URL User Request GET HTTP/1.1IP185.158.3.161:80
File typeHTML document, ASCII text Hash0ecdd3e4dd80e74f0e0767c59beb3d7e b6acf6dd7cacd48e4ee7aabbcb3ecffe025dea5c 7849c77289d7205ea5d2fa6b5155785ece34eaba23c6e93210cd125105ea610a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 185.158.3.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 01 May 2024 21:35:45 GMT
content-type: text/html
transfer-encoding: chunked
last-modified: Thu, 06 Aug 2020 14:44:12 GMT
etag: W/"5c49e6c06cd61:0"
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
content-encoding: gzip
|
| 185.158.3.161/Access%20forbidden!_files/app.js | 185.158.3.161 | 404 Not Found | 688 B |
URL GET HTTP/1.1185.158.3.161/Access%20forbidden!_files/app.js IP185.158.3.161:80
File typeHTML document, ASCII text, with CRLF line terminators Hash5343c1a8b203c162a3bf3870d9f50fd4 04b5b886c20d88b57eea6d8ff882624a4ac1e51d dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /Access%20forbidden!_files/app.js HTTP/1.1
Host: 185.158.3.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://185.158.3.161/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
server: nginx/1.14.0 (Ubuntu)
date: Wed, 01 May 2024 21:35:45 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
|
| 185.158.3.161/favicon.ico | 185.158.3.161 | 200 OK | 15 kB |
URL GET HTTP/1.1185.158.3.161/favicon.ico IP185.158.3.161:80
File typeMS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashba38425de10bd8d4951f80aa1cae120c 90280eaf4e29621233ae0ba621a2248767c6231c 1209bb5895805b4bef4896369c4e3e3dbb886ee400c6622f31a0071c27f4abb1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 185.158.3.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://185.158.3.161/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 01 May 2024 21:35:45 GMT
content-type: image/x-icon
content-length: 15406
last-modified: Fri, 06 Jan 2023 19:37:54 GMT
accept-ranges: bytes
etag: "652a625f622d91:0"
x-content-type-options: nosniff
strict-transport-security: max-age=15768000; includeSubDomains; preload;
|