Report - slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

Report Overview

Submitted URL
slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
IP
192.64.151.240
ASN
#399522 TP
Submitted
2023-06-03 03:56:42
Access
public
Website Title
Final URL
Tags
dyndns
urlquery detections
Suspicious - DynDNS domain

Detections

urlquery
15
Network Intrusion Detection
28
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-06-02	429 B	87 kB	142.250.74.40
computer.com	unknown	1994-08-11	2013-01-31	2023-06-02	1.4 kB	27 kB	192.64.151.249
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-06-02	972 B	2.2 MB	216.58.211.3
c.parkingcrew.net	70582	2011-01-24	2017-01-29	2023-06-02	333 B	1.0 kB	185.53.178.30
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-02	3.0 kB	6.3 kB	142.250.74.131
d38psrni17bvxu.cloudfront.net	unknown	2008-04-25	2022-09-22	2023-06-02	398 B	12 kB	54.230.245.138
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2023-06-02	969 B	2.2 kB	216.58.211.1
chatbox.computer.com	unknown	1994-08-11	2023-06-01	2023-06-01	4.5 kB	2.4 MB	192.64.151.249
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-03	476 B	92 kB	216.58.207.227
slypes.slyip.com	unknown	2001-02-15	2015-05-26	2023-06-03	6.1 kB	574 kB	192.64.151.240
www.google.com	7	1997-09-15	2015-05-10	2023-06-02	2.3 kB	113 kB	216.58.211.4

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-03 03:56:19	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:19	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:20	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:21	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:21	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:21	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:21	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:21	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:21	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:21	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:22	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:22	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:22	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain
2023-06-03 03:56:23	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.slyip.com Domain
2023-06-03 03:56:23	medium	Client IP	192.64.151.240	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	computer.com/js/script.js	1.3 kB	2023-03-07	2024-05-03
Pretty URL computer.com/js/script.js IP 192.64.151.249 ASN #399522 TP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:51 Last Seen2024-05-03 18:35:49 Times Seen1584 Hash 8210a7fad4cf5a22ec34f49fd6cfa0a4 46cae8011201b868af95b9d91a76839a2ac51a18 ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	473 B	2023-06-01	2024-04-27
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 04:32:48 Last Seen2024-04-27 07:36:37 Times Seen81 Hash eaa7f79b1302e8655e76509cd09e0107 b0cbc56b1f0f9279b69c1bfbaf6bd863720bbd25 b5306fb2e433014af302242ec2248fc33b17ebe2bafac66734938eff5cd0bea5 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-06-01	2023-06-07
Pretty URL www.google.com/adsense/domains/caf.js IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 20:59:00 Last Seen2023-06-07 14:48:02 Times Seen373 Hash ad339a3899f3639c08af311536e1338b c93f98908ab15448437fd453d993135c0723dfd8 ea9f3cca9585ab7907db23208c0955ba9b3a787a5baef2898a3873564ae4fb14 Loading...

	chatbox.computer.com/	0 B	2023-03-07	2024-05-04
Pretty URL chatbox.computer.com/ IP 192.64.151.249 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-04 13:08:26 Times Seen37336118 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	9 B	2023-06-01	2024-04-27
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-06-01 04:32:48 Last Seen2024-04-27 07:36:37 Times Seen81 Hash 1ac2e364ef4640e0d5df08d16d0b552e c67984c9dd98fe1e67397867d9df542b3c6916cf 37d9e745acf681d0c18936f65fa3c7b485b58e3f96e65c35e9195a25a2f389eb Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	968 B	2023-03-08	2024-05-04
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:24:08 Last Seen2024-05-04 12:33:05 Times Seen27860 Hash c77554570ae0fa8e4fb31747dc213058 e989fbde07e6a68975c7a31e1d4df76afd90b96f c3f831fe1717c6d76a8950ac5e7dc88ceee7440d079b11584be5c6c5b3269e77 Loading...

	chatbox.computer.com/flutter.js	15 kB	2023-05-16	2024-04-27
Pretty URL chatbox.computer.com/flutter.js IP 192.64.151.249 ASN #399522 TP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-16 05:41:40 Last Seen2024-04-27 21:54:43 Times Seen2375 Hash 6b515e434cea20006b3ef1726d2c8894 65e782370bc35a4f5e37922f12debfae61eff946 ebef4683c7634467e3e792e993cd8e28d44940d4299dd8f3f8ce8ea3c1f20b67 Loading...

	c.parkingcrew.net/scripts/sale_form.js	761 B	2023-03-07	2024-05-04
Pretty URL c.parkingcrew.net/scripts/sale_form.js IP 185.53.178.30 ASN #19905 NEUSTAR-AS6 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:27 Last Seen2024-05-04 08:19:14 Times Seen10995 Hash 64f809e06446647e192fce8d1ec34e09 5b7ced07da42e205067afa88615317a277a4a82c f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3 Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	641 B	2023-06-03	2023-06-03
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-03 05:56:44 Last Seen2023-06-03 05:56:44 Times Seen1 Hash 71084bfcefe6b6ad735aeb5bc399d0ee a2df783c60fa8a7a5ea438d9dc8ca74855af7758 4f024e246c085adfb6d287bdf4e4393a7d2914c05c614ae1c28a836f24fc133d Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	246 B	2023-06-03	2023-06-03
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-03 05:56:44 Last Seen2023-06-03 05:56:44 Times Seen1 Hash 3d3c04696a721197c63d8e68a55cf9a6 7c25354d2e0c61ac62999fb285e493ec2aaaa972 d4505462f0fc0f8f0b86728eee9371b13f0220133482c0628ad51f7a551591f8 Loading...

	chatbox.computer.com/main.dart.js	2.3 MB	2023-06-01	2023-06-21
Pretty URL chatbox.computer.com/main.dart.js IP 192.64.151.249 ASN #399522 TP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 04:32:48 Last Seen2023-06-21 18:17:43 Times Seen21 Hash 0701741fa2889197450b6e1ac5b1cd60 57b084a87d4ae4a38169e8f174abd9ace32d7b8f dff7ee81aaa264b5f9df1840da5eba740d8a6b01c30db9b3ddf04410a08a9135 Loading...

	www.google.com/adsense/domains/caf.js?abp=1	148 kB	2023-06-01	2023-06-07
Pretty URL www.google.com/adsense/domains/caf.js?abp=1 IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 20:52:33 Last Seen2023-06-07 14:57:58 Times Seen638 Hash 5401e13d81da95d067dd121f898a4fe5 d019cd5aea5ff8ee3bc8e64bc94c2dd46911c527 d5472a121d9858b8889a3003195d55b8cbe142caa65c5a390da6adc1b84ab631 Loading...

	slypes.slyip.com/public/ajax/libs/jquery/3.7.0/jquery.min.js	88 kB	2023-05-12	2024-05-04
Pretty URL slypes.slyip.com/public/ajax/libs/jquery/3.7.0/jquery.min.js IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-12 23:07:48 Last Seen2024-05-04 11:22:36 Times Seen6589 Hash e6c2415c0ace414e5153670314ce99a9 5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6 d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8 Loading...

	chatbox.computer.com/	0 B	2023-03-07	2024-05-04
Pretty URL chatbox.computer.com/ IP 192.64.151.249 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-04 13:08:26 Times Seen37336118 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	7.0 kB	2023-03-13	2024-01-03
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 06:10:31 Last Seen2024-01-03 14:22:39 Times Seen25920 Hash 04b2b624f94797c26d17a57f399d9356 3143986e839c47a5c1eff03bd9df63ecc54dca9c 233b1cbfb295a0629bcf68a2a4198a62132f02ee1f061ada2ce7143bd5d2dabb Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	1.1 kB	2023-06-03	2023-06-03
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-03 05:56:44 Last Seen2023-06-03 05:56:44 Times Seen1 Hash 1ac49ed61b6f0ddaac2402e122ca2c6d 2b32d99051db9795c09dcc4ca8f1f94046c45d52 3bb33b7252639d0782b910e2e879605ed248522205c4ea936ae4c10a450b047f Loading...

	slypes.slyip.com/public/bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-05-04
Pretty URL slypes.slyip.com/public/bootstrap/3.3.7/js/bootstrap.min.js IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-04 13:03:02 Times Seen55209 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	slypes.slyip.com/public/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js	255 kB	2023-03-07	2024-05-04
Pretty URL slypes.slyip.com/public/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:39:57 Last Seen2024-05-04 01:34:07 Times Seen3792 Hash 1e2047978946a1d271356d0b557a84a3 5f29a324c8affb1fdb26ad4564b1e044372beed2 9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	20 B	2023-03-12	2024-01-03
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 13:00:05 Last Seen2024-01-03 14:22:39 Times Seen13851 Hash bb9472ed191ad69435d630c50e139a17 4efa10c70dbfe37ec4c8bb5a04b907c549de7e3d eec645c8d410f4d6accc5c4c3326bbff80fdd9d105e423ad50c5c87b22845492 Loading...

	slypes.slyip.com/public/npm/@rwap/jquery-ui-touch-punch@1.0.11/jquery.ui.touch-punch.min.js	2.8 kB	2023-06-01	2024-04-27
Pretty URL slypes.slyip.com/public/npm/@rwap/jquery-ui-touch-punch@1.0.11/jquery.ui.touch-punch.min.js IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 04:32:48 Last Seen2024-04-27 07:36:38 Times Seen167 Hash d78ec54003324d4ee10cf2cf22fc7c7e b64b3d9c991384533dc97b6a88ff1d8bc179cbc4 ac47c332d3055f634a100a799ad11e559d5b23189dd79a9b800d18f1797d074c Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	65 B	2023-03-12	2023-12-22
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 13:54:46 Last Seen2023-12-22 08:54:59 Times Seen176 Hash 0c688c4e83950712221f558ff47cab2c ec121192f6c5f3156700e5cc8edf06893d671745 e62d3f0e8737eef57aee6ba8425adc59db65936946da164398ecd6bdc588c859 Loading...

	chatbox.computer.com/	0 B	2023-03-07	2024-05-04
Pretty URL chatbox.computer.com/ IP 192.64.151.249 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-04 13:08:26 Times Seen37336118 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	472 B	2023-03-13	2024-01-03
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 06:13:46 Last Seen2024-01-03 14:22:39 Times Seen25251 Hash d31eefc1e54bdae9204297e4ae5b9cce fc49bf319586a623670a81c01d43bbd93b477fbb 2683a6247a15433dd269eaefbc7131b1326c7bc0146361913ea10ad8fa23bb14 Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	669 B	2023-06-03	2023-06-03
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-03 05:56:44 Last Seen2023-06-03 05:56:44 Times Seen1 Hash 9c7db9ce0dbc3ca1cbd4afe59073d2b8 e7686873c36f5f75db6974747e3561bcf1ab1e31 fe93bc0f9285b38a63300a1294778c9380624c49dc03ad5e1d2f4b9ff389e913 Loading...

	www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000002%2C000003%2C002392%2Cbucket102&client=dp-teaminternet07_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.slyip.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdhYjllNGU4MGFmfHx8MTY4NTc2NDU4MC45NzN8YTdjYWU3ODExYjgxMGMzOGVlZGJiNDZiMTczZmY2NzE3ZTc0NGI0Ynx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDllOWVmNTgyOGE3ZjBlMDI1MTRjYmQ3MmY3MGFiYmY0NzMzODZmZWR8MHxkcC10ZWFtaW50ZXJuZXQwN18zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3%7Cs&nocache=4611685764581715&num=0&output=afd_ads&domain_name=slypes.slyip.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685764581716&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=745&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fslypes.slyip.com%2FICS%2Fcompte%2Fpaiement1%2Ffacture1%2F03-333389648%2F087ee28a64db41f2acb0901a91e10d0a%2F&adbw=master-1%3A530	7.1 kB	2023-06-03	2023-06-03
Pretty URL www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000002%2C000003%2C002392%2Cbucket102&client=dp-teaminternet07_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.slyip.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdhYjllNGU4MGFmfHx8MTY4NTc2NDU4MC45NzN8YTdjYWU3ODExYjgxMGMzOGVlZGJiNDZiMTczZmY2NzE3ZTc0NGI0Ynx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDllOWVmNTgyOGE3ZjBlMDI1MTRjYmQ3MmY3MGFiYmY0NzMzODZmZWR8MHxkcC10ZWFtaW50ZXJuZXQwN18zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3%7Cs&nocache=4611685764581715&num=0&output=afd_ads&domain_name=slypes.slyip.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685764581716&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=745&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fslypes.slyip.com%2FICS%2Fcompte%2Fpaiement1%2Ffacture1%2F03-333389648%2F087ee28a64db41f2acb0901a91e10d0a%2F&adbw=master-1%3A530 IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-03 05:56:44 Last Seen2023-06-03 05:56:44 Times Seen1 Hash ccec8999f08dc56cfafbc12cc53e19b5 69ad6becfcd0167bf75790c065ea911f4ab36a91 aa637ab660b6e929400366587ed04703f204391ef3c6a79cc3b2d7c33333e210 Loading...

	chatbox.computer.com/	0 B	2023-03-07	2024-05-04
Pretty URL chatbox.computer.com/ IP 192.64.151.249 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-04 13:08:26 Times Seen37336118 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-V90D3SRJGW	253 kB	2023-06-03	2023-06-03
Pretty URL www.googletagmanager.com/gtag/js?id=G-V90D3SRJGW IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-03 05:56:44 Last Seen2023-06-03 05:56:45 Times Seen2 Hash c1b5b3fd676cde5c6bcaef9492a84c48 0fc7d9c40bb5d4fca27c0b4e34fd40730fb30da8 ff686540621c84c21048e8d3c61f9b4c829e6143b691d49c8342cd4b35c39ea3 Loading...

	slypes.slyip.com/public/ajax/libs/eModal/1.2.69/eModal.min.js	6.1 kB	2023-03-14	2024-04-27
Pretty URL slypes.slyip.com/public/ajax/libs/eModal/1.2.69/eModal.min.js IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 04:32:38 Last Seen2024-04-27 07:36:38 Times Seen164 Hash 12dc1e020fcb41cea5346e7da0c6d1d9 526ecaabf13a9db6372fb32dd4e8b242be390902 2048951eab7e2fef25c5ff1a027565df6276127847e3940d3687b1491d4236d7 Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	40 B	2023-04-18	2023-06-27
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-18 09:10:37 Last Seen2023-06-27 14:44:07 Times Seen10821 Hash bcdb5f35f5da29644017c63a72a72921 5bd1c81154b546c01c88b02fdb29b687f0c9cef3 a71d2bc0274b66fc2cb2c8daf1bf8b8a6a4cbfd5bd1e30574e9abb61aa9c3983 Loading...

	slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/	71 B	2023-03-08	2024-01-04
Pretty URL slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ IP 192.64.151.240 ASN #399522 TP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:23:53 Last Seen2024-01-04 08:38:22 Times Seen25410 Hash 1a5a5e1b6a26f57b95e3dd42f60612f4 b62a27e55a59b49084e682bd3c1588f6a40881ab 4066da16910907c7962da8e7011bf0cd62b6f2dcddb1911e3ea2de03ce3e1dc7 Loading...

	www.gstatic.com/flutter-canvaskit/d44b5a94c976fbb65815374f61ab5392a220b084/canvaskit.js	96 kB	2023-05-16	2024-04-27
Pretty URL www.gstatic.com/flutter-canvaskit/d44b5a94c976fbb65815374f61ab5392a220b084/canvaskit.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-16 05:41:40 Last Seen2024-04-27 07:36:38 Times Seen2113 Hash 76f7d822f42397160c5dfc69cbc9b2de a7739ae575812316ab0924225becfa3941f5b3da 86c5d12e43e93359933fbe2f8575d2bfd1ee595aa581b6111943de2d77975e31 Loading...

HTTP Transactions (47)

URL IP Response Size

slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

192.64.151.240

8.0 kB

URL User Request GET
slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
IP
192.64.151.240:0
ASN
#399522 TP

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1155)
Size
8.0 kB (8022 bytes)
Hash
268c9d967e26f185408da094755a9322
8547645a8139a261c57897910ac7103f1bc315cb
b2a9fea9f18207a201f6e82b1bb261cc63f3d3c66e3264b7607d0ed2ddeb21f3

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/ HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_noDIUay9ELcz8R4zOJUR9bi0w+yFxf4d6pXgg51FEj7Jq8TZ8xV9IumTVCHWzjmqyue1buVd4ZmeYowLkWJlUA==
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: slyip.com
X-Subdomain: www1
Content-Encoding: gzip

www.google.com/adsense/domains/caf.js?abp=1

216.58.211.4

200 OK

54 kB

URL GET HTTP/1.1
www.google.com/adsense/domains/caf.js?abp=1
IP
216.58.211.4:80
ASN
#15169 GOOGLE

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
ASCII text, with very long lines (2125)
Size
54 kB (53985 bytes)
Hash
5401e13d81da95d067dd121f898a4fe5
d019cd5aea5ff8ee3bc8e64bc94c2dd46911c527
d5472a121d9858b8889a3003195d55b8cbe142caa65c5a390da6adc1b84ab631

HTTP Headers

GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Sat, 03 Jun 2023 03:56:21 GMT
Expires: Sat, 03 Jun 2023 03:56:21 GMT
Cache-Control: private, max-age=3600
ETag: "7507535832772147841"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

c.parkingcrew.net/scripts/sale_form.js

185.53.178.30

200 OK

761 B

URL GET HTTP/1.1
c.parkingcrew.net/scripts/sale_form.js
IP
185.53.178.30:80
ASN
#19905 NEUSTAR-AS6

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
ASCII text
Size
761 B (761 bytes)
Hash
64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

HTTP Headers

GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Jun 2023 03:56:21 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes

slypes.slyip.com/public/npm/@rwap/jquery-ui-touch-punch@1.0.11/jquery.ui.touch-punch.min.js

192.64.151.240

200 OK

2.8 kB

URL GET HTTP/1.1
slypes.slyip.com/public/npm/@rwap/jquery-ui-touch-punch@1.0.11/jquery.ui.touch-punch.min.js
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
Unicode text, UTF-8 text, with very long lines (1897)
Size
2.8 kB (2781 bytes)
Hash
d78ec54003324d4ee10cf2cf22fc7c7e
b64b3d9c991384533dc97b6a88ff1d8bc179cbc4
ac47c332d3055f634a100a799ad11e559d5b23189dd79a9b800d18f1797d074c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /public/npm/@rwap/jquery-ui-touch-punch@1.0.11/jquery.ui.touch-punch.min.js HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:21 GMT
Content-Type: application/javascript
Content-Length: 2781
Connection: keep-alive
Last-Modified: Fri, 26 May 2023 09:14:47 GMT
ETag: "64707887-add"
Accept-Ranges: bytes

slypes.slyip.com/public/ajax/libs/eModal/1.2.69/eModal.min.js

192.64.151.240

200 OK

6.1 kB

URL GET HTTP/1.1
slypes.slyip.com/public/ajax/libs/eModal/1.2.69/eModal.min.js
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
ASCII text, with very long lines (6145), with no line terminators
Size
6.1 kB (6145 bytes)
Hash
12dc1e020fcb41cea5346e7da0c6d1d9
526ecaabf13a9db6372fb32dd4e8b242be390902
2048951eab7e2fef25c5ff1a027565df6276127847e3940d3687b1491d4236d7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /public/ajax/libs/eModal/1.2.69/eModal.min.js HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:21 GMT
Content-Type: application/javascript
Content-Length: 6145
Connection: keep-alive
Last-Modified: Mon, 04 May 2020 16:09:34 GMT
ETag: "5eb03e3e-1801"
Accept-Ranges: bytes

slypes.slyip.com/public/bootstrap/3.3.7/css/bootstrap.min.css

192.64.151.240

200 OK

121 kB

URL GET HTTP/1.1
slypes.slyip.com/public/bootstrap/3.3.7/css/bootstrap.min.css
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
ASCII text, with very long lines (65371)
Size
121 kB (121200 bytes)
Hash
ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /public/bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:21 GMT
Content-Type: text/css
Content-Length: 121200
Connection: keep-alive
Last-Modified: Mon, 25 Jan 2021 22:03:59 GMT
ETag: "600f404f-1d970"
Accept-Ranges: bytes

slypes.slyip.com/public/ajax/libs/jqueryui/1.13.2/themes/base/jquery-ui.min.css

192.64.151.240

200 OK

31 kB

URL GET HTTP/1.1
slypes.slyip.com/public/ajax/libs/jqueryui/1.13.2/themes/base/jquery-ui.min.css
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
ASCII text, with very long lines (29189)
Size
31 kB (30778 bytes)
Hash
938109d2b5f9778c8d9eec5884ed0a64
7f6c4397d33a9a268d80e26b9336c7d6a35c99ab
54dc71796bfbf1f069559ddc33c2e8992efec541f621797a849d442a69822696

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /public/ajax/libs/jqueryui/1.13.2/themes/base/jquery-ui.min.css HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:21 GMT
Content-Type: text/css
Content-Length: 30778
Connection: keep-alive
Last-Modified: Fri, 29 Jul 2022 20:40:53 GMT
ETag: "62e445d5-783a"
Accept-Ranges: bytes

slypes.slyip.com/public/ajax/libs/jquery/3.7.0/jquery.min.js

192.64.151.240

200 OK

88 kB

URL GET HTTP/1.1
slypes.slyip.com/public/ajax/libs/jquery/3.7.0/jquery.min.js
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
ASCII text, with very long lines (65447)
Size
88 kB (87462 bytes)
Hash
e6c2415c0ace414e5153670314ce99a9
5a9eeac34d86e92e5660e0f4f87204f1ed0c8ff6
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /public/ajax/libs/jquery/3.7.0/jquery.min.js HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:21 GMT
Content-Type: application/javascript
Content-Length: 87462
Connection: keep-alive
Last-Modified: Fri, 12 May 2023 02:05:12 GMT
ETag: "645d9ed8-155a6"
Accept-Ranges: bytes

slypes.slyip.com/public/bootstrap/3.3.7/js/bootstrap.min.js

192.64.151.240

200 OK

37 kB

URL GET HTTP/1.1
slypes.slyip.com/public/bootstrap/3.3.7/js/bootstrap.min.js
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
ASCII text, with very long lines (32033)
Size
37 kB (37045 bytes)
Hash
5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /public/bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:21 GMT
Content-Type: application/javascript
Content-Length: 37045
Connection: keep-alive
Last-Modified: Mon, 25 Jan 2021 22:04:00 GMT
ETag: "600f4050-90b5"
Accept-Ranges: bytes

slypes.slyip.com/public/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js

192.64.151.240

200 OK

255 kB

URL GET HTTP/1.1
slypes.slyip.com/public/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
Unicode text, UTF-8 text, with very long lines (64399)
Size
255 kB (255084 bytes)
Hash
1e2047978946a1d271356d0b557a84a3
5f29a324c8affb1fdb26ad4564b1e044372beed2
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /public/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:21 GMT
Content-Type: application/javascript
Content-Length: 255084
Connection: keep-alive
Last-Modified: Fri, 29 Jul 2022 20:40:53 GMT
ETag: "62e445d5-3e46c"
Accept-Ranges: bytes

slypes.slyip.com/public/logo.png

192.64.151.240

200 OK

13 kB

URL GET HTTP/1.1
slypes.slyip.com/public/logo.png
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
PNG image data, 538 x 200, 8-bit colormap, non-interlaced\012- data
Size
13 kB (13362 bytes)
Hash
c931fb8a8e9c937c0f1433951b5e1a47
bc208dd546c4c7e98eac68c76f38d93db2e9d682
36e6a3b08aa6e94c1ae6a729d9e0d7b9a500c5e38369b987cf15ec49990304c8

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /public/logo.png HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:21 GMT
Content-Type: image/png
Content-Length: 13362
Connection: keep-alive
Last-Modified: Fri, 26 May 2023 09:39:11 GMT
ETag: "64707e3f-3432"
Accept-Ranges: bytes

slypes.slyip.com/track.php?domain=slyip.com&toggle=browserjs&uid=MTY4NTc2NDU4MC45NTA1OmUwYTQ5Y2E3NDg3NTZmMDg1M2E0MTMyNTZhYjBiMzdiYmI5ODFmYWI3Mzk4NmM4NjY2N2FlMGE3NzVlMmI4M2Q6NjQ3YWI5ZTRlODBkNw%3D%3D

192.64.151.240

200 OK

20 B

URL GET HTTP/1.1
slypes.slyip.com/track.php?domain=slyip.com&toggle=browserjs&uid=MTY4NTc2NDU4MC45NTA1OmUwYTQ5Y2E3NDg3NTZmMDg1M2E0MTMyNTZhYjBiMzdiYmI5ODFmYWI3Mzk4NmM4NjY2N2FlMGE3NzVlMmI4M2Q6NjQ3YWI5ZTRlODBkNw%3D%3D
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /track.php?domain=slyip.com&toggle=browserjs&uid=MTY4NTc2NDU4MC45NTA1OmUwYTQ5Y2E3NDg3NTZmMDg1M2E0MTMyNTZhYjBiMzdiYmI5ODFmYWI3Mzk4NmM4NjY2N2FlMGE3NzVlMmI4M2Q6NjQ3YWI5ZTRlODBkNw%3D%3D HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
89cf78789180bd118e9b97dad5ed4053
820d2363f5e826f226de0eb9ad170cb135e1b1fd
3effb60c74b1b0e55a5bddd1aa2d3daae71e18e14f273e38cc57db481cc7d04c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 03:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png

54.230.245.138

200 OK

11 kB

URL GET HTTP/1.1
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP
54.230.245.138:80
ASN
#16509 AMAZON-02

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Size
11 kB (11375 bytes)
Hash
0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865

HTTP Headers

GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Sat, 03 Jun 2023 01:25:06 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vap6pKfEAuPAlfBcN1wNGJHRo5LpTVZ8y0Flx2VKBqRnh_QNIjLADA==
Age: 9076

www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000002%2C000003%2C002392%2Cbucket102&client=dp-teaminternet07_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.slyip.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdhYjllNGU4MGFmfHx8MTY4NTc2NDU4MC45NzN8YTdjYWU3ODExYjgxMGMzOGVlZGJiNDZiMTczZmY2NzE3ZTc0NGI0Ynx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDllOWVmNTgyOGE3ZjBlMDI1MTRjYmQ3MmY3MGFiYmY0NzMzODZmZWR8MHxkcC10ZWFtaW50ZXJuZXQwN18zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3%7Cs&nocache=4611685764581715&num=0&output=afd_ads&domain_name=slypes.slyip.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685764581716&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=745&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fslypes.slyip.com%2FICS%2Fcompte%2Fpaiement1%2Ffacture1%2F03-333389648%2F087ee28a64db41f2acb0901a91e10d0a%2F&adbw=master-1%3A530

216.58.211.4

200 OK

2.5 kB

URL GET HTTP/2
www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000002%2C000003%2C002392%2Cbucket102&client=dp-teaminternet07_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.slyip.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdhYjllNGU4MGFmfHx8MTY4NTc2NDU4MC45NzN8YTdjYWU3ODExYjgxMGMzOGVlZGJiNDZiMTczZmY2NzE3ZTc0NGI0Ynx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDllOWVmNTgyOGE3ZjBlMDI1MTRjYmQ3MmY3MGFiYmY0NzMzODZmZWR8MHxkcC10ZWFtaW50ZXJuZXQwN18zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3%7Cs&nocache=4611685764581715&num=0&output=afd_ads&domain_name=slypes.slyip.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685764581716&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=745&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fslypes.slyip.com%2FICS%2Fcompte%2Fpaiement1%2Ffacture1%2F03-333389648%2F087ee28a64db41f2acb0901a91e10d0a%2F&adbw=master-1%3A530
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E
ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6260)
Size
2.5 kB (2521 bytes)
Hash
df9e994bedd39541578480f531e7df9b
1ae339f40676c1ac5362e9184edb33bd43c96076
6d52fee508c887c0a7e4ee5f1a0c1d5c4ec7c84e4e5e3d84c7d4ec5ef577b8d0

HTTP Headers

GET /afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000002%2C000003%2C002392%2Cbucket102&client=dp-teaminternet07_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.slyip.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdhYjllNGU4MGFmfHx8MTY4NTc2NDU4MC45NzN8YTdjYWU3ODExYjgxMGMzOGVlZGJiNDZiMTczZmY2NzE3ZTc0NGI0Ynx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDllOWVmNTgyOGE3ZjBlMDI1MTRjYmQ3MmY3MGFiYmY0NzMzODZmZWR8MHxkcC10ZWFtaW50ZXJuZXQwN18zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3%7Cs&nocache=4611685764581715&num=0&output=afd_ads&domain_name=slypes.slyip.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685764581716&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=745&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fslypes.slyip.com%2FICS%2Fcompte%2Fpaiement1%2Ffacture1%2F03-333389648%2F087ee28a64db41f2acb0901a91e10d0a%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 03 Jun 2023 03:56:22 GMT
expires: Sat, 03 Jun 2023 03:56:22 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-qQRVdgLBigOgC07k37MlhA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2521
x-xss-protection: 0
set-cookie: CONSENT=PENDING+798; expires=Mon, 02-Jun-2025 03:56:22 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

slypes.slyip.com/favicon.ico

192.64.151.240

200 OK

0 B

URL GET HTTP/1.1
slypes.slyip.com/favicon.ico
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:22 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Last-Modified: Fri, 26 May 2023 22:59:27 GMT
ETag: "647139cf-0"
Accept-Ranges: bytes

slypes.slyip.com/ls.php?t=647ab9e4&token=9e9ef5828a7f0e02514cbd72f70abbf473386fed

192.64.151.240

201 Created

16 B

URL GET HTTP/1.1
slypes.slyip.com/ls.php?t=647ab9e4&token=9e9ef5828a7f0e02514cbd72f70abbf473386fed
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
7363e85fe9edee6f053a4b319588c086
a15e2127145548437173fc17f3e980e3f3dee2d0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /ls.php?t=647ab9e4&token=9e9ef5828a7f0e02514cbd72f70abbf473386fed HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 201 Created
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:22 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Charset: utf-8
Access-Control-Allow-Origin: 
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_C5TuU5kOrX8RmegBa8x287qfVaRW+Tgsd3qgfv+zK84lkeyN9J5O8QCwwImGsSs1rKEwhCVBhI55flU00xUW4A==

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fb4f137ffaa414632ee6d79358ca7663
738174c00230645a31d26ab956eaed98f1c7eb44
8820e77977fcf5b5ff317aa91f5792369e4241204d3b2e8cc41a3cfa8e4b476d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 03:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8d565a8ed959d361e2e2516102a05b61
e1798024b095dc140c828faa0e6d922761b58a99
d47f90b7f6724090ba060ef463fe52edf70d150cb1cbee61ee19b88145bd948b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 03:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/adsense/domains/caf.js

216.58.211.4

200 OK

54 kB

URL GET HTTP/3
www.google.com/adsense/domains/caf.js
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000002%2C000003%2C002392%2Cbucket102&client=dp-teaminternet07_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.slyip.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdhYjllNGU4MGFmfHx8MTY4NTc2NDU4MC45NzN8YTdjYWU3ODExYjgxMGMzOGVlZGJiNDZiMTczZmY2NzE3ZTc0NGI0Ynx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDllOWVmNTgyOGE3ZjBlMDI1MTRjYmQ3MmY3MGFiYmY0NzMzODZmZWR8MHxkcC10ZWFtaW50ZXJuZXQwN18zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3%7Cs&nocache=4611685764581715&num=0&output=afd_ads&domain_name=slypes.slyip.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685764581716&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=745&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fslypes.slyip.com%2FICS%2Fcompte%2Fpaiement1%2Ffacture1%2F03-333389648%2F087ee28a64db41f2acb0901a91e10d0a%2F&adbw=master-1%3A530
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type
ASCII text, with very long lines (2125)
Size
54 kB (54245 bytes)
Hash
043579bc29a88fc01afe2ac446df9354
2737f0375d7a44925411e7fc75548dc316b57ebe
fee0dda11e33ccd9bfb53747a71e8cb5f4c63ae0c5bee99b3fd321b7c938e769

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 03 Jun 2023 03:56:22 GMT
expires: Sat, 03 Jun 2023 03:56:22 GMT
cache-control: private, max-age=3600
etag: "11154051082458416406"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8d565a8ed959d361e2e2516102a05b61
e1798024b095dc140c828faa0e6d922761b58a99
d47f90b7f6724090ba060ef463fe52edf70d150cb1cbee61ee19b88145bd948b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 03:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

216.58.211.1

200 OK

174 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
216.58.211.1:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000002%2C000003%2C002392%2Cbucket102&client=dp-teaminternet07_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.slyip.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdhYjllNGU4MGFmfHx8MTY4NTc2NDU4MC45NzN8YTdjYWU3ODExYjgxMGMzOGVlZGJiNDZiMTczZmY2NzE3ZTc0NGI0Ynx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDllOWVmNTgyOGE3ZjBlMDI1MTRjYmQ3MmY3MGFiYmY0NzMzODZmZWR8MHxkcC10ZWFtaW50ZXJuZXQwN18zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3%7Cs&nocache=4611685764581715&num=0&output=afd_ads&domain_name=slypes.slyip.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685764581716&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=745&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fslypes.slyip.com%2FICS%2Fcompte%2Fpaiement1%2Ffacture1%2F03-333389648%2F087ee28a64db41f2acb0901a91e10d0a%2F&adbw=master-1%3A530
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintAC:83:32:AA:E9:4D:2F:A2:F2:C9:F0:F3:7B:98:49:1B:5B:DE:7E:44
ValidityFri, 19 May 2023 12:57:31 GMT - Fri, 11 Aug 2023 12:57:30 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
174 B (174 bytes)
Hash
11b3089d616633ca6b73b57aa877eeb4
07632f63e06b30d9b63c97177d3a8122629bda9b
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 02 Jun 2023 11:22:37 GMT
expires: Sat, 03 Jun 2023 10:22:37 GMT
cache-control: public, max-age=82800
age: 59625
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8d565a8ed959d361e2e2516102a05b61
e1798024b095dc140c828faa0e6d922761b58a99
d47f90b7f6724090ba060ef463fe52edf70d150cb1cbee61ee19b88145bd948b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 03:56:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

slypes.slyip.com/track.php?domain=slyip.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4NTc2NDU4MC45NTA1OmUwYTQ5Y2E3NDg3NTZmMDg1M2E0MTMyNTZhYjBiMzdiYmI5ODFmYWI3Mzk4NmM4NjY2N2FlMGE3NzVlMmI4M2Q6NjQ3YWI5ZTRlODBkNw%3D%3D

192.64.151.240

200 OK

20 B

URL GET HTTP/1.1
slypes.slyip.com/track.php?domain=slyip.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4NTc2NDU4MC45NTA1OmUwYTQ5Y2E3NDg3NTZmMDg1M2E0MTMyNTZhYjBiMzdiYmI5ODFmYWI3Mzk4NmM4NjY2N2FlMGE3NzVlMmI4M2Q6NjQ3YWI5ZTRlODBkNw%3D%3D
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
gzip compressed data, max speed, from Unix\012- data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /track.php?domain=slyip.com&caf=1&toggle=answercheck&answer=yes&uid=MTY4NTc2NDU4MC45NTA1OmUwYTQ5Y2E3NDg3NTZmMDg1M2E0MTMyNTZhYjBiMzdiYmI5ODFmYWI3Mzk4NmM4NjY2N2FlMGE3NzVlMmI4M2Q6NjQ3YWI5ZTRlODBkNw%3D%3D HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: answercheck
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0c2c7b69894efc120cd8bab945a227b2
11800be962b5b0cf260591d3c55113d217cbfa3b
61fdd82d5869d4eb3e250031c6a63be89e282cfdc50e3a7f04de1e6ba17044f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 03:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-V90D3SRJGW

142.250.74.40

200 OK

86 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-V90D3SRJGW
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://chatbox.computer.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type
ASCII text, with very long lines (4537)
Size
86 kB (86268 bytes)
Hash
c1b5b3fd676cde5c6bcaef9492a84c48
0fc7d9c40bb5d4fca27c0b4e34fd40730fb30da8
ff686540621c84c21048e8d3c61f9b4c829e6143b691d49c8342cd4b35c39ea3

HTTP Headers

GET /gtag/js?id=G-V90D3SRJGW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://chatbox.computer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Jun 2023 03:56:23 GMT
expires: Sat, 03 Jun 2023 03:56:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86268
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a7508e40a986ddfd03a5998cd99d36d9
4faebad71148f2607a4174d21b748d1d54d7abef
382ecef0f06ab612d234aa9037a661353142cede4ce930320583eccd357dadc7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 03:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

chatbox.computer.com/flutter.js

192.64.151.249

200 OK

15 kB

URL GET HTTP/2
chatbox.computer.com/flutter.js
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
ASCII text, with CRLF line terminators
Size
15 kB (14623 bytes)
Hash
6b515e434cea20006b3ef1726d2c8894
65e782370bc35a4f5e37922f12debfae61eff946
ebef4683c7634467e3e792e993cd8e28d44940d4299dd8f3f8ce8ea3c1f20b67

HTTP Headers

GET /flutter.js HTTP/1.1
Host: chatbox.computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://chatbox.computer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:23 GMT
content-type: application/javascript
content-length: 14623
last-modified: Mon, 29 May 2023 23:57:59 GMT
etag: "64753c07-391f"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

chatbox.computer.com/assets/cc-logo.png

192.64.151.249

200 OK

24 kB

URL GET HTTP/2
chatbox.computer.com/assets/cc-logo.png
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
PNG image data, 663 x 663, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (24328 bytes)
Hash
84ebd1f6c798744b151caabafa7537e9
cf809e7d102395323e7befb66242b2a54b19f28c
55fffe3b8fe5fde99213a206c483971acf9a847f0c93f5afacdcdb1703578e49

HTTP Headers

GET /assets/cc-logo.png HTTP/1.1
Host: chatbox.computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://chatbox.computer.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:23 GMT
content-type: image/png
content-length: 24328
last-modified: Mon, 29 May 2023 23:57:32 GMT
etag: "64753bec-5f08"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

computer.com/js/script.js

192.64.151.249

200 OK

1.3 kB

URL GET HTTP/2
computer.com/js/script.js
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
ASCII text, with very long lines (1321), with no line terminators
Size
1.3 kB (1321 bytes)
Hash
8210a7fad4cf5a22ec34f49fd6cfa0a4
46cae8011201b868af95b9d91a76839a2ac51a18
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c

HTTP Headers

GET /js/script.js HTTP/1.1
Host: computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://chatbox.computer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:23 GMT
content-type: application/javascript
content-length: 1321
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

computer.com/api/event

192.64.151.249

202 Accepted

2 B

URL POST HTTP/2
computer.com/api/event
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

HTTP Headers

POST /api/event HTTP/1.1
Host: computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 110
Origin: https://chatbox.computer.com
DNT: 1
Connection: keep-alive
Referer: https://chatbox.computer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 202 Accepted
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:23 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
x-request-id: F2UJ9Ru_M3xF4o4AKWiC
X-Firefox-Spdy: h2

slypes.slyip.com/public/ajax/libs/jqueryui/1.13.2/themes/base/images/ui-icons_444444_256x240.png

192.64.151.240

200 OK

7.1 kB

URL GET HTTP/1.1
slypes.slyip.com/public/ajax/libs/jqueryui/1.13.2/themes/base/images/ui-icons_444444_256x240.png
IP
192.64.151.240:80
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/

File type
PNG image data, 256 x 240, 8-bit gray+alpha, non-interlaced\012- data
Size
7.1 kB (7142 bytes)
Hash
0494d08913adc4581aa6a7da6c488d65
3ffa878d00d5e632f4f4260eb390334466caf653
2cd2a1b0f8368d37835f82a3a52733d871bf4e9db4cd047ca985d01c07169624

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

NIDS	Severity	Alert
suricata	medium	ET INFO DYNAMIC_DNS HTTP Request to a *.slyip.com Domain

HTTP Headers

GET /public/ajax/libs/jqueryui/1.13.2/themes/base/images/ui-icons_444444_256x240.png HTTP/1.1
Host: slypes.slyip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/public/ajax/libs/jqueryui/1.13.2/themes/base/jquery-ui.min.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sat, 03 Jun 2023 03:56:23 GMT
Content-Type: image/png
Content-Length: 7142
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 00:51:06 GMT
ETag: "62d0b9fa-1be6"
Accept-Ranges: bytes

chatbox.computer.com/main.dart.js

192.64.151.249

200 OK

2.3 MB

URL GET HTTP/2
chatbox.computer.com/main.dart.js
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
ASCII text, with very long lines (727)
Size
2.3 MB (2341330 bytes)
Hash
0701741fa2889197450b6e1ac5b1cd60
57b084a87d4ae4a38169e8f174abd9ace32d7b8f
dff7ee81aaa264b5f9df1840da5eba740d8a6b01c30db9b3ddf04410a08a9135

HTTP Headers

GET /main.dart.js HTTP/1.1
Host: chatbox.computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://chatbox.computer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:23 GMT
content-type: application/javascript
content-length: 2341330
last-modified: Mon, 29 May 2023 23:58:05 GMT
etag: "64753c0d-23b9d2"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a94a6bf69a5bda20a5a497cff9a93636
fa3de38b0755fc024d6d35dfd833ac95eb79a5f3
64a989eaabc52262e244b627bbc4efd123a8079b8d2499f2f7cf80fa914c801e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 03:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/flutter-canvaskit/d44b5a94c976fbb65815374f61ab5392a220b084/canvaskit.js

216.58.211.3

200 OK

26 kB

URL GET HTTP/2
www.gstatic.com/flutter-canvaskit/d44b5a94c976fbb65815374f61ab5392a220b084/canvaskit.js
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://chatbox.computer.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text, with very long lines (545)
Size
26 kB (26292 bytes)
Hash
76f7d822f42397160c5dfc69cbc9b2de
a7739ae575812316ab0924225becfa3941f5b3da
86c5d12e43e93359933fbe2f8575d2bfd1ee595aa581b6111943de2d77975e31

HTTP Headers

GET /flutter-canvaskit/d44b5a94c976fbb65815374f61ab5392a220b084/canvaskit.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://chatbox.computer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="flutter-team"
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-length: 26292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 21:27:06 GMT
expires: Thu, 30 May 2024 21:27:06 GMT
cache-control: public, max-age=31536000
age: 196159
last-modified: Mon, 08 May 2023 22:54:50 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

chatbox.computer.com/assets/FontManifest.json

192.64.151.249

200 OK

208 B

URL GET HTTP/2
chatbox.computer.com/assets/FontManifest.json
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
208 B (208 bytes)
Hash
dc3d03800ccca4601324923c0b1d6d57
bca264548730f8b1871672891b0ad0c02444bfaf
cd7e03645bc44b2dd47b7cb626f51c4ecbf55a197ab77241628b47ac165fbe21

HTTP Headers

GET /assets/FontManifest.json HTTP/1.1
Host: chatbox.computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chatbox.computer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:25 GMT
content-type: application/json
content-length: 208
last-modified: Mon, 29 May 2023 23:57:33 GMT
etag: "64753bed-d0"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4657e1301201c546b03bf8a42be0e1a4
561ed76fd2c38e8107da101d54546e44b219e539
b7c25875352ba1d913c952fc778770209c663f8b7bb3a33b40532b1910938c73

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 03:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

chatbox.computer.com/assets/fonts/MaterialIcons-Regular.otf

192.64.151.249

200 OK

7.8 kB

URL GET HTTP/2
chatbox.computer.com/assets/fonts/MaterialIcons-Regular.otf
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
OpenType font data\012- data
Size
7.8 kB (7756 bytes)
Hash
c0a9904cf29848c8136f699c45108000
4efdcefa39a3e4fd11260b0cc1f86246176baf7b
2093d7dc0c6280ae3f0e332a784735623e8d094c778c1409ea77285bf282b121

HTTP Headers

GET /assets/fonts/MaterialIcons-Regular.otf HTTP/1.1
Host: chatbox.computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chatbox.computer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:25 GMT
content-type: application/octet-stream
content-length: 7756
last-modified: Mon, 29 May 2023 23:57:34 GMT
etag: "64753bee-1e4c"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

chatbox.computer.com/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf

192.64.151.249

200 OK

1.2 kB

URL GET HTTP/2
chatbox.computer.com/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
TrueType Font data, 12 tables, 1st "OS/2", 7 names, Microsoft, language 0x409\012- data
Size
1.2 kB (1236 bytes)
Hash
57d849d738900cfd590e9adc7e208250
41985b8972e5289666d6054b2242f562f1d6e11a
7faebfc34fcf9aeed5ed14c8d859995da91d26ee4d515a5d5a632a14cc6b3d98

HTTP Headers

GET /assets/packages/cupertino_icons/assets/CupertinoIcons.ttf HTTP/1.1
Host: chatbox.computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chatbox.computer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:25 GMT
content-type: application/octet-stream
content-length: 1236
last-modified: Mon, 29 May 2023 23:57:39 GMT
etag: "64753bf3-4d4"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.gstatic.com/flutter-canvaskit/d44b5a94c976fbb65815374f61ab5392a220b084/canvaskit.wasm

216.58.211.3

200 OK

2.1 MB

URL GET HTTP/2
www.gstatic.com/flutter-canvaskit/d44b5a94c976fbb65815374f61ab5392a220b084/canvaskit.wasm
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://chatbox.computer.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
WebAssembly (wasm) binary module version 0x1 (MVP)\012- data
Size
2.1 MB (2142317 bytes)
Hash
f48eaf57cada79163ec6dec7929486ea
9c2e3dfd5ea427fc42c8358fcec9be13b47534d0
65d6b549c3d21e2d9dc4f0504fc9462936a1e511fd538a8ce4a5d45a8e0c95cf

HTTP Headers

GET /flutter-canvaskit/d44b5a94c976fbb65815374f61ab5392a220b084/canvaskit.wasm HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chatbox.computer.com/
Origin: https://chatbox.computer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: br
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="flutter-team"
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-length: 2142317
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 21:27:19 GMT
expires: Thu, 30 May 2024 21:27:19 GMT
cache-control: public, max-age=31536000
age: 196146
last-modified: Mon, 08 May 2023 22:55:12 GMT
content-type: application/wasm
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf

216.58.207.227

200 OK

91 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://chatbox.computer.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob\012- data
Size
91 kB (91230 bytes)
Hash
11eabca2251325cfc5589c9c6fb57b46
096c9245b6a192d1403a82848e104a65f578a8ec
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

HTTP Headers

GET /s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chatbox.computer.com/
Origin: https://chatbox.computer.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 91230
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 00:20:03 GMT
expires: Thu, 30 May 2024 00:20:03 GMT
cache-control: public, max-age=31536000
age: 272182
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

chatbox.computer.com/assets/config.yaml

192.64.151.249

200 OK

37 B

URL GET HTTP/2
chatbox.computer.com/assets/config.yaml
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
ASCII text, with no line terminators
Size
37 B (37 bytes)
Hash
17ad4a96d52df2f0eb4c20a9a61bf1c6
bdd424e7d29452d574c4e1e6a488bf83955d1e8a
48e68aa463e9a94dd0560e89bc06b064b1ea04cea2794c387e5db8965b99f2fb

HTTP Headers

GET /assets/config.yaml HTTP/1.1
Host: chatbox.computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chatbox.computer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:25 GMT
content-type: application/octet-stream
content-length: 37
last-modified: Mon, 29 May 2023 23:57:32 GMT
etag: "64753bec-25"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

computer.com/results/cc-logo.png

192.64.151.249

200 OK

24 kB

URL GET HTTP/2
computer.com/results/cc-logo.png
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
PNG image data, 663 x 663, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (24328 bytes)
Hash
84ebd1f6c798744b151caabafa7537e9
cf809e7d102395323e7befb66242b2a54b19f28c
55fffe3b8fe5fde99213a206c483971acf9a847f0c93f5afacdcdb1703578e49

HTTP Headers

GET /results/cc-logo.png HTTP/1.1
Host: computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://chatbox.computer.com
DNT: 1
Connection: keep-alive
Referer: https://chatbox.computer.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:26 GMT
content-type: image/png
content-length: 24328
last-modified: Sun, 26 Feb 2023 14:18:59 GMT
etag: "63fb6a53-5f08"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

chatbox.computer.com/assets/AssetManifest.bin

192.64.151.249

200 OK

128 B

URL GET HTTP/2
chatbox.computer.com/assets/AssetManifest.bin
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
data
Size
128 B (128 bytes)
Hash
aaecf601082c367add974df0536124d7
3c578f2c18182a3118d7b72c5e3000def01b50d6
4ade9254975c84e813b0b0dbd01764ac5376bda7dd3c2943e3bc0f1a7b59bb0a

HTTP Headers

GET /assets/AssetManifest.bin HTTP/1.1
Host: chatbox.computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chatbox.computer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:26 GMT
content-type: application/octet-stream
content-length: 128
last-modified: Mon, 29 May 2023 23:57:28 GMT
etag: "64753be8-80"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

chatbox.computer.com/assets/assets/chat-icon.png

192.64.151.249

200 OK

38 kB

URL GET HTTP/2
chatbox.computer.com/assets/assets/chat-icon.png
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
https://chatbox.computer.com/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (37954 bytes)
Hash
3a374080a23da16cb02cdfd673e58cca
3edcda509966a8cfb00a4de12957ba07e30a991f
8d9cbb62c318d169a2e5da71d565105710db43e54f6c9d101c144e26854c1db9

HTTP Headers

GET /assets/assets/chat-icon.png HTTP/1.1
Host: chatbox.computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://chatbox.computer.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:26 GMT
content-type: image/png
content-length: 37954
last-modified: Mon, 29 May 2023 23:57:31 GMT
etag: "64753beb-9442"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff

216.58.211.1

200 OK

391 B

URL GET HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP
216.58.211.1:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/afs/ads?adtest=off&psid=8676772880&pcsa=false&channel=000002%2C000003%2C002392%2Cbucket102&client=dp-teaminternet07_3ph&r=m&hl=no&rpbu=http%3A%2F%2Fwww1.slyip.com%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQxMDJ8fHx8fHw2NDdhYjllNGU4MGFmfHx8MTY4NTc2NDU4MC45NzN8YTdjYWU3ODExYjgxMGMzOGVlZGJiNDZiMTczZmY2NzE3ZTc0NGI0Ynx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fDllOWVmNTgyOGE3ZjBlMDI1MTRjYmQ3MmY3MGFiYmY0NzMzODZmZWR8MHxkcC10ZWFtaW50ZXJuZXQwN18zcGh8MHww&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2604024762724288&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301187%2C17301190&format=r3%7Cs&nocache=4611685764581715&num=0&output=afd_ads&domain_name=slypes.slyip.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1685764581716&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=745&frm=0&cl=536423577&uio=--&cont=tc&jsid=caf&jsv=536423577&rurl=http%3A%2F%2Fslypes.slyip.com%2FICS%2Fcompte%2Fpaiement1%2Ffacture1%2F03-333389648%2F087ee28a64db41f2acb0901a91e10d0a%2F&adbw=master-1%3A530
Certificate
IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintAC:83:32:AA:E9:4D:2F:A2:F2:C9:F0:F3:7B:98:49:1B:5B:DE:7E:44
ValidityFri, 19 May 2023 12:57:31 GMT - Fri, 11 Aug 2023 12:57:30 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (406), with no line terminators
Size
391 B (391 bytes)
Hash
249bb4c6a37dfa60d6ecf838cada5020
4e56099d13b015804f79d1182f66982bc6e4662b
a2cebc2af2fd29cbee1ed7860ef5b12088b85259918d8bf2f2aaa99b915fa3f4

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 02 Jun 2023 17:36:28 GMT
expires: Sat, 03 Jun 2023 16:36:28 GMT
cache-control: public, max-age=82800
age: 37194
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

chatbox.computer.com/

192.64.151.249

200 OK

3.9 kB

URL GET HTTP/2
chatbox.computer.com/
IP
192.64.151.249:443
ASN
#399522 TP

Requested by
http://slypes.slyip.com/ICS/compte/paiement1/facture1/03-333389648/087ee28a64db41f2acb0901a91e10d0a/
Certificate
IssuerLet's Encrypt
Subject*.computer.com
FingerprintB1:E4:8E:84:F7:CE:F0:D1:18:92:A5:46:CE:1F:A2:6A:4D:61:4C:9D
ValiditySat, 08 Apr 2023 21:36:10 GMT - Fri, 07 Jul 2023 21:36:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4244), with no line terminators
Size
3.9 kB (3902 bytes)
Hash
bb557e4d391ee1f083e534e069564e4e
d47dff6e2a5248fc4236d05341d3cc6720b6003d
3e26afbb29382390afa6ae216de31b185a59201ac547303502af3d97ade9700f

HTTP Headers

GET / HTTP/1.1
Host: chatbox.computer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://slypes.slyip.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 03 Jun 2023 03:56:23 GMT
content-type: text/html
last-modified: Mon, 29 May 2023 23:58:03 GMT
etag: W/"64753c0b-f3e"
strict-transport-security: max-age=15768000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL