| 46.8.8.200/ | 46.8.8.200 | | 54 B |
IP46.8.8.200:0
File typeHTML document, ASCII text Hashb613ddfd4667f1fb655c1162766e5690 94fc0b1344d2e958a605a7f8fcd4b3a62acfbe8f 20c89d914dcef7f0028d72458bd32572ab1727d290d624902c6fa62832c29964
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 46.8.8.200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
Location: https://keznews.com
Date: Sun, 28 Apr 2024 04:16:09 GMT
Content-Length: 54
|
|
| keznews.com/ | 46.8.8.100 | | 59 B |
IP46.8.8.100:0
File typeHTML document, ASCII text Hashfc147d39794a704f411c366352938c4a cfc5b4d85218fc94ce9eeaab31d51b3170e93c03 3a1e5d4edc353b4338e69099893b7969c01b38bb98a424404819edc7820b4987
GET / HTTP/1.1
Host: keznews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
location: http://ww82.keznews.com/
content-length: 59
date: Sun, 28 Apr 2024 04:16:15 GMT
X-Firefox-Spdy: h2
|
|
| ww82.keznews.com/ | 199.59.243.225 | | 1.1 kB |
IP199.59.243.225:0
File typeHTML document, ASCII text, with very long lines (318) Hash24199659f0c9aaa32221df3544aae19d 258233c186625f777e6b0d1afe1b91445e255cd8 ec303b28ed1da2a6f6901d226e320dec865ff9c6b105c9ca93ae1945632a748d
GET / HTTP/1.1
Host: ww82.keznews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 28 Apr 2024 04:16:15 GMT
content-type: text/html; charset=utf-8
content-length: 1050
x-request-id: 20b552a6-1677-451d-8317-e76bcaab0c8c
cache-control: no-store, max-age=0
accept-ch: sec-ch-prefers-color-scheme
critical-ch: sec-ch-prefers-color-scheme
vary: sec-ch-prefers-color-scheme
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_rkfQqHNSCCrmeergc5sBI/niiP7cGVNGJH6FG8531WBlso/MHUi5BcupMIVrk0EuvLehULhilz4EpO9ED8q0oA==
set-cookie: parking_session=20b552a6-1677-451d-8317-e76bcaab0c8c; expires=Sun, 28 Apr 2024 04:31:15 GMT; path=/
|
|
| ww82.keznews.com/bKlXxQMmp.js | 199.59.243.225 | | 34 kB |
URL ww82.keznews.com/bKlXxQMmp.js IP199.59.243.225:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33788) Hashf48baec69cc4dc0852d118259eff2d56 e64c6e4423421da5b35700154810cb67160bc32b 463d99ca5448f815a05b2d946ddae9eed3e21c335c0f4cfe7a16944e3512f76c
GET /bKlXxQMmp.js HTTP/1.1
Host: ww82.keznews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww82.keznews.com/
Cookie: parking_session=20b552a6-1677-451d-8317-e76bcaab0c8c
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Sun, 28 Apr 2024 04:16:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 33791
x-request-id: c75782cb-e88d-49f6-8b17-d73a8a911e04
set-cookie: parking_session=20b552a6-1677-451d-8317-e76bcaab0c8c; expires=Sun, 28 Apr 2024 04:31:15 GMT
|
|
| ww82.keznews.com/_fd | 199.59.243.225 | | 475 B |
IP199.59.243.225:0
File typeASCII text, with very long lines (629), with no line terminators Hash5805f8345f28d9b604e72d2d1422f933 eb2e12bf27b5cebc76f4cb5d8853eaf047e3ea94 681afecaf5d30726ca0a80a1acacc042ee64b3ea255244f25ffcc509f7e5ea55
POST /_fd HTTP/1.1
Host: ww82.keznews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww82.keznews.com/
Content-Type: application/json
Origin: http://ww82.keznews.com
DNT: 1
Connection: keep-alive
Cookie: parking_session=20b552a6-1677-451d-8317-e76bcaab0c8c
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/1.1 200 OK
server: openresty
date: Sun, 28 Apr 2024 04:16:15 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
content-length: 475
x-version: 2.118.0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: parking_session=20b552a6-1677-451d-8317-e76bcaab0c8c; expires=Sun, 28 Apr 2024 04:31:15 GMT; Max-Age=900; path=/; httponly
|
|
| www.google.com/adsense/domains/caf.js?abp=1&bodis=true | 142.250.74.164 | | 74 kB |
URL www.google.com/adsense/domains/caf.js?abp=1&bodis=true IP142.250.74.164:0
File typeJavaScript source, ASCII text, with very long lines (2247) Hashbfc09b767a27e2115d146f982cbc83a9 f635b6eeae945795f1b0b21fd7dcefe34d6b645b 15f3e65095a1044d6234d5e8a98a5af6930dfb767db01cf6a83c95212614f23c
GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ww82.keznews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sun, 28 Apr 2024 04:16:16 GMT
expires: Sun, 28 Apr 2024 04:16:16 GMT
cache-control: private, max-age=3600
etag: "1102034074983157973"
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| iyfbodn.com/?dn=keznews.com&pid=9POT3387I&pbsubid=20b552a6-1677-451d-8317-e76bcaab0c8c&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dkeznews.com%26skipskenzo%3Dtrue | 208.91.196.46 | 403 Forbidden | 300 B |
URL User Request GET HTTP/1.1iyfbodn.com/?dn=keznews.com&pid=9POT3387I&pbsubid=20b552a6-1677-451d-8317-e76bcaab0c8c&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dkeznews.com%26skipskenzo%3Dtrue IP208.91.196.46:80 ASN#40034 CONFLUENCE-NETWORK-INC
File typeHTML document, ASCII text, with CRLF line terminators Hashdfca6c9521a05229a88b57be32312d30 074cf063361923f7593e794848b9b7c6c2569069 c13dbafe6761fe525bd139e82e4839283525db1755569646b19947a61cfefb80
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?dn=keznews.com&pid=9POT3387I&pbsubid=20b552a6-1677-451d-8317-e76bcaab0c8c&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dkeznews.com%26skipskenzo%3Dtrue HTTP/1.1
Host: iyfbodn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww82.keznews.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sun, 28 Apr 2024 04:16:16 GMT
Server: Apache
Content-Length: 300
Keep-Alive: timeout=5, max=118
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| iyfbodn.com/?dn=keznews.com&pid=9POT3387I&pbsubid=20b552a6-1677-451d-8317-e76bcaab0c8c&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dkeznews.com%26skipskenzo%3Dtrue | 208.91.196.46 | 403 Forbidden | 300 B |
URL User Request GET HTTP/1.1iyfbodn.com/?dn=keznews.com&pid=9POT3387I&pbsubid=20b552a6-1677-451d-8317-e76bcaab0c8c&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dkeznews.com%26skipskenzo%3Dtrue IP208.91.196.46:80 ASN#40034 CONFLUENCE-NETWORK-INC
File typeHTML document, ASCII text, with CRLF line terminators Hashdfca6c9521a05229a88b57be32312d30 074cf063361923f7593e794848b9b7c6c2569069 c13dbafe6761fe525bd139e82e4839283525db1755569646b19947a61cfefb80
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?dn=keznews.com&pid=9POT3387I&pbsubid=20b552a6-1677-451d-8317-e76bcaab0c8c&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dkeznews.com%26skipskenzo%3Dtrue HTTP/1.1
Host: iyfbodn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww82.keznews.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Sun, 28 Apr 2024 04:16:16 GMT
Server: Apache
Content-Length: 300
Keep-Alive: timeout=5, max=125
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| iyfbodn.com/favicon.ico | 208.91.196.46 | 404 Not Found | 10 B |
IP208.91.196.46:80 ASN#40034 CONFLUENCE-NETWORK-INC
Requested byhttp://iyfbodn.com/?dn=keznews.com&pid=9POT3387I&pbsubid=20b552a6-1677-451d-8317-e76bcaab0c8c&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dkeznews.com%26skipskenzo%3Dtrue
File typeASCII text, with no line terminators Hash6608dd3e21ca3beabd4bdfa625a0b221 e926d0f8694a4bc4013308afaca7af51e4c9fd9f c75eb01138771bfb2a5517aeae882356733782767c4560cc9601c34d2591ca75
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: iyfbodn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://iyfbodn.com/?dn=keznews.com&pid=9POT3387I&pbsubid=20b552a6-1677-451d-8317-e76bcaab0c8c&noads=http%3A%2F%2Fiyfbodn.com%2F%3Fdn%3Dkeznews.com%26skipskenzo%3Dtrue
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Sun, 28 Apr 2024 04:16:16 GMT
Server: Apache
Content-Length: 10
Keep-Alive: timeout=5, max=111
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|