URL User Request GET HTTP/1.1IP91.92.252.220:80
File typeASCII text, with very long lines (401), with CRLF line terminators Hash0142e9108a75211af349f25f86e6b9c4 37ed154588c254fb49e0e262c05824a66be20915 20b85f58c22ac8ce279d365b7cf8256dfb7c40fd28ce4c24c365ee02dc3796bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /123.txt HTTP/1.1
Host: 91.92.252.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 09:18:37 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Last-Modified: Sun, 31 Mar 2024 02:46:51 GMT
ETag: "f4a-614ebe2922d5a"
Accept-Ranges: bytes
Content-Length: 3914
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain
|
| 91.92.252.220/favicon.ico | 91.92.252.220 | 404 Not Found | 299 B |
URL GET HTTP/1.191.92.252.220/favicon.ico IP91.92.252.220:80
Requested byhttp://91.92.252.220/123.txt
File typeHTML document, ASCII text Hashf82625f454dc0e5cf14bef3b015f914a 3354fe3e72160c26765810fc038688346b313105 ecabfd892c00d32a95c3fcb8388832cf456d351e9b544ba24204dcd4076a7b0f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 91.92.252.220
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://91.92.252.220/123.txt
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Wed, 24 Apr 2024 09:18:37 GMT
Server: Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Content-Length: 299
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|