| xn--4yyxpd9bwkc3pt40i0thra3jpmwjmpn6s6d12sl2vq7yjb88e3jg-eb5brl.bnih8hbhyn2hif0bqm8xlnwa886tsrwbpwrvg7oalg4weca5dfunkfb51z7u2lj.foo/ | 104.21.64.98 | 403 Forbidden | 5.7 kB |
URL User Request GET HTTP/2xn--4yyxpd9bwkc3pt40i0thra3jpmwjmpn6s6d12sl2vq7yjb88e3jg-eb5brl.bnih8hbhyn2hif0bqm8xlnwa886tsrwbpwrvg7oalg4weca5dfunkfb51z7u2lj.foo/ IP104.21.64.98:443
CertificateIssuerGoogle Trust Services LLC Subject Fingerprint5E:6A:AF:8E:3C:0E:0F:F2:13:49:2A:9F:FB:74:AC:C1:FB:50:50:01 ValidityFri, 19 Apr 2024 03:19:41 GMT - Thu, 18 Jul 2024 03:19:40 GMT
File typeHTML document, ASCII text, with very long lines (5924), with no line terminators Hash555de0212aa1086b93a47ecdb4ff7747 73904bc68fdd6cabaf405cd7fbd2641b58b0f0b2 9bfdc94ced497941f70e07212efd0a6c386f5ccf772283858d9a459bbcdd9569
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: xn--4yyxpd9bwkc3pt40i0thra3jpmwjmpn6s6d12sl2vq7yjb88e3jg-eb5brl.bnih8hbhyn2hif0bqm8xlnwa886tsrwbpwrvg7oalg4weca5dfunkfb51z7u2lj.foo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Tue, 07 May 2024 00:12:57 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=15
expires: Tue, 07 May 2024 00:13:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q16paR8iHoMshnXCrbiNmqXSRbpmqR9D5SpUFNqW1rkGPD%2FqIiVdokpRCOZSKhwxnold24fYbyqEfY63kth%2BvTQHqGNDA%2FKCOSUJtwJ00XLKr4CJGsirwM3GdikWxUjpNxx4RNFMSBrNl2fC32Rq%2BejGMfyTfF3d0dh6IcXpdAXVinaPkNBscUtY%2Ff2sFchByFCWdZ3kWVeeoRUKNwzO4XZhWjUDkMnspm0cwtHM%2BtvY%2Ferw0qfAlgAZlecDqJtGy6AWIN7tUzrAIpyuwhhwZcMFriMfnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, OPTIONS
content-security-policy: default-src 'unsafe-inline'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
permissions-policy: geolocation=(self)
x-robots-tag: noindex, nofollow
server: cloudflare
cf-ray: 87fd005c2cfab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
| xn--4yyxpd9bwkc3pt40i0thra3jpmwjmpn6s6d12sl2vq7yjb88e3jg-eb5brl.bnih8hbhyn2hif0bqm8xlnwa886tsrwbpwrvg7oalg4weca5dfunkfb51z7u2lj.foo/ | 104.21.64.98 | 403 Forbidden | 5.7 kB |
URL User Request GET HTTP/3xn--4yyxpd9bwkc3pt40i0thra3jpmwjmpn6s6d12sl2vq7yjb88e3jg-eb5brl.bnih8hbhyn2hif0bqm8xlnwa886tsrwbpwrvg7oalg4weca5dfunkfb51z7u2lj.foo/ IP104.21.64.98:443
CertificateIssuerGoogle Trust Services LLC Subject Fingerprint5E:6A:AF:8E:3C:0E:0F:F2:13:49:2A:9F:FB:74:AC:C1:FB:50:50:01 ValidityFri, 19 Apr 2024 03:19:41 GMT - Thu, 18 Jul 2024 03:19:40 GMT
File typeHTML document, ASCII text, with very long lines (5924), with no line terminators Hash317215fa4af0445a37fa1d0a63b653f3 42e98806c5dc376b13214a40ab432b80692c353e 443b6395c00958d573bcef1b3db5ac3ccff1d7fa248f406fa409dfa67da7fd3b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: xn--4yyxpd9bwkc3pt40i0thra3jpmwjmpn6s6d12sl2vq7yjb88e3jg-eb5brl.bnih8hbhyn2hif0bqm8xlnwa886tsrwbpwrvg7oalg4weca5dfunkfb51z7u2lj.foo
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Tue, 07 May 2024 00:12:57 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=15
expires: Tue, 07 May 2024 00:13:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8R6FmVGAvLzg0Kl1DctL0KMk3w86HWdNI1egqcZyemfXkVv3MBzg9l9nZSvSX%2FswuTylZD4%2B%2BDN9xKVpB4Jl5ncI9LiaFvVFgStz372Y%2BtB2U%2BCR%2FbBxPqubMmgkYguy7dPzAPaXWaetL2yTHjn40D04dEln2hvdeLsA5aW2RFmT30brRPCZRO8H4j5Fj8hAAxyJoUhFMRWlnNhpqhJGr%2BgLoZOstcWPCo6BTT6xHTtdbnMV2fTyGWie%2BiD5arBlKx%2FueblkcPSOJLhCT14ktyhKWsE1PA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
expect-ct: max-age=86400, enforce
referrer-policy: same-origin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, OPTIONS
content-security-policy: default-src 'unsafe-inline'
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
permissions-policy: geolocation=(self)
x-robots-tag: noindex, nofollow
server: cloudflare
cf-ray: 87fd005d2b2c56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|