| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash722b54139ecda6f9a52afbc6bb4affc0 5b6aa33d2346081ba80b762fa828436187ff9675 34c785ded009e264c1e65d51f0c18f9967badf244a2e279a8521945ed1338fed
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "34C785DED009E264C1E65D51F0C18F9967BADF244A2E279A8521945ED1338FED"
Last-Modified: Sat, 21 Sep 2024 05:57:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9289
Expires: Sat, 21 Sep 2024 23:44:22 GMT
Date: Sat, 21 Sep 2024 21:09:33 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd53da2de4fc4634a067495f858d15c81 be0d08371e49c3ff6bb6eb6760b0142bb5e49181 a4dfb633c3d6c80962fe436220800f7f6fac707a55806bfc1757d4fa49af8cdc
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A4DFB633C3D6C80962FE436220800F7F6FAC707A55806BFC1757D4FA49AF8CDC"
Last-Modified: Fri, 20 Sep 2024 21:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3062
Expires: Sat, 21 Sep 2024 22:00:35 GMT
Date: Sat, 21 Sep 2024 21:09:33 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash08db25cf3421682cbd8c3163633dfdf0 01c0bc5f954276ddeefaa7898a5a84ffe718f8e5 6332476d01025e7d9c09e01500552716bb5cc3a38d9db85d4d0c57aae7a529d4
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "6332476D01025E7D9C09E01500552716BB5CC3A38D9DB85D4D0C57AAE7A529D4"
Last-Modified: Fri, 20 Sep 2024 02:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2747
Expires: Sat, 21 Sep 2024 21:55:20 GMT
Date: Sat, 21 Sep 2024 21:09:33 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashe8a790b0f3e0ce35d79c653b1c5f3eeb 57eed52d02a286b3a5a496ee0712ae4a223a875a e7a9dad00082d68d7bc93dece534965daf1d2b92d670b46298a3b836a35946f2
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E7A9DAD00082D68D7BC93DECE534965DAF1D2B92D670B46298A3B836A35946F2"
Last-Modified: Sat, 21 Sep 2024 15:06:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18316
Expires: Sun, 22 Sep 2024 02:14:49 GMT
Date: Sat, 21 Sep 2024 21:09:33 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb4393f2a35a372f999954fe790a4119b b049e9cb1f15e96e5dbfba16aa717737367e1b7f 5c715ab3c90fa8b6514b5e93dc1819e254049af58b9b57d73cf423981897e294
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C715AB3C90FA8B6514B5E93DC1819E254049AF58B9B57D73CF423981897E294"
Last-Modified: Fri, 20 Sep 2024 22:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Sun, 22 Sep 2024 03:09:21 GMT
Date: Sat, 21 Sep 2024 21:09:34 GMT
Connection: keep-alive
|
|
| ipva2024-detransp.com/data.php | 79.141.161.172 | 200 OK | 3.5 MB |
URL User Request GET HTTP/1.1ipva2024-detransp.com/data.php IP79.141.161.172:443 ASN#202015 HZ Hosting Ltd
CertificateIssuerLet's Encrypt Subjectipva2024-detransp.com Fingerprint81:91:EA:E9:CB:6B:03:CA:9D:83:9C:E3:54:CF:87:32:D5:AE:12:57 ValiditySat, 07 Sep 2024 07:28:19 GMT - Fri, 06 Dec 2024 07:28:18 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size3.5 MB (3523441 bytes) Hashf776838dd5c62ee7634fd54bc46107e9 965bbb1f4f118faf6ffe2f62aaae62250157b949 0d1ded60a8a013bc361355514dcbdb6c7f1194180a31e52c099979af5f8c350d
Analyzer | Verdict | Alert | ThreatFox | malicious | FAKEUPDATES | Quad9 DNS | malicious | Sinkholed |
GET /data.php HTTP/1.1
Host: ipva2024-detransp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 21 Sep 2024 21:09:34 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash41fa5215726c6fcc00080ad4fd963296 b4a425abfbd9dda21ccc1a053fe18793e2ff989b 538a694d67444839d38b38f534fd67d622457494630b97d887270d47eaa3f00f
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "538A694D67444839D38B38F534FD67D622457494630B97D887270D47EAA3F00F"
Last-Modified: Sat, 21 Sep 2024 12:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6357
Expires: Sat, 21 Sep 2024 22:55:32 GMT
Date: Sat, 21 Sep 2024 21:09:35 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash41fa5215726c6fcc00080ad4fd963296 b4a425abfbd9dda21ccc1a053fe18793e2ff989b 538a694d67444839d38b38f534fd67d622457494630b97d887270d47eaa3f00f
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "538A694D67444839D38B38F534FD67D622457494630B97D887270D47EAA3F00F"
Last-Modified: Sat, 21 Sep 2024 12:28:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6357
Expires: Sat, 21 Sep 2024 22:55:32 GMT
Date: Sat, 21 Sep 2024 21:09:35 GMT
Connection: keep-alive
|
|
| ipva2024-detransp.com/favicon.ico | 79.141.161.172 | 404 Not Found | 284 B |
URL GET HTTP/1.1ipva2024-detransp.com/favicon.ico IP79.141.161.172:443 ASN#202015 HZ Hosting Ltd
Requested byhttps://ipva2024-detransp.com/data.php CertificateIssuerLet's Encrypt Subjectipva2024-detransp.com Fingerprint81:91:EA:E9:CB:6B:03:CA:9D:83:9C:E3:54:CF:87:32:D5:AE:12:57 ValiditySat, 07 Sep 2024 07:28:19 GMT - Fri, 06 Dec 2024 07:28:18 GMT
File typeHTML document, ASCII text Hash842af7907d85cac8c0691f1339640b13 911cfd40236f08d058eff8ff5ea1cca83e81f44c 0ac342f737cb32fb8b3fe994428f64e03c380df65d38fe4554acd4e16f5845c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ipva2024-detransp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ipva2024-detransp.com/data.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sat, 21 Sep 2024 21:09:36 GMT
Server: Apache/2.4.52 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|