| fonts.googleapis.com/css?family=Open+Sans%3A400%2C300&ver=5.7.2 | 142.250.74.106 | 200 OK | 1.6 kB |
URL GET HTTP/1.1fonts.googleapis.com/css?family=Open+Sans%3A400%2C300&ver=5.7.2 IP142.250.74.106:80
Requested byhttp://3.110.191.226/shts/index.php
File typeASCII text, with very long lines (1572) Hash649e53d4112abea0cd414ee6cd75aaad 5660a64ca4d78eb20c028997b540e4f863f6237c 0bf77f61cf6ccf765328476a0a3e5f7ae9b955f49dfff83ea86c68c42dec4ad0
GET /css?family=Open+Sans%3A400%2C300&ver=5.7.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 26 Apr 2024 09:23:24 GMT
Date: Fri, 26 Apr 2024 09:23:24 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js | 104.17.24.14 | 200 OK | 6.7 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js IP104.17.24.14:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21084) Hash84415b7368fd6fc764cbe86039ce0626 62f238e73348c77eb9e865426a7d1b7de23cbb2d c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
GET /ajax/libs/popper.js/1.16.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:23:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 6696
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-5309"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1238570
expires: Wed, 16 Apr 2025 09:23:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKN7tSzE6OZoC8NCfSBgEiDa4Py%2FrNtpNe68IG7zEb5W33pMnFfKtTgZi00IE%2BGwtH%2B2JIdMoAouNNFPaliXgxXXdxIs17Lyf%2B1XMEHFN44p6lD%2FCYzjND9BI8klO2YTImA0zRYO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a5838f0c6b568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.24.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.24.14:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:23:24 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 916889
expires: Wed, 16 Apr 2025 09:23:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDREXJPrLx5imbRXTGsVSmClMh2XTJh3kPdG%2BfGdts8OtynLLxH2LY2n5irBK%2FDSnXaQxI6ShND7Aoehgs%2BBEAhBLmrKJSNDATW5QHNWJVIR4ZFZR2Dn%2FW9Lwdat7U0dBm6oLRZM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a5838f1e32712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js | 216.58.207.202 | 200 OK | 31 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP216.58.207.202:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:06:13 GMT
expires: Sat, 26 Apr 2025 06:06:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 11831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=AW-11107369980 | 142.250.74.72 | 200 OK | 81 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-11107369980 IP142.250.74.72:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash30677e001872bc2f58fcffa280a54deb c7f663805176e4f498da8c24f64b2604027239f4 78624495135a5ff89d8e960d0ac7a0da15717aff60ccd899b13d2c0df7862754
GET /gtag/js?id=AW-11107369980 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 09:23:24 GMT
expires: Fri, 26 Apr 2024 09:23:24 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 3.110.191.226/shts/index.php | 3.110.191.226 | | 70 kB |
URL User Request GET 3.110.191.226/shts/index.php IP3.110.191.226:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (877), with CRLF line terminators Hashe3878bb4bd7e3353345edd202dc54c1f 816c4e1fbbe19e1b74314bcffe428cb2dfa8b724 6c757d2e985ffae258725878b3453af8dbf39f686043bd6064ddc6bf408b370d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/index.php HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
X-Powered-By: PHP/8.0.30
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| 3.110.191.226/shts/wp-content/themes/homesite17/style9f31.css?ver=5.7.2 | 3.110.191.226 | 200 OK | 393 B |
URL GET HTTP/1.13.110.191.226/shts/wp-content/themes/homesite17/style9f31.css?ver=5.7.2 IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeASCII text, with CRLF line terminators Hasha23b1b1b7256f2d11d7ab0fa73312b62 25eef03e16fdf5963366798830c51615032ac2ef ae9abde8bdd2b083234e341d4f5affc6c7c0099616a4acf89999c7c85f9260c4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/wp-content/themes/homesite17/style9f31.css?ver=5.7.2 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:49 GMT
ETag: "189-5f69458cd94a9"
Accept-Ranges: bytes
Content-Length: 393
Keep-Alive: timeout=5, max=100
Content-Type: text/css
|
|
| 3.110.191.226/shts/wp-content/plugins/site-improve-snippet/snippet5152.js?ver=1.0 | 3.110.191.226 | 200 OK | 283 B |
URL GET HTTP/1.13.110.191.226/shts/wp-content/plugins/site-improve-snippet/snippet5152.js?ver=1.0 IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJavaScript source, ASCII text, with CRLF line terminators Hash9dc21dc34925b1d709f685941eeba071 3ae42522c133ba7fe59aa7b83554e8bd2f5ab556 ad342c2f62a4026d1a98239915e8ade57d8aab060626d322caf0bbcd581bd5e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/wp-content/plugins/site-improve-snippet/snippet5152.js?ver=1.0 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:25 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:48 GMT
ETag: "11b-5f69458c52866"
Accept-Ranges: bytes
Content-Length: 283
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 3.110.191.226/shts/wp-includes/css/dist/block-library/style.min9f31.css?ver=5.7.2 | 3.110.191.226 | 200 OK | 58 kB |
URL GET HTTP/1.13.110.191.226/shts/wp-includes/css/dist/block-library/style.min9f31.css?ver=5.7.2 IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeUnicode text, UTF-8 text, with very long lines (29677), with CRLF line terminators Hash9109378c922f39ec6ad95cdb5d2dc366 147cc10f3bb0770c754c0c7291ccca9070b18e8c 85e9ab110df230d8c7cbcd1c0e91c1b0eca359fd603e257963c2590a62d566d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/wp-includes/css/dist/block-library/style.min9f31.css?ver=5.7.2 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:53 GMT
ETag: "e345-5f69459190540"
Accept-Ranges: bytes
Content-Length: 58181
Keep-Alive: timeout=5, max=100
Content-Type: text/css
|
|
| 3.110.191.226/shts/wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2 | 3.110.191.226 | 200 OK | 11 kB |
URL GET HTTP/1.13.110.191.226/shts/wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2 IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJavaScript source, ASCII text, with very long lines (11126), with CRLF line terminators Hash84cf3d32b3d78abe75d6f5e9f8354dcc a0eafbfb48cdcaa246b58346cd7ebfd67458adf3 d301bad6e867bd0803600fb51a818a777655abe5513a2e9ac1128502d93f09ac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:25 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:49 GMT
ETag: "2bda-5f69458cd65c9"
Accept-Ranges: bytes
Content-Length: 11226
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 3.110.191.226/shts/wp-content/plugins/awesome-weather-pro/awesome-weather9f31.css?ver=5.7.2 | 3.110.191.226 | 200 OK | 44 kB |
URL GET HTTP/1.13.110.191.226/shts/wp-content/plugins/awesome-weather-pro/awesome-weather9f31.css?ver=5.7.2 IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeASCII text, with very long lines (24950), with CRLF line terminators Hash6691e19e4ff1bdc6b1fe310cffd16839 299a9d40084f645825347e387779767da54e1b72 a16282cb1eba5ac3fb6f983c79acb7a7c57c0f3fe515a1d236d5a22323e54da2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/wp-content/plugins/awesome-weather-pro/awesome-weather9f31.css?ver=5.7.2 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:48 GMT
ETag: "adb6-5f69458c52866"
Accept-Ranges: bytes
Content-Length: 44470
Keep-Alive: timeout=5, max=100
Content-Type: text/css
|
|
| 3.110.191.226/shts/js/multislider.js | 3.110.191.226 | 200 OK | 14 kB |
URL GET HTTP/1.13.110.191.226/shts/js/multislider.js IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJavaScript source, ASCII text, with CRLF line terminators Hash61d6de3a2ef7016faf0d13a6cb800d79 b34833e85457f6369beb5bb944a2f5eb8dedb334 26b96d51e0d272f05c290d2f73d2307ea3b276f79664ac25ed95c9787eea1367
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/js/multislider.js HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:25 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:47 GMT
ETag: "384a-5f69458b1fe21"
Accept-Ranges: bytes
Content-Length: 14410
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript
|
|
| 3.110.191.226/shts/css/bootstrap.css | 3.110.191.226 | 200 OK | 196 kB |
URL GET HTTP/1.13.110.191.226/shts/css/bootstrap.css IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeASCII text, with very long lines (570), with CRLF line terminators Size196 kB (196045 bytes) Hashbc56452716e11a3ddb10d4af06d78a8a c45652aa2fb56e90d65ef99f9a95d66d7fe15405 bee461a6b51e0d27c01f9de0721127d3e65ef6bb0392d496e7253b7e0fe5f2fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/css/bootstrap.css HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:39 GMT
ETag: "2fdcd-5f694583a2e1c"
Accept-Ranges: bytes
Content-Length: 196045
Keep-Alive: timeout=5, max=100
Content-Type: text/css
|
|
| 3.110.191.226/shts/wp-content/themes/homesite17/css/master.minb5ff.css?ver=2021.04.15.11.26 | 3.110.191.226 | 200 OK | 671 kB |
URL GET HTTP/1.13.110.191.226/shts/wp-content/themes/homesite17/css/master.minb5ff.css?ver=2021.04.15.11.26 IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeUnicode text, UTF-8 text, with very long lines (28703), with CRLF line terminators Size671 kB (670939 bytes) Hash4afa27d7612a54e1c32b00803d6d696e 9013b4826065bd48c8723edad9689797c56d7106 e649f452077806db799e61f44725e891beb2e0e42f99374cf3271d2f4b8dc2e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/wp-content/themes/homesite17/css/master.minb5ff.css?ver=2021.04.15.11.26 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:50 GMT
ETag: "a3cdb-5f69458e97951"
Accept-Ranges: bytes
Content-Length: 670939
Keep-Alive: timeout=5, max=100
Content-Type: text/css
|
|
| www.googletagmanager.com/gtag/js?id=AW-11107369980 | 142.250.74.72 | 200 OK | 81 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=AW-11107369980 IP142.250.74.72:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52 ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashe14a2102e8081390a5eb555ed45aa07f 9a2ff41a03a81f501bf007b9c628ffaed84a0723 0191f045783803a6caff7499cfd90db24bd67e0ed4a3b83f7f1081adbc35027e
GET /gtag/js?id=AW-11107369980 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 09:23:26 GMT
expires: Fri, 26 Apr 2024 09:23:26 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.17.24.14 | 200 OK | 77 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.17.24.14:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:23:26 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4982622
expires: Wed, 16 Apr 2025 09:23:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3so9UY7vQBGhQXzeoPfAGnzhOatKH6pImW8wBBbLsamveEqyV4iAqRlEituim6uP%2BQxiidcGoJJLUozvX3ASqj%2BHsd0BTtyGPfsLhLLBTyAZT%2FE0wKgYL6KabBVm5ewOfrCy6HK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a5839c6ae3712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 3.110.191.226/shts/images/DY-Patil-University-Logo.png | 3.110.191.226 | 200 OK | 16 kB |
URL GET HTTP/1.13.110.191.226/shts/images/DY-Patil-University-Logo.png IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typePNG image data, 200 x 76, 8-bit/color RGBA, non-interlaced Hash749a495ba647b69cdc9c79be5a0aedb6 19c65012621a937af8cd7d9fb86bce3beec2fa1a eb17a2ad5ec4bb69bbf638d5d51ba540789603e49d258fc2181da096895da431
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/DY-Patil-University-Logo.png HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:42 GMT
ETag: "3c84-5f6945870af4d"
Accept-Ranges: bytes
Content-Length: 15492
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| 3.110.191.226/shts/images/home-3.jpg | 3.110.191.226 | 200 OK | 45 kB |
URL GET HTTP/1.13.110.191.226/shts/images/home-3.jpg IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3 Hash897371270f6e95360405d2083b6fee25 fc92a817c176a8e048fd95a2a97065b8d2f0c74e dfc1dc65cc66c407bab458ca4a28f8d7c19dd7ff25c9f79a7a2d6ec891df698c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/home-3.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "b0f4-5f6945885fc73"
Accept-Ranges: bytes
Content-Length: 45300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 3.110.191.226/shts/images/home-7.jpg | 3.110.191.226 | 200 OK | 36 kB |
URL GET HTTP/1.13.110.191.226/shts/images/home-7.jpg IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3 Hash844fc712eab36efbdf4ffa7584dbcd2e 152ff1b42467a8fde335e59b98e4f35b651b636f 4ad74e937718f4915450b2780704073d6811ee4e99f9f3ecc3698f71a62d6ed0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/home-7.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "8aaa-5f69458874494"
Accept-Ranges: bytes
Content-Length: 35498
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| fonts.googleapis.com/css?family=Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i | 142.250.74.106 | 200 OK | 15 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i IP142.250.74.106:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Hashde71be8cb2f1519b876d928264a5c0d9 50759345ad442d6157df11ec341cdfb36019de4a f64c7f5eeb720bab5e5e2dbc20b3f13acbe6ad454eb0fb0a9a148d8bad64183c
GET /css?family=Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 09:23:26 GMT
date: Fri, 26 Apr 2024 09:23:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2 | 142.250.74.131 | 200 OK | 14 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2 IP142.250.74.131:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14188, version 1.0 Hasheb0aa55d4737c1ad19e5d9e5d3f0efbf f909e7fff1d5be6f308912d5c407ae618ba53d9c aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14188
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:53:15 GMT
expires: Sat, 26 Apr 2025 05:53:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:53:03 GMT
content-type: font/woff2
age: 12611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 | 142.250.74.131 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 IP142.250.74.131:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14892, version 1.0 Hash9ec6deaf6bada919e20b98f9f7b718b1 501d36403ad8205e4644532600019ecb10f5cb0a 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:19:22 GMT
expires: Sat, 26 Apr 2025 06:19:22 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
age: 11044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 | 142.250.74.131 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 IP142.250.74.131:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14712, version 1.0 Hash3afeae0d768769f5e5f30ac9805c5b70 3ada17c2b462db3e7a1fd85c3f4670dfe7704f4d 0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:55:02 GMT
expires: Sat, 26 Apr 2025 05:55:02 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
age: 12504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 | 142.250.74.131 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 IP142.250.74.131:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14824, version 1.0 Hash48598bad30f08e1c3eb3d0e69b420bd5 28c2cf160273c2062f909a875c4b4c0541ee2f84 ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:21:59 GMT
expires: Fri, 25 Apr 2025 17:21:59 GMT
cache-control: public, max-age=31536000
age: 57687
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2 | 142.250.74.131 | 200 OK | 14 kB |
URL GET HTTP/2fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2 IP142.250.74.131:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14200, version 1.0 Hash8189fc633208846686eec91ea316d6fe ce99a5d3a3e51ea1166de5e664265db6f7783449 fae9ee8da96ba004f96a5719e3cd323b3248c49a28e56777ce829900d50929ed
GET /s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:54:58 GMT
expires: Sat, 26 Apr 2025 05:54:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:54 GMT
content-type: font/woff2
age: 12508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 3.110.191.226/siteimproveanalytics.com/js/siteanalyze_80352.js | 3.110.191.226 | 404 Not Found | 196 B |
URL GET HTTP/1.13.110.191.226/siteimproveanalytics.com/js/siteanalyze_80352.js IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeHTML document, ASCII text Hash62962daa1b19bbcc2db10b7bfd531ea6 d64bae91091eda6a7532ebec06aa70893b79e1f8 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /siteimproveanalytics.com/js/siteanalyze_80352.js HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Content-Length: 196
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| 3.110.191.226/shts/images/home-6.jpg | 3.110.191.226 | 200 OK | 40 kB |
URL GET HTTP/1.13.110.191.226/shts/images/home-6.jpg IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3 Hashbfc01be1f7865f1db6acd50f6cb78992 63ce091210d9db25535adc55d92fe935f052fcc8 27434b8796c47d3410bc026fded7b24c1ca5f3c9dbca026790fe642769f58b33
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/home-6.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "9dd2-5f69458870614"
Accept-Ranges: bytes
Content-Length: 40402
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 3.110.191.226/shts/wp-content/uploads/2021/07/20210527_Stanford_OvalDJI_0037-DG-scaled.jpg | 3.110.191.226 | 200 OK | 219 kB |
URL GET HTTP/1.13.110.191.226/shts/wp-content/uploads/2021/07/20210527_Stanford_OvalDJI_0037-DG-scaled.jpg IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:03:07 13:25:50], progressive, precision 8, 1280x1100, components 3 Size219 kB (218801 bytes) Hashd682eea39715fc5c8d3064da6349b959 da7e72741c020b65a1ea0c78e89501932eb80996 2698b547e9428c98ca0d20894d78a7dc61ac89721b841432e0daadd73cac207e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/wp-content/uploads/2021/07/20210527_Stanford_OvalDJI_0037-DG-scaled.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:53 GMT
ETag: "356b1-5f6945913969e"
Accept-Ranges: bytes
Content-Length: 218801
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 3.110.191.226/shts/images/footer2.png | 3.110.191.226 | 200 OK | 93 kB |
URL GET HTTP/1.13.110.191.226/shts/images/footer2.png IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typePNG image data, 185 x 200, 8-bit/color RGBA, non-interlaced Hash12181b3ef9bf65bcfc45cde58d1cceca 3d7108a336391d8d05250736beff697e7fd0cf9f df8330bdc3f2e22ea0e9a9cb8eeff524edfffb629292be50daa6d4dda8ca9826
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/footer2.png HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "16bae-5f69458862b53"
Accept-Ranges: bytes
Content-Length: 93102
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| 3.110.191.226/shts/images/home-1.jpg | 3.110.191.226 | 200 OK | 120 kB |
URL GET HTTP/1.13.110.191.226/shts/images/home-1.jpg IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3 Size120 kB (120010 bytes) Hashb19d927e3e56061b6b9b066909bd2ee9 ffc223a40d6670941b07eabff98cff0d700a2cd8 23645aba5a662f272490f996370f2df32cce8afb449349bbd1079397db7681a0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/home-1.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "1d4ca-5f6945884d393"
Accept-Ranges: bytes
Content-Length: 120010
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 3.110.191.226/shts/images/home-4.jpg | 3.110.191.226 | 200 OK | 50 kB |
URL GET HTTP/1.13.110.191.226/shts/images/home-4.jpg IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3 Hash886ee4dbf3d9903212a12db0954bf3ce 1b53db4ba1f85b3e9e9807c48c54c6edae0d6c22 b6c1bf3f092c8625e6809be41bf4a9d3017e9e88e2a57c7d1a399bd13b0dfef6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/home-4.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "c53a-5f69458867973"
Accept-Ranges: bytes
Content-Length: 50490
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 3.110.191.226/shts/images/home-2.jpg | 3.110.191.226 | 200 OK | 68 kB |
URL GET HTTP/1.13.110.191.226/shts/images/home-2.jpg IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3 Hash812b87a3d058be383b98ae4ac91344bf 41715a98ca4de150b24172b4124ad841206e0394 9f3c72c9f9ebbb9d5494a6725a8fde4983b9d1aa6af028d4eb3b8becd1de077c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/home-2.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "10854-5f69458856033"
Accept-Ranges: bytes
Content-Length: 67668
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 3.110.191.226/shts/images/home-5.jpg | 3.110.191.226 | 200 OK | 60 kB |
URL GET HTTP/1.13.110.191.226/shts/images/home-5.jpg IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3 Hashce2c315174089113c7d75ff24c5b3d94 41dcdb389ef88b03d1de32dc8844739c1c311399 1a04427215b82b68d497dde68ab7cddf370846984a2d9cc41d6f1766e1af96e8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/home-5.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "ea82-5f6945886c793"
Accept-Ranges: bytes
Content-Length: 60034
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 3.110.191.226/shts/images/home-8.jpg | 3.110.191.226 | 200 OK | 52 kB |
URL GET HTTP/1.13.110.191.226/shts/images/home-8.jpg IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3 Hashb749aafda185d3ba71bf88fc2a5c9ee2 0961a15ef45f00ef86646280997d2710050142d0 5a7e8e066eb91505b1c70a703432e6a1e03507b0df2e9cae89588f5520222a9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/home-8.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "cb2f-5f694588792b4"
Accept-Ranges: bytes
Content-Length: 52015
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 3.110.191.226/shts/images/brew-with-the-starbucks-crew.jpeg | 3.110.191.226 | 200 OK | 273 kB |
URL GET HTTP/1.13.110.191.226/shts/images/brew-with-the-starbucks-crew.jpeg IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1081x1080, components 3 Size273 kB (272552 bytes) Hashf78ad09f9c557ad9bab894d8072140cd fdcd560c9c044da5be62fd774a3accaf45187f06 55d7119c7d9d81e4e395beeb70fbf3805b253de52d99959302b8a143d3555f5a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/brew-with-the-starbucks-crew.jpeg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:41 GMT
ETag: "428a8-5f6945856ed85"
Accept-Ranges: bytes
Content-Length: 272552
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 3.110.191.226/favicon.ico | 3.110.191.226 | 404 Not Found | 196 B |
URL GET HTTP/1.13.110.191.226/favicon.ico IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typeHTML document, ASCII text Hash62962daa1b19bbcc2db10b7bfd531ea6 d64bae91091eda6a7532ebec06aa70893b79e1f8 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Cookie: _gcl_au=1.1.1604481614.1714123407
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Content-Length: 196
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| 3.110.191.226/shts/images/newspaper.png | 3.110.191.226 | 200 OK | 964 kB |
URL GET HTTP/1.13.110.191.226/shts/images/newspaper.png IP3.110.191.226:80
Requested byhttp://3.110.191.226/shts/index.php
File typePNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced Size964 kB (963746 bytes) Hash33858d4a1e364e7cb6f98e9e71c776a6 55363f244d33570c4ce192112e9a80075cdeed77 1522610dfe7d9af072d4f810d15750ce58ed67da08e893d3a5fce32396d64278
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /shts/images/newspaper.png HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:45 GMT
ETag: "eb4a2-5f6945891f2f7"
Accept-Ranges: bytes
Content-Length: 963746
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|
| fonts.googleapis.com/css?family=Source+Serif+Pro:400,600,700 | 142.250.74.106 | 200 OK | 3.9 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Source+Serif+Pro:400,600,700 IP142.250.74.106:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typegzip compressed data, max compression Hash3d764ea9ee2122f2109c4463658bb4cc 425fbc40dc78dde32f55c62f08eaeb680a9ebeef 1b3b06bb384b2d5e238fc6e42c8116392ab52c2173fd7943650e341d0c83f000
GET /css?family=Source+Serif+Pro:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 09:23:26 GMT
date: Fri, 26 Apr 2024 09:23:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Source+Code+Pro | 142.250.74.106 | 200 OK | 2.5 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Source+Code+Pro IP142.250.74.106:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (2534), with no line terminators Hasha96f9c37e757f013b86a2c9a3fd2376e 1b2590132151f7292ecec971ffe0d3d3c17e4cdd 5176fd89e3af64edafea9f159fcd0ebfa7a6affa4e4d98e6f8644fcc5854ce6f
GET /css?family=Source+Code+Pro HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 09:23:26 GMT
date: Fri, 26 Apr 2024 09:23:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 60 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js IP104.18.10.207:443
Requested byhttp://3.110.191.226/shts/index.php CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeJavaScript source, ASCII text, with very long lines (59765) Hash02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:23:24 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 09/17/2023 22:21:35
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7f9c470a6349644c490ab0e58dbcefa0
cdn-cache: HIT
cf-cache-status: HIT
age: 13065591
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a5838f1b59569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|