Report - 71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

Report Overview

Submitted URL
71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
IP
71.19.146.161
ASN
#47066 PRGMR
Submitted
2024-04-25 19:53:19
Access
public
Website Title
Play flappy plane, September edition!
Final URL
71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
71.19.146.161	unknown	unknown	No data	No data	14 kB	4.0 MB	71.19.146.161
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-25	428 B	34 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed
2024-04-25	medium	71.19.146.161	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	71.19.146.161/js/main.min.js	6.8 kB	2024-04-25	2024-04-29
Pretty URL 71.19.146.161/js/main.min.js IP 71.19.146.161 ASN #47066 PRGMR Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 21:53:26 Last Seen2024-04-29 23:56:06 Times Seen6 Hash 0fddbae236ae308b1a9fa459eb346b72 73774a83f81f0fcfde0d5a1046386e26a69c3bc3 627d3d0a84918610bc6535994bf322ba953355a881baa477690eba2f79ddccc5 Loading...

	71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i	0 B	2023-03-07	2024-05-05
Pretty URL 71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i IP 71.19.146.161 ASN #47066 PRGMR Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 22:20:22 Times Seen37370923 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js	96 kB	2023-03-07	2024-05-05
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:11 Last Seen2024-05-05 21:57:51 Times Seen15484 Hash f03e5a3bf534f4a738bc350631fd05bd 37b1db88b57438f1072a8ebc7559c909c9d3a682 aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Loading...

	71.19.146.161/js/jquery.transit.min.js	7.5 kB	2023-03-07	2024-04-29
Pretty URL 71.19.146.161/js/jquery.transit.min.js IP 71.19.146.161 ASN #47066 PRGMR Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34:34 Last Seen2024-04-29 23:56:06 Times Seen282 Hash d6464b7f9ac79e1e183e014803462d5b f45dc7eccf5323268e969c3d0db092b16114323d 584aa695461f177cf311034f7e02cf280c16c36a7a299d58e22ef9c23a98867d Loading...

	71.19.146.161/js/buzz.min.js	9.6 kB	2023-07-11	2024-04-29
Pretty URL 71.19.146.161/js/buzz.min.js IP 71.19.146.161 ASN #47066 PRGMR Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-11 13:30:13 Last Seen2024-04-29 23:56:06 Times Seen7 Hash b10196d0e3a52cfaba273fce12f58a49 a2c2d312e55575209982e77526f452265407958e 1c9635777ecd259f968d71cf02b8d677399428a540c930f7968ad9e794bffde3 Loading...

HTTP Transactions (29)

URL IP Response Size

71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

71.19.146.161

1.2 kB

URL User Request GET
71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
IP
71.19.146.161:0
ASN
#47066 PRGMR

File type
HTML document, ASCII text, with CRLF line terminators
Size
1.2 kB (1179 bytes)
Hash
a5871f0be2803125276abc0f573a2085
bcffee42a8dcfd1990e1d7cb0178f9133523c60e
47f2c9feb45cb6684d234346ef2fa590d7ab277d392095ced3e2876bd6f24c7d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 May 2020 03:13:58 GMT
ETag: "efd-5a4c9ebfa8980-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1179
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

142.250.74.74

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (32038)
Size
34 kB (33507 bytes)
Hash
f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

HTTP Headers

GET /ajax/libs/jquery/1.11.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33507
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 Apr 2024 06:44:16 GMT
expires: Sun, 20 Apr 2025 06:44:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 479318
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

71.19.146.161/css/reset.css

71.19.146.161

200 OK

609 B

URL GET HTTP/1.1
71.19.146.161/css/reset.css
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
ASCII text, with very long lines (1151)
Size
609 B (609 bytes)
Hash
9e5a98771701620e24e1fc4205f5c4ed
46ee5f634025c64e5644b74707fa1832fbdb7272
34ba2fa6bc860a5da24add172ef3247f7cf85d16940e20b01d07249d8e4de221

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/reset.css HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:10 GMT
ETag: "4b8-5834b79a20380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 609
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

71.19.146.161/css/main.css

71.19.146.161

200 OK

1.4 kB

URL GET HTTP/1.1
71.19.146.161/css/main.css
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
ASCII text
Size
1.4 kB (1399 bytes)
Hash
84f2e8b9131a95d8bcf33f0b79253883
2de56dd9b32cf9ba9a3db2dd40d5451506e22dde
df85c3315f738be20aa930ca33e2989df14f12d0322c8315782943408bcde736

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/main.css HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:08 GMT
ETag: "1b4b-5834b79837f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1399
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

71.19.146.161/js/jquery.transit.min.js

71.19.146.161

200 OK

2.7 kB

URL GET HTTP/1.1
71.19.146.161/js/jquery.transit.min.js
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
JavaScript source, ASCII text, with very long lines (7281)
Size
2.7 kB (2713 bytes)
Hash
d6464b7f9ac79e1e183e014803462d5b
f45dc7eccf5323268e969c3d0db092b16114323d
584aa695461f177cf311034f7e02cf280c16c36a7a299d58e22ef9c23a98867d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.transit.min.js HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:08 GMT
ETag: "1d53-5834b79837f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2713
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

71.19.146.161/js/main.min.js

71.19.146.161

200 OK

2.4 kB

URL GET HTTP/1.1
71.19.146.161/js/main.min.js
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
JavaScript source, ASCII text, with very long lines (6803), with no line terminators
Size
2.4 kB (2389 bytes)
Hash
0fddbae236ae308b1a9fa459eb346b72
73774a83f81f0fcfde0d5a1046386e26a69c3bc3
627d3d0a84918610bc6535994bf322ba953355a881baa477690eba2f79ddccc5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/main.min.js HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:08 GMT
ETag: "1a93-5834b79837f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2389
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

71.19.146.161/js/buzz.min.js

71.19.146.161

200 OK

2.8 kB

URL GET HTTP/1.1
71.19.146.161/js/buzz.min.js
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
JavaScript source, ASCII text, with very long lines (9127)
Size
2.8 kB (2815 bytes)
Hash
b10196d0e3a52cfaba273fce12f58a49
a2c2d312e55575209982e77526f452265407958e
1c9635777ecd259f968d71cf02b8d677399428a540c930f7968ad9e794bffde3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/buzz.min.js HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:10 GMT
ETag: "2571-5834b79a20380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2815
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

71.19.146.161/assets/replay.png

71.19.146.161

200 OK

419 B

URL GET HTTP/1.1
71.19.146.161/assets/replay.png
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
PNG image data, 115 x 70, 4-bit colormap, non-interlaced
Size
419 B (419 bytes)
Hash
d8fed4870d76da0f65cb59ead03424ea
4919d54d3a97ea45f96b370bdb6e4f36da2653dc
436043335808a7771840288a3b34d95533740984a44ade443879ad8a1395e934

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/replay.png HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:08 GMT
ETag: "1a3-5834b79837f00"
Accept-Ranges: bytes
Content-Length: 419
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

71.19.146.161/assets/ceiling.png

71.19.146.161

200 OK

318 B

URL GET HTTP/1.1
71.19.146.161/assets/ceiling.png
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
PNG image data, 64 x 16, 8-bit/color RGB, non-interlaced
Size
318 B (318 bytes)
Hash
37c89da7fef25085a3d3a171c780d59e
6a0c7378bfbe135932c84031663232225a625d34
f74886048f9e2d6e9e5b464cbcc0897aba91c808c48728d00a41503c79858224

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/ceiling.png HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:04 GMT
ETag: "13e-5834b79467600"
Accept-Ranges: bytes
Content-Length: 318
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

71.19.146.161/assets/sky.png

71.19.146.161

200 OK

14 kB

URL GET HTTP/1.1
71.19.146.161/assets/sky.png
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
PNG image data, 276 x 109, 8-bit colormap, non-interlaced
Size
14 kB (14052 bytes)
Hash
af68cb1bf0e5236a04de23fdbaf53255
4653b136e7161b3c431e8be984d5ea27023a2cf4
1d35f0acf2cf430b54210deccf5691efe638bb7d2366c139acaf6fb613e4abd1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sky.png HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:04 GMT
ETag: "36e4-5834b79467600"
Accept-Ranges: bytes
Content-Length: 14052
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

71.19.146.161/assets/plane.png

71.19.146.161

200 OK

1.9 kB

URL GET HTTP/1.1
71.19.146.161/assets/plane.png
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
PNG image data, 93 x 24, 8-bit colormap, non-interlaced
Size
1.9 kB (1871 bytes)
Hash
278443c4349fb179eb027aec20e4351e
c6fa16450c8e00c1444f0dcf402ab8c70e79857e
1dad23d50373551955d1cb22b4aa5ee780c69e697fd6dc0043c76515e60236ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plane.png HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:02 GMT
ETag: "74f-5834b7927f180"
Accept-Ranges: bytes
Content-Length: 1871
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

71.19.146.161/assets/splash.png

71.19.146.161

200 OK

3.1 kB

URL GET HTTP/1.1
71.19.146.161/assets/splash.png
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
PNG image data, 188 x 170, 8-bit colormap, non-interlaced
Size
3.1 kB (3149 bytes)
Hash
f493a597190929da3479bd0343e8cc94
2a1b0299be0d3e6db11e4992abfcaf4444e61d48
c196b0bdeff2ea63ed215198c361e2d60daf0c083daae21db6a2d1614b6772b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/splash.png HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:06 GMT
ETag: "c4d-5834b7964fa80"
Accept-Ranges: bytes
Content-Length: 3149
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

71.19.146.161/assets/land.png

71.19.146.161

200 OK

6.1 kB

URL GET HTTP/1.1
71.19.146.161/assets/land.png
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
PNG image data, 336 x 112, 8-bit colormap, non-interlaced
Size
6.1 kB (6097 bytes)
Hash
42c85d5fce24682c96667eb44663da30
05e80312713e8fc5bb936d47dbea6a621ec66b65
692a107eacf03eb08c02aabe986f62d9be375250d2a35135ca5e1412895766b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/land.png HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:04 GMT
ETag: "17d1-5834b79467600"
Accept-Ranges: bytes
Content-Length: 6097
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

71.19.146.161/assets/sounds/sfx_wing.ogg

71.19.146.161

206 Partial Content

7.7 kB

URL GET HTTP/1.1
71.19.146.161/assets/sounds/sfx_wing.ogg
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
Ogg data, Vorbis audio, mono, 44100 Hz, ~110000 bps, created by: Xiph.Org libVorbis I (1.3.2)
Size
7.7 kB (7728 bytes)
Hash
e34cb4c6c2967438f5c0dc8b11de0663
400ef6d6efbefc9086276b40ecaf2265d883d399
b24398c3c87092f2ece69c88344e5555f91540e86db606f695e90d75db3ded9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sounds/sfx_wing.ogg HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:30:58 GMT
ETag: "1e30-5834b78eae880"
Accept-Ranges: bytes
Content-Length: 7728
Content-Range: bytes 0-7727/7728
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: audio/ogg

71.19.146.161/assets/sounds/sfx_point.ogg

71.19.146.161

206 Partial Content

13 kB

URL GET HTTP/1.1
71.19.146.161/assets/sounds/sfx_point.ogg
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
Ogg data, Vorbis audio, stereo, 44100 Hz, ~192000 bps, created by: Xiph.Org libVorbis I (1.3.2)
Size
13 kB (13235 bytes)
Hash
b881ed43f34017dfedd456cb5e3da40c
595591c9ee8f7c85478d154f0670ec4011f18d8b
72f0629053abc19b619794a8f7f69712c8f1d41def80dad2984bfa9ff1278430

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sounds/sfx_point.ogg HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:00 GMT
ETag: "33b3-5834b79096d00"
Accept-Ranges: bytes
Content-Length: 13235
Content-Range: bytes 0-13234/13235
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: audio/ogg

71.19.146.161/assets/sounds/sfx_die.ogg

71.19.146.161

206 Partial Content

19 kB

URL GET HTTP/1.1
71.19.146.161/assets/sounds/sfx_die.ogg
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
Ogg data, Vorbis audio, stereo, 44100 Hz, ~192000 bps, created by: Xiph.Org libVorbis I (1.3.2)
Size
19 kB (18942 bytes)
Hash
176090bc0ec6ccc238c065d898c653cb
03838bb8a6da40f142b238afda69fa39c0dca198
7820c7edfa811a9f83372603b5c6934054e3e86e29fdc3909955d4ef8c0f7680

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sounds/sfx_die.ogg HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:00 GMT
ETag: "49fe-5834b79096d00"
Accept-Ranges: bytes
Content-Length: 18942
Content-Range: bytes 0-18941/18942
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: audio/ogg

71.19.146.161/assets/sounds/sfx_swooshing.ogg

71.19.146.161

206 Partial Content

14 kB

URL GET HTTP/1.1
71.19.146.161/assets/sounds/sfx_swooshing.ogg
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
Ogg data, Vorbis audio, stereo, 44100 Hz, ~192000 bps, created by: Xiph.Org libVorbis I (1.3.2)
Size
14 kB (13697 bytes)
Hash
2573310c3ac9b0ddea6ab6e07a0adfe5
d0c63a3a4627cb06cfad3bb3c1f3fe06efce7826
7b45a18945358a18f02c04e4e09440cce4f707e89b73d5f1e8e88bc600eddce7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sounds/sfx_swooshing.ogg HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:30:58 GMT
ETag: "3581-5834b78eae880"
Accept-Ranges: bytes
Content-Length: 13697
Content-Range: bytes 0-13696/13697
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: audio/ogg

71.19.146.161/assets/sounds/sfx_hit.ogg

71.19.146.161

206 Partial Content

35 kB

URL GET HTTP/1.1
71.19.146.161/assets/sounds/sfx_hit.ogg
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
Ogg data, Vorbis audio, mono, 32000 Hz, ~92000 bps, created by: Xiph.Org libVorbis I (1.3.2)
Size
35 kB (35148 bytes)
Hash
2e266c30278cf26b724735844ba00b52
fe9f2ce7695ca145d8cf5919b66a45caa1522cce
d390eee1b003330b804f095be8d01c08d5fbd4efe9d35b7eff31726ee46ea952

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sounds/sfx_hit.ogg HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Date: Thu, 25 Apr 2024 19:52:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:00 GMT
ETag: "894c-5834b79096d00"
Accept-Ranges: bytes
Content-Length: 35148
Content-Range: bytes 0-35147/35148
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: audio/ogg

71.19.146.161/assets/sounds/nasheed.ogg

71.19.146.161

206 Partial Content

28 kB

URL GET HTTP/1.1
71.19.146.161/assets/sounds/nasheed.ogg
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
data
Size
28 kB (28207 bytes)
Hash
6e7e4310cd353e4ce2a645cc06baabd3
f06cc41575f103ebf7d9cb3d7fda04d3d3ab1e9c
160a6d58fcc23dcf83fa560e422348dfb725d98195a11a5137bc775f05f72dae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sounds/nasheed.ogg HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=3768320-
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Date: Thu, 25 Apr 2024 19:52:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 11 Mar 2019 18:12:28 GMT
ETag: "39ee2f-583d583ea5b00"
Accept-Ranges: bytes
Content-Length: 28207
Content-Range: bytes 3768320-3796526/3796527
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: audio/ogg

71.19.146.161/favicon.ico

71.19.146.161

404 Not Found

275 B

URL GET HTTP/1.1
71.19.146.161/favicon.ico
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
HTML document, ASCII text
Size
275 B (275 bytes)
Hash
9a10310081e12808f43fb6956a0280d8
1c1eea4c595f18e4a722460ef0f43c7834a29fdf
bebbb36dfb4493116e62c6067e3bc0ce61e6e7c6ac5c26fb82d41c9832c55ded

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Thu, 25 Apr 2024 19:52:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 275
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

71.19.146.161/assets/sounds/nasheed.ogg

71.19.146.161

206 Partial Content

3.8 MB

URL GET HTTP/1.1
71.19.146.161/assets/sounds/nasheed.ogg
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
data
Size
3.8 MB (3763759 bytes)
Hash
1f4a92e6b1d35402fb1a24d87ad8a41b
709f3b31a030dcfb345ff3b5e692d8afe7c3d654
c407d416c3d99faf5d465e0b37b7dc58b2207fbf78822263a3f120f45ef02cd5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sounds/nasheed.ogg HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=32768-
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Date: Thu, 25 Apr 2024 19:52:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 11 Mar 2019 18:12:28 GMT
ETag: "39ee2f-583d583ea5b00"
Accept-Ranges: bytes
Content-Length: 3763759
Content-Range: bytes 32768-3796526/3796527
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: audio/ogg

71.19.146.161/assets/font_big_0.png

71.19.146.161

200 OK

121 B

URL GET HTTP/1.1
71.19.146.161/assets/font_big_0.png
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
PNG image data, 24 x 36, 8-bit/color RGBA, non-interlaced
Size
121 B (121 bytes)
Hash
3fc6179ec7ba27f350135c509408cc50
09ed84f76c6021f022b1061d1d3a99dede9e0946
0d4875d96d46288862228d4fa823d0269343f55ad6064d10a64c27d92309d9ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/font_big_0.png HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:53:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:30:58 GMT
ETag: "79-5834b78eae880"
Accept-Ranges: bytes
Content-Length: 121
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

71.19.146.161/assets/sounds/sfx_wing.mp3

71.19.146.161

206 Partial Content

9.2 kB

URL GET HTTP/1.1
71.19.146.161/assets/sounds/sfx_wing.mp3
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural
Size
9.2 kB (9172 bytes)
Hash
94b80d63230b88ded36b20095589efd4
afae70e977c7a24894902e3c873ec164d1e272e6
e233b14a4b75889dcef9d8626d167d6a9ad1222ad8a8d05615c90b38f936f132

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sounds/sfx_wing.mp3 HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Date: Thu, 25 Apr 2024 19:53:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:30:58 GMT
ETag: "23d4-5834b78eae880"
Accept-Ranges: bytes
Content-Length: 9172
Content-Range: bytes 0-9171/9172
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: audio/mpeg

71.19.146.161/assets/pipe.png

71.19.146.161

200 OK

3.9 kB

URL GET HTTP/1.1
71.19.146.161/assets/pipe.png
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
PNG image data, 52 x 81, 8-bit colormap, non-interlaced
Size
3.9 kB (3851 bytes)
Hash
7af55a387820ed0da99f315b2e0cc150
9ab66338486eff4ea5b67f7c8b45b729f1db5849
a189a9aa2de418c9b330b98a7a12fe6887a5b99421a66fcea328e8d7150aa39c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/pipe.png HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:53:02 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:06 GMT
ETag: "f0b-5834b7964fa80"
Accept-Ranges: bytes
Content-Length: 3851
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

71.19.146.161/assets/pipe-up.png

71.19.146.161

200 OK

1.1 kB

URL GET HTTP/1.1
71.19.146.161/assets/pipe-up.png
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
PNG image data, 52 x 22, 8-bit colormap, non-interlaced
Size
1.1 kB (1098 bytes)
Hash
377dad05ad973f9b064ed02ae437a547
048bf0fd1700e27a35831f53e072cd9562918856
b81ba951a47748c71fa0014f815cc06fa22bbf7a4dfc32ecb2afb735deefb108

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/pipe-up.png HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:53:02 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:02 GMT
ETag: "44a-5834b7927f180"
Accept-Ranges: bytes
Content-Length: 1098
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

71.19.146.161/assets/pipe-down.png

71.19.146.161

200 OK

1.1 kB

URL GET HTTP/1.1
71.19.146.161/assets/pipe-down.png
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
PNG image data, 52 x 22, 8-bit colormap, non-interlaced
Size
1.1 kB (1088 bytes)
Hash
c9409099e171f603e7d9d1fb10c72f6e
3197077e7de23466750fd1a96609dd3586132786
b19af4dce9ed513d7e3e287c3990cf3f29b08eb4169a129d76b84c1a1b810483

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/pipe-down.png HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:53:02 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:06 GMT
ETag: "440-5834b7964fa80"
Accept-Ranges: bytes
Content-Length: 1088
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

71.19.146.161/assets/sounds/nasheed.mp3

71.19.146.161

206 Partial Content

55 kB

URL GET HTTP/1.1
71.19.146.161/assets/sounds/nasheed.mp3
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo
Size
55 kB (54876 bytes)
Hash
bb710222cf6dae43613b42ff1f1db29a
c41be0a6b88099c3a62a14d3a4f7a6d72108d5bc
d7b82d8b20fc62f9be047f1e91a3e615b28f20fc13e7c335ece9d7c4f6a85f89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sounds/nasheed.mp3 HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Date: Thu, 25 Apr 2024 19:53:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 27 Nov 2017 06:27:36 GMT
ETag: "3f5c10-55ef0ff8ac600"
Accept-Ranges: bytes
Content-Length: 4152336
Content-Range: bytes 0-4152335/4152336
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: audio/mpeg

71.19.146.161/assets/explosion.png

71.19.146.161

200 OK

10 kB

URL GET HTTP/1.1
71.19.146.161/assets/explosion.png
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
PNG image data, 188 x 142, 8-bit colormap, non-interlaced
Size
10 kB (10374 bytes)
Hash
cfb5fcd840058f1bb1201ee6e38b5e5e
72c286fd00db8feaa16d836960e9e2e9a9aaa724
d9634ea8e586aa2dc0a60d148633677fba32228b308052b07e3d10ac8b28144e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/explosion.png HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 19:53:07 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:31:02 GMT
ETag: "2886-5834b7927f180"
Accept-Ranges: bytes
Content-Length: 10374
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

71.19.146.161/assets/sounds/sfx_hit.mp3

71.19.146.161

206 Partial Content

31 kB

URL GET HTTP/1.1
71.19.146.161/assets/sounds/sfx_hit.mp3
IP
71.19.146.161:80
ASN
#47066 PRGMR

Requested by
http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 96 kbps, 32 kHz, Monaural
Size
31 kB (30776 bytes)
Hash
f505f7c0c8daed7a96e70d7fd39557e2
de4c7aa758b076a611cb912091b83d7bb55da36f
f20dc1435d3d681d30de2d43f05448a74b6573c0f3fd4828dfc65c242bc1175f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sounds/sfx_hit.mp3 HTTP/1.1
Host: 71.19.146.161
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://71.19.146.161/?fbclid=IwZXh0bgNhZW0CMTEAAR2ngl7ON54VINZIAjCg6oOvYCJY9VWyoEPSM4OTeq52F1mUtOYmkn9PxMc_aem_AZWgKsZJU4YXT2I-B8cL85TrF6fhfCfEQLbr2TBfzzjPkt8if_ZFdXjmo_zBzT3DZDdrUHxphvjkwxuRIk4J2xBw&mibextid=xfxF2i
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Date: Thu, 25 Apr 2024 19:53:07 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 04 Mar 2019 21:30:56 GMT
ETag: "7838-5834b78cc6400"
Accept-Ranges: bytes
Content-Length: 30776
Content-Range: bytes 0-30775/30776
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: audio/mpeg

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (29)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1