| tapeadvertisement.com/favicon.ico |  104.21.34.152 | 200 OK | 11 kB |
URL GET HTTP/3tapeadvertisement.com/favicon.ico IP104.21.34.152:443
Requested byhttps://tapeadvertisement.com/get_video?dl=1&expires=1715254662&id=MjMLmyR7ZQu6Vx&ip=F0qUKRSTE19XKxR&token=8c1lFkqMRV__ CertificateIssuerLet's Encrypt Subjecttapeadvertisement.com Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08 ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT
File typeMS Windows icon resource - 1 icon, 100x100, 32 bits/pixel Hash1f1617bb9d33485e49af9fae638831f9 e245af39fd84866e07b7e177fa0ff6d25221252f 3fe1701b124953220bd71e61910006cb7c3ae36f6c8975075c842101d97cf513
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tapeadvertisement.com/get_video?dl=1&expires=1715254662&id=MjMLmyR7ZQu6Vx&ip=F0qUKRSTE19XKxR&token=8c1lFkqMRV__
Cookie: _b=kube11
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 16:11:37 GMT
content-type: image/x-icon
last-modified: Wed, 01 Apr 2020 13:49:44 GMT
etag: W/"5e849bf8-a2be"
cache-control: max-age=432000
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Akj%2Fh%2FqJpbLypfN%2FuHIFKn1EglQTG4lGeuiksqIr2%2FVeSkO4FozAOvn7SX%2F%2BSbaNq1gG5hSAMQ7LWlCHEIpr86OHF2ftpw9LgjNqo3mHQatAjJmiu3YstsGwi%2FVZGqqyTrsUxe03VCU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880aba045b95b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
| tapeadvertisement.com/get_video?dl=1&expires=1715254662&id=MjMLmyR7ZQu6Vx&ip=F0qUKRSTE19XKxR&token=8c1lFkqMRV__ | 104.21.34.152 | 200 OK | 36 B |
URL User Request GET HTTP/2tapeadvertisement.com/get_video?dl=1&expires=1715254662&id=MjMLmyR7ZQu6Vx&ip=F0qUKRSTE19XKxR&token=8c1lFkqMRV__ IP104.21.34.152:443
CertificateIssuerLet's Encrypt Subjecttapeadvertisement.com Fingerprint2E:C1:32:F0:D2:D2:D4:ED:F4:45:E6:15:FB:5F:E2:19:74:BB:3E:08 ValidityFri, 22 Mar 2024 20:46:24 GMT - Thu, 20 Jun 2024 20:46:23 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash0d8f828f9e846a02df4e6cf5a0622e5a d473cd422526b001944da3168e26a0340458764d c0c98ff8fd16c87a23ab5651afede7d2adc82ed1362c4b6439c628af4a344e4c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /get_video?dl=1&expires=1715254662&id=MjMLmyR7ZQu6Vx&ip=F0qUKRSTE19XKxR&token=8c1lFkqMRV__ HTTP/1.1
Host: tapeadvertisement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 16:11:36 GMT
content-type: text/html; charset=UTF-8
cache-control: private
access-control-allow-origin: *
set-cookie: _b=kube11; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B2uXQMAqLn8mXRqxCqqeltQMr%2F2AR%2B3JKdInEmtA5Y%2BEbkFTbJZFXlaMJ37USgLGy2rmv0mnPcoZnpUBgL%2FNNO0DRILT%2Bc36MUc3BpDJmVZQUi%2FDNGjieY50aaRQvEWUpzQC%2BTzJ8Q8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880aba022d40b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
172.67.162.22