951e9142110938b708b0bf94 252f041b3b55c10ce646867a25866b4293e17e7bedb4b9fc7d18dfd71be24400
GET /banner1.gif HTTP/1.1
Host: www.lexiadz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://196.218.55.114/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 26 Apr 2024 20:44:02 GMT
content-type: text/html; charset=iso-8859-1
location: https://lexiadz.com/banner1.gif
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eFQUzRkrcENdsnRM1tMlEczLInz8fP9%2ByyS13ld2SPXf851JxX1z5bIRh9Pj233NpE2EDWIwCY78qiLpHlJlxj3MlQunbhOEEdSWkIO3BOZ8gegSKqfDOU6cuAIlmULiBi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a968948a52b503-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 41.32.125.29/elmazr3a1/elmazr3a.php | 0.0.0.0 | | 0 B |
URL GET 41.32.125.29/elmazr3a1/elmazr3a.php IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /elmazr3a1/elmazr3a.php HTTP/1.1
Host: 41.32.125.29
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
|
|
| 196.218.55.114/et/etisalat_files/ontop.jpg | 196.218.55.114 | 404 Not Found | 664 B |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/ontop.jpg IP196.218.55.114:80
File typeXML document, ASCII text, with very long lines (728), with no line terminators Hash6009d3003821befd18115365d19eab69 9d20e667892bb7f7269b928c9bd11094f103a05a 108f5ca11a83e160d71ab4efaf6620e6c0ebe617903694da052b6d87be853660
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/ontop.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| 196.218.55.114/et/etisalat_files/optyear_ar.jpg | 196.218.55.114 | 404 Not Found | 903 B |
URL GET HTTP/1.1196.218.55.114/et/etisalat_files/optyear_ar.jpg IP196.218.55.114:80
File typeXML document, ASCII text, with very long lines (995), with no line terminators Hash5734993765342563287f2225407f0fba 610b35b29b972750258669539886df7e14f6e9c0 d2b4ad137824bd927518c04de53e5060074bce6cb5c0186c5a248a247a559dc3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /et/etisalat_files/optyear_ar.jpg HTTP/1.1
Host: 196.218.55.114
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Cookie: PHPSESSID=9f27b94r23q2dq7e8lqsmgm7o7
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 18:01:40 GMT
Server: Apache/2.4.17 (Win32) OpenSSL/1.0.2d PHP/5.6.20
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
|
|
| lexiadz.com/banner1.gif | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectlexiadz.com FingerprintB4:72:4E:0A:AC:33:D4:12:3B:0A:67:C6:E9:3F:E8:2A:E1:32:71:5A ValidityWed, 03 Apr 2024 15:08:01 GMT - Tue, 02 Jul 2024 15:08:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banner1.gif HTTP/1.1
Host: lexiadz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://196.218.55.114/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Fri, 26 Apr 2024 20:44:08 GMT
content-type: text/html; charset=UTF-8
location: https://lexiadz.com/blog/
x-powered-by: PHP/7.4.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FVtuth%2F8B9NY2i2DWqVTRGFwqKGIAKYWKoMNQ%2BNZfhU3%2FZMKLJzkMEyrY1AuocJ2PPh99fEuvCfrR5S0CyrwJpkBFDrT8SHqLcIudx8aSjzACrX8SRH%2BGqO2k13hA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a96895587ab521-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hitleap.com/assets/banner-241ef1f2c690b6812aeeff6c0fb91f39ffc8a214c0b2c6c11d8a96f7c98b8fab.png | 0.0.0.0 | | 0 B |
URL GET hitleap.com/assets/banner-241ef1f2c690b6812aeeff6c0fb91f39ffc8a214c0b2c6c11d8a96f7c98b8fab.png IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/banner-241ef1f2c690b6812aeeff6c0fb91f39ffc8a214c0b2c6c11d8a96f7c98b8fab.png HTTP/1.1
Host: hitleap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| www.littlebux.com/banners/banner1.png | 34.205.242.146 | 404 Not Found | 0 B |
URL GET HTTP/1.0www.littlebux.com/banners/banner1.png IP34.205.242.146:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /banners/banner1.png HTTP/1.1
Host: www.littlebux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 404 Not Found
cache-control: no-cache
content-type: text/html
x-reason: MediaRequest
|
|
| lexiadz.com/blog/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
CertificateIssuerGoogle Trust Services LLC Subjectlexiadz.com FingerprintB4:72:4E:0A:AC:33:D4:12:3B:0A:67:C6:E9:3F:E8:2A:E1:32:71:5A ValidityWed, 03 Apr 2024 15:08:01 GMT - Tue, 02 Jul 2024 15:08:00 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /blog/ HTTP/1.1
Host: lexiadz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://196.218.55.114/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 20:44:13 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
link: <https://lexiadz.com/wp-json/>; rel="https://api.w.org/", <https://lexiadz.com/wp-json/wp/v2/pages/16>; rel="alternate"; type="application/json", <https://lexiadz.com/?p=16>; rel=shortlink
x-frame-options: SAMEORIGIN
cache-control: max-age=3600
expires: Fri, 26 Apr 2024 21:44:08 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8BnTd4BEsOuF0V8YbWjo3CEIKyn3cZfOxmKB12uTOw5ieUTT49qywOzfwWUOOXv4CEyR2NTvdhiXO%2FFxA0TYZ1ROABRfkd1Aae1YbRfFu25RjRVN4CwEdH0VYR6DNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a968b89fdbb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.ak.fbcdn.net/connect.php/js/FB.Share | 0.0.0.0 | | 0 B |
URL GET static.ak.fbcdn.net/connect.php/js/FB.Share IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect.php/js/FB.Share HTTP/1.1
Host: static.ak.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://196.218.55.114/
Pragma: no-cache
Cache-Control: no-cache
|
|