URL User Request GET HTTP/2IP20.82.9.214:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectsmartscreen.microsoft.com Fingerprint05:00:41:72:77:99:B8:8A:E0:88:2F:6F:35:36:1F:03:C2:89:77:D9 ValidityWed, 01 May 2024 02:42:22 GMT - Sat, 26 Apr 2025 02:42:22 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashe0d1a4a70b7864dd9ba22ff15341cfa0 32346cf022d83679b2f437eb9b02092168bafa8c a76004959bdd8402fe10509e667dd20ad3e7390f6e8097cc44ef935c908e0e36
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 20.82.9.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: Microsoft-Azure-Application-Gateway/v2
Date: Sat, 04 May 2024 16:01:37 GMT
Content-Type: text/html
Content-Length: 195
Connection: keep-alive
Location: https://20.82.9.214/
|
URL User Request GET HTTP/2IP20.82.9.214:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectsmartscreen.microsoft.com Fingerprint05:00:41:72:77:99:B8:8A:E0:88:2F:6F:35:36:1F:03:C2:89:77:D9 ValidityWed, 01 May 2024 02:42:22 GMT - Sat, 26 Apr 2025 02:42:22 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashc3da608da09706b361dcd3a3023b2474 85a06e1683a9dd5fd47efa7f249bdd7d51e65dc1 40c2149635ede9666f001c9d9135b0b4bf649986459e1c4c52e2c65e79f29d7d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 20.82.9.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 502 Bad Gateway
server: Microsoft-Azure-Application-Gateway/v2
date: Sat, 04 May 2024 16:01:38 GMT
content-type: text/html
content-length: 183
X-Firefox-Spdy: h2
|
IP20.82.9.214:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectsmartscreen.microsoft.com Fingerprint05:00:41:72:77:99:B8:8A:E0:88:2F:6F:35:36:1F:03:C2:89:77:D9 ValidityWed, 01 May 2024 02:42:22 GMT - Sat, 26 Apr 2025 02:42:22 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashc3da608da09706b361dcd3a3023b2474 85a06e1683a9dd5fd47efa7f249bdd7d51e65dc1 40c2149635ede9666f001c9d9135b0b4bf649986459e1c4c52e2c65e79f29d7d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 20.82.9.214
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20.82.9.214/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 502 Bad Gateway
server: Microsoft-Azure-Application-Gateway/v2
date: Sat, 04 May 2024 16:01:38 GMT
content-type: text/html
content-length: 183
X-Firefox-Spdy: h2
|