| links.survivor-tech.com/a/1656/one_click_unsubscribe/1281/5277943/a9a388cda3beb097729364537d285ee31bc47ec0 | 35.238.129.105 | 200 OK | 62 kB |
URL User Request GET HTTP/1.1links.survivor-tech.com/a/1656/one_click_unsubscribe/1281/5277943/a9a388cda3beb097729364537d285ee31bc47ec0 IP35.238.129.105:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerLet's Encrypt Subjectlinks.survivor-tech.com Fingerprint28:E3:0D:38:A4:BC:19:C1:F0:33:83:DD:4A:05:9B:8B:DF:EC:80:7C ValiditySat, 06 Apr 2024 08:29:03 GMT - Fri, 05 Jul 2024 08:29:02 GMT
File typeHTML document, ASCII text, with very long lines (59379) Hasheaea166ecbfa66b57752d6903410cd03 ecdac65f7b7ccaab3aec24f8f44f212429074eb0 c7482b372f799cd2d6af3916b85c124b516318016a574b10c54e4576b537055b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /a/1656/one_click_unsubscribe/1281/5277943/a9a388cda3beb097729364537d285ee31bc47ec0 HTTP/1.1
Host: links.survivor-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
content-type: text/html; charset=utf-8
etag: W/"c7482b372f799cd2d6af3916b85c124b"
cache-control: max-age=0, private, must-revalidate
set-cookie: _session_id=7cc33319177d24fbb46dca57e98d6a45; path=/; expires=Tue, 23 Apr 2024 12:12:01 GMT; HttpOnly
x-request-id: 617e7250-c453-461a-8850-f34ba4e328c1
x-runtime: 0.028647
vary: Origin
content-length: 61860
|
| links.survivor-tech.com/assets/unsubscribe-c19cb9484abef96045fc257251ed12cad94ffd82474bd3d2fc9a3f7718052bcd.css | 35.238.129.105 | 200 OK | 581 B |
URL GET HTTP/1.1links.survivor-tech.com/assets/unsubscribe-c19cb9484abef96045fc257251ed12cad94ffd82474bd3d2fc9a3f7718052bcd.css IP35.238.129.105:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://links.survivor-tech.com/a/1656/one_click_unsubscribe/1281/5277943/a9a388cda3beb097729364537d285ee31bc47ec0 CertificateIssuerLet's Encrypt Subjectlinks.survivor-tech.com Fingerprint28:E3:0D:38:A4:BC:19:C1:F0:33:83:DD:4A:05:9B:8B:DF:EC:80:7C ValiditySat, 06 Apr 2024 08:29:03 GMT - Fri, 05 Jul 2024 08:29:02 GMT
File typeASCII text, with very long lines (1190) Hashbd33eeef8119ffffe68bea5ad5e83ae9 2f2d649971bcedf74714c0b66975c1399952dee1 c19cb9484abef96045fc257251ed12cad94ffd82474bd3d2fc9a3f7718052bcd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/unsubscribe-c19cb9484abef96045fc257251ed12cad94ffd82474bd3d2fc9a3f7718052bcd.css HTTP/1.1
Host: links.survivor-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://links.survivor-tech.com/a/1656/one_click_unsubscribe/1281/5277943/a9a388cda3beb097729364537d285ee31bc47ec0
DNT: 1
Connection: keep-alive
Cookie: _session_id=7cc33319177d24fbb46dca57e98d6a45
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
last-modified: Tue, 02 Apr 2024 06:52:57 GMT
content-type: text/css
content-encoding: gzip
vary: Accept-Encoding, Origin
content-length: 581
|
| links.survivor-tech.com/favicon.ico | 35.238.129.105 | 200 OK | 1.2 kB |
URL GET HTTP/1.1links.survivor-tech.com/favicon.ico IP35.238.129.105:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://links.survivor-tech.com/a/1656/one_click_unsubscribe/1281/5277943/a9a388cda3beb097729364537d285ee31bc47ec0 CertificateIssuerLet's Encrypt Subjectlinks.survivor-tech.com Fingerprint28:E3:0D:38:A4:BC:19:C1:F0:33:83:DD:4A:05:9B:8B:DF:EC:80:7C ValiditySat, 06 Apr 2024 08:29:03 GMT - Fri, 05 Jul 2024 08:29:02 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash074290f8f4110325f3b2186bccb8df2f f5d6ddae314f9b8fd8acdecca14317b5caeb722a 59b13fdf97e1a6e9ac3db3e30f64f0e49084719e6443f756b63716d44afa385c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: links.survivor-tech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://links.survivor-tech.com/a/1656/one_click_unsubscribe/1281/5277943/a9a388cda3beb097729364537d285ee31bc47ec0
DNT: 1
Connection: keep-alive
Cookie: _session_id=7cc33319177d24fbb46dca57e98d6a45
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx/1.22.1
date: Thu, 18 Apr 2024 12:12:02 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Sat, 26 Aug 2023 17:19:08 GMT
etag: "64ea340c-47e"
accept-ranges: bytes
|
| fonts.googleapis.com/css?family=Telex | 142.250.74.106 | 200 OK | 724 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Telex IP142.250.74.106:443
Requested byhttps://links.survivor-tech.com/a/1656/one_click_unsubscribe/1281/5277943/a9a388cda3beb097729364537d285ee31bc47ec0 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (740), with no line terminators Hashe9e5b7fe9be920449c3ef28c620be814 9c87709685fe94b3dcc4e576709ca70a23272d32 83fba9edadd1e9e0311f65d727e91cc3f826ed7269c37f1c33b3c94cff5e7c0c
GET /css?family=Telex HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://links.survivor-tech.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 12:12:02 GMT
date: Thu, 18 Apr 2024 12:12:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|