| 185.95.84.79/rd/4OCveN11524sxBc59ahyxiqgnko6135RTYVIESBWUPZKQN15043RVLR2293R9 | 185.95.84.79 | | 235 B |
URL 185.95.84.79/rd/4OCveN11524sxBc59ahyxiqgnko6135RTYVIESBWUPZKQN15043RVLR2293R9 IP185.95.84.79:0 ASN#51559 Netinternet Bilisim Teknolojileri AS
File typeHTML document, ASCII text Hash41735c0e24be1e5bd89c1f6531207494 9eae1bfa3b43e52c21e87fabcd63a4c2a3e55554 a594b117bc9c64745935f48b866c3caa70cded9c35ee02841a28277f3e75ffe3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rd/4OCveN11524sxBc59ahyxiqgnko6135RTYVIESBWUPZKQN15043RVLR2293R9 HTTP/1.1
Host: 185.95.84.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-Address: gin_throttle_mw_7200000000_91.90.42.154
X-Ratelimit-Limit: 500
X-Ratelimit-Remaining: 499
X-Ratelimit-Reset: 1715205461
Date: Wed, 08 May 2024 20:57:41 GMT
Content-Length: 235
|
|
| 185.95.84.79/t/4OCveN11524sxBc59ahyxiqgnko6135RTYVIESBWUPZKQN15043RVLR2293R9 | 185.95.84.79 | | 182 B |
URL 185.95.84.79/t/4OCveN11524sxBc59ahyxiqgnko6135RTYVIESBWUPZKQN15043RVLR2293R9 IP185.95.84.79:0 ASN#51559 Netinternet Bilisim Teknolojileri AS
File typeJavaScript source, ASCII text Hashe06b4be56d710c6d17e246b065a39489 1833dfbd311276ee8b865d98fda7d497a77917a9 b3b13b0f84ac00011263aa2764ff4754b18a6bc422a63c45e8d22580fe253b4a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /t/4OCveN11524sxBc59ahyxiqgnko6135RTYVIESBWUPZKQN15043RVLR2293R9 HTTP/1.1
Host: 185.95.84.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://185.95.84.79/rd/4OCveN11524sxBc59ahyxiqgnko6135RTYVIESBWUPZKQN15043RVLR2293R9
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-Address: gin_throttle_mw_7200000000_91.90.42.154
X-Ratelimit-Limit: 500
X-Ratelimit-Remaining: 498
X-Ratelimit-Reset: 1715205461
Date: Wed, 08 May 2024 20:57:42 GMT
Content-Length: 182
|
|
| 185.95.84.79/favicon.ico | 185.95.84.79 | 404 Not Found | 0 B |
IP185.95.84.79:80 ASN#51559 Netinternet Bilisim Teknolojileri AS
Requested byhttp://185.95.84.79/news?q=This%20link%20is%20locked!
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 185.95.84.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://185.95.84.79/t/4OCveN11524sxBc59ahyxiqgnko6135RTYVIESBWUPZKQN15043RVLR2293R9
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Address: gin_throttle_mw_7200000000_91.90.42.154
X-Ratelimit-Limit: 500
X-Ratelimit-Remaining: 497
X-Ratelimit-Reset: 1715205461
Date: Wed, 08 May 2024 20:57:42 GMT
Content-Length: 0
|
|
| 185.95.84.79/news?q=This%20link%20is%20locked! | 185.95.84.79 | 200 OK | 3.2 kB |
URL User Request GET HTTP/1.1185.95.84.79/news?q=This%20link%20is%20locked! IP185.95.84.79:80 ASN#51559 Netinternet Bilisim Teknolojileri AS
File typeHTML document, ASCII text Hash1e42183964cc22ff4797759a0c8a0252 1734ac4a2b2144f06abda5e64b1456e747aca5e6 036a0b16212114d96933caddcb3b64eebe5e6bce1dd93b39078e4377d682baaa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /news?q=This%20link%20is%20locked! HTTP/1.1
Host: 185.95.84.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://185.95.84.79/t/4OCveN11524sxBc59ahyxiqgnko6135RTYVIESBWUPZKQN15043RVLR2293R9
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
X-Address: gin_throttle_mw_7200000000_91.90.42.154
X-Ratelimit-Limit: 500
X-Ratelimit-Remaining: 496
X-Ratelimit-Reset: 1715205461
Date: Wed, 08 May 2024 20:57:43 GMT
Transfer-Encoding: chunked
|
|
| feeds.foxnews.com/foxnews/world | 151.101.130.132 | 301 Moved Permanently | 0 B |
URL GET HTTP/2feeds.foxnews.com/foxnews/world IP151.101.130.132:443
Requested byhttp://185.95.84.79/news?q=This%20link%20is%20locked! CertificateIssuerLet's Encrypt Subject*.foxnews.com FingerprintBC:A6:C4:45:B6:50:28:54:62:5F:42:C0:C4:BC:61:D1:08:00:31:26 ValiditySat, 23 Mar 2024 06:26:40 GMT - Fri, 21 Jun 2024 06:26:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /foxnews/world HTTP/1.1
Host: feeds.foxnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://185.95.84.79/
Origin: http://185.95.84.79
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
retry-after: 0
location: https://moxie.foxnews.com/google-publisher/world.xml
accept-ranges: bytes
date: Wed, 08 May 2024 20:57:43 GMT
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715201864.627505,VS0,VE0
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-headers: *
access-control-allow-credentials: false
access-control-max-age: 86400
access-control-expose-headers: etag
content-length: 0
X-Firefox-Spdy: h2
|
|
| 185.95.84.79/favicon.ico | 185.95.84.79 | 404 Not Found | 0 B |
IP185.95.84.79:80 ASN#51559 Netinternet Bilisim Teknolojileri AS
Requested byhttp://185.95.84.79/news?q=This%20link%20is%20locked!
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 185.95.84.79
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://185.95.84.79/news?q=This%20link%20is%20locked!
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Address: gin_throttle_mw_7200000000_91.90.42.154
X-Ratelimit-Limit: 500
X-Ratelimit-Remaining: 495
X-Ratelimit-Reset: 1715205461
Date: Wed, 08 May 2024 20:57:43 GMT
Content-Length: 0
|
|
| moxie.foxnews.com/google-publisher/world.xml | 23.54.10.150 | 200 OK | 43 kB |
URL GET HTTP/2moxie.foxnews.com/google-publisher/world.xml IP23.54.10.150:443
Requested byhttp://185.95.84.79/news?q=This%20link%20is%20locked! CertificateIssuerDigiCert Inc Subjectwildcard.foxnews.com Fingerprint92:A8:54:5C:8C:E0:75:4A:F7:00:F0:F3:11:9C:A7:9B:3F:E8:BA:BE ValidityMon, 06 May 2024 00:00:00 GMT - Tue, 06 May 2025 23:59:59 GMT
File typeXML 1.0 document, Unicode text, UTF-8 text, with very long lines (6543) Hashc52e1d9943e87303ac30465cd7588925 18d77e7f5876d1fa3567817cdf505c6f239f8ac8 6982ff264fa7cadfccedd51235e41b78d1066d997eeeaca2a937396bca798e41
GET /google-publisher/world.xml HTTP/1.1
Host: moxie.foxnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: http://185.95.84.79/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 43288
x-amzn-trace-id: Root=1-663bdc1c-0c7029534f83199b076412b6;Parent=2a18cd2a0b5e6434;Sampled=0;lineage=c27b69c6:0
x-amz-apigw-id: Xd9UeF2pIAMEthw=
moxie-version: 1.0
etag: c52e1d9943e87303ac30465cd7588925
content-type: text/xml;charset=utf-8
x-robots-tag: noindex, nofollow
moxie-uptime: 136.94ms
x-amz-cf-id: 2k42GAm5VHVJK15HVpQLE3ZbfZ1czBrn9T3LrV9fD96MAeBYzB6-Ow==
x-amzn-requestid: c71659e9-e44d-453d-b82b-ebe6dbce2a9c
x-amz-cf-pop: IAD55-P5
content-encoding: gzip
x-debug-path: /prod/fn/google-publisher/world.xml
x-origin: prod_moxie
accept-ranges: bytes
x-served-by: cache-iad-kiad7000170-IAD, cache-iad-kiad7000170-IAD, cache-bma1650-BMA
x-cache-hits: 0, 36, 1
x-timer: S1715201758.902657,VS0,VE1
cache-control: must-revalidate, max-age=184
expires: Wed, 08 May 2024 21:00:47 GMT
date: Wed, 08 May 2024 20:57:43 GMT
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
x-forwarded-host: moxie.foxnews.com
X-Firefox-Spdy: h2
|
|