Report - 3385.xg4ken.com/trk/v1?prof=405

Report Overview

Visited public
2023-08-28 12:23:23
Tags
URL
3385.xg4ken.com/trk/v1?prof=405
Finishing URL
3385.xg4ken.com/trk/v1?prof=405
IP / ASN
54.154.9.44
#16509 AMAZON-02
Title
v1 (GIF Image, 1 × 1 pixels)

Detections

urlquery

0

Network Intrusion Detection

0

Threat Detection Systems

0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
3385.xg4ken.com	708095	2007-01-29	2018-08-28 19:46:25	2023-01-07 13:54:39	941 B	660 B	108.128.94.85
ocsp.godaddy.com	698	1999-03-02	2012-05-20 21:28:57	2023-08-28 05:07:48	330 B	2.6 kB	192.124.249.24

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (3)

	URL	IP	Response	Size
	3385.xg4ken.com/trk/v1?prof=405	108.128.94.85	200 OK	44 B
URL User Request GET HTTP/2 3385.xg4ken.com/trk/v1?prof=405 IP 108.128.94.85:443 ASN #16509 AMAZON-02 Certificate IssuerGoDaddy.com, Inc. Subject.xg4ken.com Fingerprint82:52:05:FC:0B:19:91:05:8E:4D:91:11:9F:E9:A7:76:62:21:B5:A6 ValidityTue, 18 Oct 2022 17:39:15 GMT - Sun, 19 Nov 2023 17:39:15 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 44 B (44 bytes) Hash b798f4ce7359fd815df4bdf76503b295 f8cc6addf1707ad236ad9970b0a48f9733d07da5 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa HTTP Headers `GET /trk/v1?prof=405 HTTP/1.1 Host: 3385.xg4ken.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Mon, 28 Aug 2023 12:23:07 GMT content-type: image/gif content-length: 44 x-debug-kenshoo-server: ip-10-174-84-157 cache-control: no-cache, no-transform p3p: policyref="http://www.xg4ken.com/w3c/p3p.xml", CP="ADMa DEVa OUR IND DSP NON LAW" X-Firefox-Spdy: h2`

	3385.xg4ken.com/favicon.ico	108.128.94.85	200 OK	44 B
URL GET HTTP/2 3385.xg4ken.com/favicon.ico IP 108.128.94.85:443 ASN #16509 AMAZON-02 Requested by https://3385.xg4ken.com/trk/v1?prof=405 Certificate IssuerGoDaddy.com, Inc. Subject.xg4ken.com Fingerprint82:52:05:FC:0B:19:91:05:8E:4D:91:11:9F:E9:A7:76:62:21:B5:A6 ValidityTue, 18 Oct 2022 17:39:15 GMT - Sun, 19 Nov 2023 17:39:15 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 44 B (44 bytes) Hash b798f4ce7359fd815df4bdf76503b295 f8cc6addf1707ad236ad9970b0a48f9733d07da5 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa HTTP Headers `GET /favicon.ico HTTP/1.1 Host: 3385.xg4ken.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://3385.xg4ken.com/trk/v1?prof=405 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK date: Mon, 28 Aug 2023 12:23:08 GMT content-type: image/gif content-length: 44 x-debug-kenshoo-server: ip-10-174-92-125 p3p: policyref="http://www.xg4ken.com/w3c/p3p.xml", CP="ADMa DEVa OUR IND DSP NON LAW" cache-control: no-cache, no-transform X-Firefox-Spdy: h2`

	ocsp.godaddy.com/	192.124.249.24		2.1 kB
URL ocsp.godaddy.com/ IP 192.124.249.24:0 ASN #30148 SUCURI-SEC File type data Size 2.1 kB (2108 bytes) Hash 6ba0b43eac595c9ad204657243e37a84 662064dcd0da8173ee78b18501af37358f39930f 06c0a08967d680414c5c713671f00d0240519857b948ed506a0a2815da72e9b6 HTTP Headers `POST / HTTP/1.1 Host: ocsp.godaddy.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 76 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: Sucuri/Cloudproxy Date: Mon, 28 Aug 2023 12:23:08 GMT Content-Type: application/ocsp-response Content-Length: 2108 Connection: keep-alive X-Sucuri-ID: 19024 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Sun, 27 Aug 2023 21:37:06 GMT Expires: Mon, 28 Aug 2023 21:37:06 GMT ETag: "662064dcd0da8173ee78b18501af37358f39930f" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"`