URL User Request GET HTTP/2IP163.70.152.19:443
CertificateIssuerDigiCert Inc Subject*.facebook.com Fingerprint8B:2F:EA:8C:DA:31:F2:58:FE:76:7C:4A:AB:3C:1F:0A:CD:0F:EF:D1 ValidityFri, 26 Jan 2024 00:00:00 GMT - Thu, 25 Apr 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 163.70.152.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Location: https://163.70.152.19/
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 18 Apr 2024 11:06:14 GMT
Connection: keep-alive
Content-Length: 0
|
URL User Request GET HTTP/2IP163.70.152.19:443
CertificateIssuerDigiCert Inc Subject*.facebook.com Fingerprint8B:2F:EA:8C:DA:31:F2:58:FE:76:7C:4A:AB:3C:1F:0A:CD:0F:EF:D1 ValidityFri, 26 Jan 2024 00:00:00 GMT - Thu, 25 Apr 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashac6ef2e5d224b851875b18cd4983b577 d00bb35dd01f4efe2072d6d45468c19d13fb20da f0dfefd6f17ff85387d82969c4234bbcec6a177dafef54d6756e274371a55b6a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 163.70.152.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
content-length: 2959
content-type: text/html; charset=utf-8
access-control-allow-origin: *
proxy-status: proxy_internal_response; e_fb_configversion="AcKjTmXHEJ2JCH5lzF9aUKg9k6X5DAQ9ubXTSHcO_Tz1dtC9c4E5KkDDT4tRQw"; e_isproxyerr="AcIjf8d3EfuhrqN-1WmAeyxWaVqtVOzBT1cWoslfj9lPGesN-9I1A3CBwJJ2HA"; e_clientaddr="AcLc2VP8Da_Wa718ci-N0yfGen3Ur_E1-UwnQDjVS3VaALCC046AnBiL3BXUclTs0HtBnJukC12cw6A"; e_fb_vipport="AcIppZMCuLwkraj5q-RaOL4H1nc3IhI4NOBUy07EkAOYG6RC3QElbm8Nf-eQ"; e_fb_vipaddr="AcLfth4619DmmwA1YdmvabtQicrHG_ACQSdkToLhTq-NLQtMn4PZmojso2YR68-XJuLo3VF-XQ"; e_fb_requestsequencenumber="AcKbqEyZRTwBLTgsAoA5AyWCzl5kHWc7Q3cEoHtba38tnVOfZc9DE3fQtg"; e_fb_hostheader="AcKDPjYCzM8lP8oPqC7P6jJkjPiHemDbPfZw_vTFetkTXIvROeNSljhoGzo9SGH23xbvbXMNZw"; e_fb_requesttime="AcLZpEEnrUDhRS-fKwfHE6HytRQY9jtKTmX8wjH9mEoZBJ9fUyMrrGh3hh7iqup5E93F8ui_VA"; e_fb_builduser="AcI3AcARwkO83F65WbQw9Va7HnLHPA0OVIDIHGxYtPOh28pb_wT5DpIPjvSbzp1y_lg"; e_fb_httpversion="AcKBhu52mPJF3BPu7IBIB57glsdQJdeNcv2ynq9tB9JVhajxFnxkdBBAwb1w"; e_fb_binaryversion="AcJAcpl5asiNNuGPo-hGkz1lV562lX0kg882LPK3kIFOysQBgjh5KMQU_JCqbdappw9wL2BQ0JSAnM-4_z0-zrM0CBQLZpTR4yg"; e_proxy="AcIdKT-sTLg9O60fvtlqZkeocl4A0RoyHg3eY_qm_7EZTrReHcf-YtY8nem4y1dWl_7bPbmTeJGYHf4"
date: Thu, 18 Apr 2024 11:06:16 GMT
X-Firefox-Spdy: h2
|
| 163.70.152.19/favicon.ico | 163.70.152.19 | 400 Bad Request | 3.0 kB |
URL GET HTTP/2163.70.152.19/favicon.ico IP163.70.152.19:443
CertificateIssuerDigiCert Inc Subject*.facebook.com Fingerprint8B:2F:EA:8C:DA:31:F2:58:FE:76:7C:4A:AB:3C:1F:0A:CD:0F:EF:D1 ValidityFri, 26 Jan 2024 00:00:00 GMT - Thu, 25 Apr 2024 23:59:59 GMT
File typeHTML document, ASCII text Hashac6ef2e5d224b851875b18cd4983b577 d00bb35dd01f4efe2072d6d45468c19d13fb20da f0dfefd6f17ff85387d82969c4234bbcec6a177dafef54d6756e274371a55b6a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 163.70.152.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://163.70.152.19/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 400 Bad Request
content-length: 2959
content-type: text/html; charset=utf-8
access-control-allow-origin: *
proxy-status: proxy_internal_response; e_fb_configversion="AcK3oYKpio6TygoUQObZjVagA5Wp344qeG8E3H2WPka6LVH4cmsF59Ec_-4yMQ"; e_isproxyerr="AcKmEyHIteLdPICk393uKpmxMUC9VmXqK1tR9aitirViyoRBR_EQ919hzOZjLQ"; e_clientaddr="AcLC9dGScJKEZHQ5LhygiIMRD-WNYMz6LwD2uIAOveEVMMYhu4sFD4PAtY4BjbAgauQxOI2u_S_0Fp8"; e_fb_vipport="AcL4kiDHxglSSj4NfeEuls8dTq4BoStood4MFsYChiMcPImGTFzOFJAziWop"; e_fb_vipaddr="AcJ04AQEP6xKTWic-Lk_VO4ZO08Cz0XefZH-J8UxkSrxY1J55mr1zuBErjrmBa_xylpEwV8Fwg"; e_fb_requestsequencenumber="AcJ_Q4xCIKuFz_rj2YMfyQrlYgv0SGVbl2GJX1vD2MpulI3VvpIFE4VnYQ"; e_fb_hostheader="AcIC0PdVsK5WwFxxLZOqOs2oDOz7Eo2aQOxdnV64-yiutFnwc0yG_8tjpOmofx8SOsaznCxbVg"; e_fb_requesttime="AcIeYK7cwXwjJQ8stzxLoWDNF7uXZvAz0r0Sk8LM4OiD22TSNNPoC0muYa4EZ1W0fhTHXoh9XQ"; e_fb_builduser="AcIA-hK2f42n9VJmJHUBdnMEke0bX-hbaK5L8onIrAcQc04FTNTl3xv8PJTxtU81gLA"; e_fb_httpversion="AcJqi2hiD9zFVVRjtGIgZFnkl-ouquhcctgOS_UqLRhH-UJrBhnMn2_gfah3"; e_fb_binaryversion="AcIzLqacnGr4vF9J2b8bXycL9s4puVkqeWkaQ0QMd-OG75Fls3aaxfejhhziRAIqzTNTugXBCSWVcrumVzDi2BJJ82MvRSEwnmY"; e_proxy="AcLWlAvPTG5hkaBw5htkSBW9A4LueQFsxmEhPVxLZqCshc-Iu63m92cYWhrywFb1P6j1dtURvTKtqng"
date: Thu, 18 Apr 2024 11:06:16 GMT
X-Firefox-Spdy: h2
|