| concordiaclippers.com/landing/index | 104.21.11.163 | 301 Moved Permanently | 167 B |
URL User Request GET HTTP/2concordiaclippers.com/landing/index IP104.21.11.163:443
CertificateIssuerGoogle Trust Services LLC Subjectconcordiaclippers.com FingerprintF8:71:68:87:9B:94:E9:98:1F:C9:CD:67:F4:1C:67:5A:38:0F:A4:1E ValidityTue, 23 Apr 2024 10:41:52 GMT - Mon, 22 Jul 2024 10:41:51 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /landing/index HTTP/1.1
Host: concordiaclippers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sat, 04 May 2024 22:59:46 GMT
content-type: text/html
content-length: 167
location: https://146.190.90.116/landing/index
cache-control: max-age=3600
expires: Sat, 04 May 2024 23:59:46 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h6Tz3ZVj8iTRxXqI724QXjx%2FWIYKaBaSfjU4teE5wlDwDIWF2TjhLN2LnchzV1DzsHPKwh4a5XeHl7TdPB8SvcMOx5LmZY8xSbISvwW8HOJrWczA5Af5o39BQXvdY3foe5eMRDbgsn4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ec1a689d3e56a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 146.190.90.116/landing/index | 146.190.90.116 | 301 Moved Permanently | 162 B |
URL User Request GET HTTP/2146.190.90.116/landing/index IP146.190.90.116:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerZeroSSL Subject146.190.90.116 Fingerprint16:C2:0E:E7:B3:A4:E5:B8:D3:A3:96:68:1A:4B:79:D0:FD:55:24:E6 ValidityWed, 10 Apr 2024 00:00:00 GMT - Tue, 09 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /landing/index HTTP/1.1
Host: 146.190.90.116
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 04 May 2024 22:59:47 GMT
content-type: text/html
content-length: 162
location: https://94.237.66.165/landing/index
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| 94.237.66.165/landing/index | 94.237.66.165 | 403 Forbidden | 166 B |
URL User Request GET HTTP/294.237.66.165/landing/index IP94.237.66.165:443
CertificateIssuerZeroSSL Subject94.237.66.165 Fingerprint22:BA:CE:10:B9:18:B2:CA:59:10:85:73:2F:84:13:94:DA:A7:90:4C ValidityWed, 10 Apr 2024 00:00:00 GMT - Tue, 09 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash3ea1c8d079b38532a6e01a96216ba5e2 598d3ff91d3e252f1e13df8cf0348b270ff2da3f 87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /landing/index HTTP/1.1
Host: 94.237.66.165
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: openresty
Date: Sat, 04 May 2024 22:59:49 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://94.237.66.165/landing/index
Strict-Transport-Security: max-age=31536000
|
|
| 94.237.66.165/landing/index | 94.237.66.165 | 403 Forbidden | 29 kB |
URL User Request GET HTTP/294.237.66.165/landing/index IP94.237.66.165:443
CertificateIssuerZeroSSL Subject94.237.66.165 Fingerprint22:BA:CE:10:B9:18:B2:CA:59:10:85:73:2F:84:13:94:DA:A7:90:4C ValidityWed, 10 Apr 2024 00:00:00 GMT - Tue, 09 Jul 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash43db160efcaba479687b57b946ef3754 a1e9e959c8d71ef2c0410cca97e71fce879065d9 fd4a97e1707b4a0c65b89886a1bae9e970957fee5385f36e61659317105c1a44
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /landing/index HTTP/1.1
Host: 94.237.66.165
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 403 Forbidden
server: openresty
date: Sat, 04 May 2024 22:59:49 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| 94.237.66.165/favicon.ico | 94.237.66.165 | 302 Found | 3.0 kB |
URL GET HTTP/294.237.66.165/favicon.ico IP94.237.66.165:443
Requested byhttps://94.237.66.165/landing/index CertificateIssuerZeroSSL Subject94.237.66.165 Fingerprint22:BA:CE:10:B9:18:B2:CA:59:10:85:73:2F:84:13:94:DA:A7:90:4C ValidityWed, 10 Apr 2024 00:00:00 GMT - Tue, 09 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 Hash34a13a262f7147841721d83b0a0fb7fc 3849e277c52f0dfebd1945619738d493ed8018eb 519aa013521ed87a4aee56640dcbec1c52119de2dde95856747783389c8a3655
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 94.237.66.165
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://94.237.66.165/landing/index
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sat, 04 May 2024 22:59:49 GMT
content-type: text/html; charset=UTF-8
set-cookie: X_CACHE_KEY=7bb81a13af4462b20b9526924bc9a04b; path=/; Expires=Fri, 31-Dec-9999 23:59:59 GMT
link: <https://94.237.66.165/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://94.237.66.165/wp-content/uploads/2024/04/cropped-game-bai-doi-thuong-165-2-32x32.jpg
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| 94.237.66.165/wp-content/uploads/2024/04/cropped-game-bai-doi-thuong-165-2-32x32.jpg | 94.237.66.165 | 200 OK | 3.6 kB |
URL GET HTTP/294.237.66.165/wp-content/uploads/2024/04/cropped-game-bai-doi-thuong-165-2-32x32.jpg IP94.237.66.165:443
Requested byhttps://94.237.66.165/landing/index CertificateIssuerZeroSSL Subject94.237.66.165 Fingerprint22:BA:CE:10:B9:18:B2:CA:59:10:85:73:2F:84:13:94:DA:A7:90:4C ValidityWed, 10 Apr 2024 00:00:00 GMT - Tue, 09 Jul 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 32x32, components 3 Hash1067b4af653ace0d88df55b8c27d6cd7 a986a0658f5193dac7e0316ce8ba49962e5f0a0e 0a8f7b0c06f5dee69dfb647d8f2433293f9d550c24e0cbac5ac55695ed8ace06
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /wp-content/uploads/2024/04/cropped-game-bai-doi-thuong-165-2-32x32.jpg HTTP/1.1
Host: 94.237.66.165
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://94.237.66.165/landing/index
DNT: 1
Connection: keep-alive
Cookie: X_CACHE_KEY=7bb81a13af4462b20b9526924bc9a04b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Sat, 04 May 2024 22:59:50 GMT
content-type: image/jpeg
content-length: 3626
last-modified: Sun, 14 Apr 2024 15:35:20 GMT
etag: "661bf7b8-e2a"
expires: Mon, 03 Jun 2024 22:59:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
x-cache: MISS
X-Firefox-Spdy: h2
|
|