IP216.58.207.193:0
File typeHTML document, ASCII text Hash8d4995e674f3cd84150561d0a354ae66 55af4b95ff2aafc6fff8cb0abe85e91249b77ada 437fed9c7972d0fe92306bb9ed7a4225dbcdc0fdf540c96d9d42fe272e0b01d3
GET / HTTP/1.1
Host: aiu7g.blogspot.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://aiu7g.blogspot.com/
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Thu, 25 Apr 2024 02:24:12 GMT
expires: Thu, 25 Apr 2024 02:24:12 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 196
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
URL User Request GET HTTP/2IP216.58.207.193:443
CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com FingerprintE8:F4:4F:CE:D1:E0:7B:C8:CD:18:45:AA:90:5A:35:8B:D5:CF:66:6B ValidityMon, 18 Mar 2024 20:01:08 GMT - Mon, 10 Jun 2024 20:01:07 GMT
File typeHTML document, ASCII text, with very long lines (7139) Hash6f1216b8811ca806f76762f3a97697ab 4a72ca172a0ab5462aaea972aa687e71bff2919d 545b490041f6b0eaa69ee5ba5772a947d6922bfe04fd52d24a87585c6021a730
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: aiu7g.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Thu, 25 Apr 2024 02:24:12 GMT
date: Thu, 25 Apr 2024 02:24:12 GMT
cache-control: private, max-age=0
last-modified: Wed, 13 Mar 2024 01:32:00 GMT
etag: W/"ca976874269307a2a42237c1bf381f58f4f6d5c7c3c7352f4a087bc989e6453d"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 14975
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
IP162.255.119.48:0
File typeHTML document, ASCII text Hash7cc909b879ce3d62c3ebdfe81f6932cf d4505fc1140ee6e758424b2d341a4148aa49b5da 65bea7527fbfa227ce2fe11023aa58bfa92798fe40aa0cbe5d253a7758d73dc0
Analyzer | Verdict | Alert | OpenPhish | phishing | Generic/Spear Phishing |
GET / HTTP/1.1
Host: candymtch.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 25 Apr 2024 02:24:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 76
Connection: keep-alive
Location: https://sites.google.com/view/a4qm5dpkdtsbc2pysmu9nwf
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx
|