Report - 3.110.191.226/shts/index.php

Report Overview

Submitted URL
3.110.191.226/shts/index.php
IP
3.110.191.226
ASN
#16509 AMAZON-02
Submitted
2024-04-26 09:23:51
Access
public
Website Title
D Y Patil University
Final URL
3.110.191.226/shts/index.php
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
48

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-26	2.7 kB	77 kB	142.250.74.131
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-25	432 B	61 kB	104.18.10.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	1.7 kB	26 kB	142.250.74.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-24	1.5 kB	92 kB	104.17.24.14
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-25	427 B	32 kB	216.58.207.202
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-26	856 B	163 kB	142.250.74.72
3.110.191.226	unknown	unknown	No data	No data	9.0 kB	3.1 MB	3.110.191.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed
2024-04-26	medium	3.110.191.226	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	3.110.191.226/shts/wp-content/plugins/site-improve-snippet/snippet5152.js?ver=1.0	283 B	2024-04-26	2024-04-26
Pretty URL 3.110.191.226/shts/wp-content/plugins/site-improve-snippet/snippet5152.js?ver=1.0 IP 3.110.191.226 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 11:24:00 Last Seen2024-04-26 11:24:01 Times Seen2 Hash 9dc21dc34925b1d709f685941eeba071 3ae42522c133ba7fe59aa7b83554e8bd2f5ab556 ad342c2f62a4026d1a98239915e8ade57d8aab060626d322caf0bbcd581bd5e1 Loading...

	3.110.191.226/shts/index.php	155 B	2024-04-26	2024-04-26
Pretty URL 3.110.191.226/shts/index.php IP 3.110.191.226 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 11:24:00 Last Seen2024-04-26 11:24:00 Times Seen1 Hash 521a84b162b3d3052be43d16080a924a 3c4386a9bca0f2ce6a71a8c2da0b9882f27dc023 3a5740dcb6f7a7583c3fa06325885e12472da74b391856eb47728877d6e135d7 Loading...

	3.110.191.226/shts/index.php	144 B	2024-04-26	2024-04-26
Pretty URL 3.110.191.226/shts/index.php IP 3.110.191.226 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 11:24:01 Last Seen2024-04-26 11:24:01 Times Seen1 Hash a94676fd81e4d46b83d7ff4b57e5f732 6592e303c000cf50dfbf418b3ef908bf40bf797d e70c699f3e0efa1f62a76f091c1d3a279195cf50c3d5126067eecec7a31f1091 Loading...

	3.110.191.226/shts/index.php	158 B	2024-04-26	2024-04-26
Pretty URL 3.110.191.226/shts/index.php IP 3.110.191.226 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 11:24:01 Last Seen2024-04-26 11:24:01 Times Seen1 Hash 52af34595257614e92eba5abd388e5d2 055038af11298b792daf3fdafc6c4820a74483cd e90fd81a67393dcb1ed905cc44036be2863516dbdc2fd3c378035ffa2b19ad33 Loading...

	www.googletagmanager.com/gtag/js?id=AW-11107369980	226 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=AW-11107369980 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 11:24:01 Last Seen2024-04-26 11:24:01 Times Seen2 Hash e14a2102e8081390a5eb555ed45aa07f 9a2ff41a03a81f501bf007b9c628ffaed84a0723 0191f045783803a6caff7499cfd90db24bd67e0ed4a3b83f7f1081adbc35027e Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js	60 kB	2023-03-07	2024-05-05
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:50 Last Seen2024-05-05 20:11:37 Times Seen7527 Hash 02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Loading...

	3.110.191.226/shts/wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2	11 kB	2023-03-07	2024-05-03
Pretty URL 3.110.191.226/shts/wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2 IP 3.110.191.226 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:45:05 Last Seen2024-05-03 08:26:56 Times Seen232 Hash 84cf3d32b3d78abe75d6f5e9f8354dcc a0eafbfb48cdcaa246b58346cd7ebfd67458adf3 d301bad6e867bd0803600fb51a818a777655abe5513a2e9ac1128502d93f09ac Loading...

	3.110.191.226/shts/index.php	154 B	2023-03-09	2024-04-26
Pretty URL 3.110.191.226/shts/index.php IP 3.110.191.226 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 11:28:49 Last Seen2024-04-26 11:24:01 Times Seen6 Hash a187d42875b99ce67201e78d8dc03470 f50b1c8d03f75cc9d57c316c468a5be89e4bfc4e 0bcae4b19dced5e5bbe1dac871cadd838ba93fcd57bf583b0c4a0d77a3706e3a Loading...

	3.110.191.226/shts/index.php	84 B	2023-03-11	2024-04-26
Pretty URL 3.110.191.226/shts/index.php IP 3.110.191.226 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 20:44:27 Last Seen2024-04-26 11:24:01 Times Seen17 Hash 88c05b9cba3966c398a0891b5dfeffbe b157e727d7951b8d5a70446c0b282fabc5c168ce edcd3e07f922d8236907a21d8af5a6390c1649a3ab1566101883c0488d21cf2f Loading...

	www.googletagmanager.com/gtag/js?id=AW-11107369980	226 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=AW-11107369980 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 11:24:01 Last Seen2024-04-26 11:24:01 Times Seen2 Hash 30677e001872bc2f58fcffa280a54deb c7f663805176e4f498da8c24f64b2604027239f4 78624495135a5ff89d8e960d0ac7a0da15717aff60ccd899b13d2c0df7862754 Loading...

	3.110.191.226/shts/js/multislider.js	14 kB	2023-08-26	2024-04-26
Pretty URL 3.110.191.226/shts/js/multislider.js IP 3.110.191.226 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-26 05:39:38 Last Seen2024-04-26 11:24:01 Times Seen4 Hash 61d6de3a2ef7016faf0d13a6cb800d79 b34833e85457f6369beb5bb944a2f5eb8dedb334 26b96d51e0d272f05c290d2f73d2307ea3b276f79664ac25ed95c9787eea1367 Loading...

	3.110.191.226/shts/index.php	84 B	2024-04-26	2024-04-26
Pretty URL 3.110.191.226/shts/index.php IP 3.110.191.226 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 11:24:01 Last Seen2024-04-26 11:24:01 Times Seen1 Hash 231f38b3fa5d7da835800e02875988a9 e67884d61aa614674c0e755e9bde3c2d3525aa07 6a60e4247198a38037b6f98d1a5b9959b628da69f88310df8fe6b962f52c6644 Loading...

	3.110.191.226/shts/index.php	437 B	2024-04-26	2024-04-26
Pretty URL 3.110.191.226/shts/index.php IP 3.110.191.226 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 11:24:01 Last Seen2024-04-26 11:24:01 Times Seen1 Hash 5a85143117275d58cec457bbe929ed27 3b069abd54fc7050b3991b03ff8632c90619dc93 1a0f403dfbc46cf49cf35da08ebf7758c018b5439c14ce69403450fb1efe8173 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-06
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-06 14:53:55 Times Seen141676 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js	21 kB	2023-03-07	2024-05-06
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-05-06 10:39:13 Times Seen10686 Hash 84415b7368fd6fc764cbe86039ce0626 62f238e73348c77eb9e865426a7d1b7de23cbb2d c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Loading...

HTTP Transactions (40)

URL IP Response Size

fonts.googleapis.com/css?family=Open+Sans%3A400%2C300&ver=5.7.2

142.250.74.106

200 OK

1.6 kB

URL GET HTTP/1.1
fonts.googleapis.com/css?family=Open+Sans%3A400%2C300&ver=5.7.2
IP
142.250.74.106:80
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php

File type
ASCII text, with very long lines (1572)
Size
1.6 kB (1579 bytes)
Hash
649e53d4112abea0cd414ee6cd75aaad
5660a64ca4d78eb20c028997b540e4f863f6237c
0bf77f61cf6ccf765328476a0a3e5f7ae9b955f49dfff83ea86c68c42dec4ad0

HTTP Headers

GET /css?family=Open+Sans%3A400%2C300&ver=5.7.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 26 Apr 2024 09:23:24 GMT
Date: Fri, 26 Apr 2024 09:23:24 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js

104.17.24.14

200 OK

6.7 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21084)
Size
6.7 kB (6696 bytes)
Hash
84415b7368fd6fc764cbe86039ce0626
62f238e73348c77eb9e865426a7d1b7de23cbb2d
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

HTTP Headers

GET /ajax/libs/popper.js/1.16.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:23:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 6696
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-5309"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1238570
expires: Wed, 16 Apr 2025 09:23:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKN7tSzE6OZoC8NCfSBgEiDa4Py%2FrNtpNe68IG7zEb5W33pMnFfKtTgZi00IE%2BGwtH%2B2JIdMoAouNNFPaliXgxXXdxIs17Lyf%2B1XMEHFN44p6lD%2FCYzjND9BI8klO2YTImA0zRYO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a5838f0c6b568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:23:24 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 916889
expires: Wed, 16 Apr 2025 09:23:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BDREXJPrLx5imbRXTGsVSmClMh2XTJh3kPdG%2BfGdts8OtynLLxH2LY2n5irBK%2FDSnXaQxI6ShND7Aoehgs%2BBEAhBLmrKJSNDATW5QHNWJVIR4ZFZR2Dn%2FW9Lwdat7U0dBm6oLRZM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a5838f1e32712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

216.58.207.202

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:06:13 GMT
expires: Sat, 26 Apr 2025 06:06:13 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 11831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-11107369980

142.250.74.72

200 OK

81 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=AW-11107369980
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
81 kB (80722 bytes)
Hash
30677e001872bc2f58fcffa280a54deb
c7f663805176e4f498da8c24f64b2604027239f4
78624495135a5ff89d8e960d0ac7a0da15717aff60ccd899b13d2c0df7862754

HTTP Headers

GET /gtag/js?id=AW-11107369980 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 09:23:24 GMT
expires: Fri, 26 Apr 2024 09:23:24 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

3.110.191.226/shts/index.php

3.110.191.226

70 kB

URL User Request GET
3.110.191.226/shts/index.php
IP
3.110.191.226:0
ASN
#16509 AMAZON-02

File type
HTML document, Unicode text, UTF-8 text, with very long lines (877), with CRLF line terminators
Size
70 kB (70299 bytes)
Hash
e3878bb4bd7e3353345edd202dc54c1f
816c4e1fbbe19e1b74314bcffe428cb2dfa8b724
6c757d2e985ffae258725878b3453af8dbf39f686043bd6064ddc6bf408b370d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/index.php HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
X-Powered-By: PHP/8.0.30
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

3.110.191.226/shts/wp-content/themes/homesite17/style9f31.css?ver=5.7.2

3.110.191.226

200 OK

393 B

URL GET HTTP/1.1
3.110.191.226/shts/wp-content/themes/homesite17/style9f31.css?ver=5.7.2
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
ASCII text, with CRLF line terminators
Size
393 B (393 bytes)
Hash
a23b1b1b7256f2d11d7ab0fa73312b62
25eef03e16fdf5963366798830c51615032ac2ef
ae9abde8bdd2b083234e341d4f5affc6c7c0099616a4acf89999c7c85f9260c4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/wp-content/themes/homesite17/style9f31.css?ver=5.7.2 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:49 GMT
ETag: "189-5f69458cd94a9"
Accept-Ranges: bytes
Content-Length: 393
Keep-Alive: timeout=5, max=100
Content-Type: text/css

3.110.191.226/shts/wp-content/plugins/site-improve-snippet/snippet5152.js?ver=1.0

3.110.191.226

200 OK

283 B

URL GET HTTP/1.1
3.110.191.226/shts/wp-content/plugins/site-improve-snippet/snippet5152.js?ver=1.0
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
283 B (283 bytes)
Hash
9dc21dc34925b1d709f685941eeba071
3ae42522c133ba7fe59aa7b83554e8bd2f5ab556
ad342c2f62a4026d1a98239915e8ade57d8aab060626d322caf0bbcd581bd5e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/wp-content/plugins/site-improve-snippet/snippet5152.js?ver=1.0 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:25 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:48 GMT
ETag: "11b-5f69458c52866"
Accept-Ranges: bytes
Content-Length: 283
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

3.110.191.226/shts/wp-includes/css/dist/block-library/style.min9f31.css?ver=5.7.2

3.110.191.226

200 OK

58 kB

URL GET HTTP/1.1
3.110.191.226/shts/wp-includes/css/dist/block-library/style.min9f31.css?ver=5.7.2
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
Unicode text, UTF-8 text, with very long lines (29677), with CRLF line terminators
Size
58 kB (58181 bytes)
Hash
9109378c922f39ec6ad95cdb5d2dc366
147cc10f3bb0770c754c0c7291ccca9070b18e8c
85e9ab110df230d8c7cbcd1c0e91c1b0eca359fd603e257963c2590a62d566d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/wp-includes/css/dist/block-library/style.min9f31.css?ver=5.7.2 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:53 GMT
ETag: "e345-5f69459190540"
Accept-Ranges: bytes
Content-Length: 58181
Keep-Alive: timeout=5, max=100
Content-Type: text/css

3.110.191.226/shts/wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2

3.110.191.226

200 OK

11 kB

URL GET HTTP/1.1
3.110.191.226/shts/wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JavaScript source, ASCII text, with very long lines (11126), with CRLF line terminators
Size
11 kB (11226 bytes)
Hash
84cf3d32b3d78abe75d6f5e9f8354dcc
a0eafbfb48cdcaa246b58346cd7ebfd67458adf3
d301bad6e867bd0803600fb51a818a777655abe5513a2e9ac1128502d93f09ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/wp-includes/js/jquery/jquery-migrate.mind617.js?ver=3.3.2 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:25 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:49 GMT
ETag: "2bda-5f69458cd65c9"
Accept-Ranges: bytes
Content-Length: 11226
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

3.110.191.226/shts/wp-content/plugins/awesome-weather-pro/awesome-weather9f31.css?ver=5.7.2

3.110.191.226

200 OK

44 kB

URL GET HTTP/1.1
3.110.191.226/shts/wp-content/plugins/awesome-weather-pro/awesome-weather9f31.css?ver=5.7.2
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
ASCII text, with very long lines (24950), with CRLF line terminators
Size
44 kB (44470 bytes)
Hash
6691e19e4ff1bdc6b1fe310cffd16839
299a9d40084f645825347e387779767da54e1b72
a16282cb1eba5ac3fb6f983c79acb7a7c57c0f3fe515a1d236d5a22323e54da2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/wp-content/plugins/awesome-weather-pro/awesome-weather9f31.css?ver=5.7.2 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:48 GMT
ETag: "adb6-5f69458c52866"
Accept-Ranges: bytes
Content-Length: 44470
Keep-Alive: timeout=5, max=100
Content-Type: text/css

3.110.191.226/shts/js/multislider.js

3.110.191.226

200 OK

14 kB

URL GET HTTP/1.1
3.110.191.226/shts/js/multislider.js
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
14 kB (14410 bytes)
Hash
61d6de3a2ef7016faf0d13a6cb800d79
b34833e85457f6369beb5bb944a2f5eb8dedb334
26b96d51e0d272f05c290d2f73d2307ea3b276f79664ac25ed95c9787eea1367

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/js/multislider.js HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:25 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:47 GMT
ETag: "384a-5f69458b1fe21"
Accept-Ranges: bytes
Content-Length: 14410
Keep-Alive: timeout=5, max=100
Content-Type: application/javascript

3.110.191.226/shts/css/bootstrap.css

3.110.191.226

200 OK

196 kB

URL GET HTTP/1.1
3.110.191.226/shts/css/bootstrap.css
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
ASCII text, with very long lines (570), with CRLF line terminators
Size
196 kB (196045 bytes)
Hash
bc56452716e11a3ddb10d4af06d78a8a
c45652aa2fb56e90d65ef99f9a95d66d7fe15405
bee461a6b51e0d27c01f9de0721127d3e65ef6bb0392d496e7253b7e0fe5f2fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/css/bootstrap.css HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:39 GMT
ETag: "2fdcd-5f694583a2e1c"
Accept-Ranges: bytes
Content-Length: 196045
Keep-Alive: timeout=5, max=100
Content-Type: text/css

3.110.191.226/shts/wp-content/themes/homesite17/css/master.minb5ff.css?ver=2021.04.15.11.26

3.110.191.226

200 OK

671 kB

URL GET HTTP/1.1
3.110.191.226/shts/wp-content/themes/homesite17/css/master.minb5ff.css?ver=2021.04.15.11.26
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
Unicode text, UTF-8 text, with very long lines (28703), with CRLF line terminators
Size
671 kB (670939 bytes)
Hash
4afa27d7612a54e1c32b00803d6d696e
9013b4826065bd48c8723edad9689797c56d7106
e649f452077806db799e61f44725e891beb2e0e42f99374cf3271d2f4b8dc2e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/wp-content/themes/homesite17/css/master.minb5ff.css?ver=2021.04.15.11.26 HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:24 GMT
Server: Apache/2.4.58 ()
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 10 Mar 2023 23:44:50 GMT
ETag: "a3cdb-5f69458e97951"
Accept-Ranges: bytes
Content-Length: 670939
Keep-Alive: timeout=5, max=100
Content-Type: text/css

www.googletagmanager.com/gtag/js?id=AW-11107369980

142.250.74.72

200 OK

81 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=AW-11107369980
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
81 kB (80719 bytes)
Hash
e14a2102e8081390a5eb555ed45aa07f
9a2ff41a03a81f501bf007b9c628ffaed84a0723
0191f045783803a6caff7499cfd90db24bd67e0ed4a3b83f7f1081adbc35027e

HTTP Headers

GET /gtag/js?id=AW-11107369980 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 09:23:26 GMT
expires: Fri, 26 Apr 2024 09:23:26 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80719
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.17.24.14

200 OK

77 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:23:26 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4982622
expires: Wed, 16 Apr 2025 09:23:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y3so9UY7vQBGhQXzeoPfAGnzhOatKH6pImW8wBBbLsamveEqyV4iAqRlEituim6uP%2BQxiidcGoJJLUozvX3ASqj%2BHsd0BTtyGPfsLhLLBTyAZT%2FE0wKgYL6KabBVm5ewOfrCy6HK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a5839c6ae3712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

3.110.191.226/shts/images/DY-Patil-University-Logo.png

3.110.191.226

200 OK

16 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/DY-Patil-University-Logo.png
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
PNG image data, 200 x 76, 8-bit/color RGBA, non-interlaced
Size
16 kB (15492 bytes)
Hash
749a495ba647b69cdc9c79be5a0aedb6
19c65012621a937af8cd7d9fb86bce3beec2fa1a
eb17a2ad5ec4bb69bbf638d5d51ba540789603e49d258fc2181da096895da431

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/DY-Patil-University-Logo.png HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:42 GMT
ETag: "3c84-5f6945870af4d"
Accept-Ranges: bytes
Content-Length: 15492
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

3.110.191.226/shts/images/home-3.jpg

3.110.191.226

200 OK

45 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/home-3.jpg
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3
Size
45 kB (45300 bytes)
Hash
897371270f6e95360405d2083b6fee25
fc92a817c176a8e048fd95a2a97065b8d2f0c74e
dfc1dc65cc66c407bab458ca4a28f8d7c19dd7ff25c9f79a7a2d6ec891df698c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/home-3.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "b0f4-5f6945885fc73"
Accept-Ranges: bytes
Content-Length: 45300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

3.110.191.226/shts/images/home-7.jpg

3.110.191.226

200 OK

36 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/home-7.jpg
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3
Size
36 kB (35498 bytes)
Hash
844fc712eab36efbdf4ffa7584dbcd2e
152ff1b42467a8fde335e59b98e4f35b651b636f
4ad74e937718f4915450b2780704073d6811ee4e99f9f3ecc3698f71a62d6ed0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/home-7.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "8aaa-5f69458874494"
Accept-Ranges: bytes
Content-Length: 35498
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

fonts.googleapis.com/css?family=Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i

142.250.74.106

200 OK

15 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
15 kB (15201 bytes)
Hash
de71be8cb2f1519b876d928264a5c0d9
50759345ad442d6157df11ec341cdfb36019de4a
f64c7f5eeb720bab5e5e2dbc20b3f13acbe6ad454eb0fb0a9a148d8bad64183c

HTTP Headers

GET /css?family=Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 09:23:26 GMT
date: Fri, 26 Apr 2024 09:23:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2

142.250.74.131

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14188, version 1.0
Size
14 kB (14188 bytes)
Hash
eb0aa55d4737c1ad19e5d9e5d3f0efbf
f909e7fff1d5be6f308912d5c407ae618ba53d9c
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14188
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:53:15 GMT
expires: Sat, 26 Apr 2025 05:53:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:53:03 GMT
content-type: font/woff2
age: 12611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0
Size
15 kB (14892 bytes)
Hash
9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:19:22 GMT
expires: Sat, 26 Apr 2025 06:19:22 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
age: 11044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14712, version 1.0
Size
15 kB (14712 bytes)
Hash
3afeae0d768769f5e5f30ac9805c5b70
3ada17c2b462db3e7a1fd85c3f4670dfe7704f4d
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:55:02 GMT
expires: Sat, 26 Apr 2025 05:55:02 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
age: 12504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14824, version 1.0
Size
15 kB (14824 bytes)
Hash
48598bad30f08e1c3eb3d0e69b420bd5
28c2cf160273c2062f909a875c4b4c0541ee2f84
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 17:21:59 GMT
expires: Fri, 25 Apr 2025 17:21:59 GMT
cache-control: public, max-age=31536000
age: 57687
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2

142.250.74.131

200 OK

14 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14200, version 1.0
Size
14 kB (14200 bytes)
Hash
8189fc633208846686eec91ea316d6fe
ce99a5d3a3e51ea1166de5e664265db6f7783449
fae9ee8da96ba004f96a5719e3cd323b3248c49a28e56777ce829900d50929ed

HTTP Headers

GET /s/sourcesanspro/v22/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZclSds18Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://3.110.191.226
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14200
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:54:58 GMT
expires: Sat, 26 Apr 2025 05:54:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:54 GMT
content-type: font/woff2
age: 12508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

3.110.191.226/siteimproveanalytics.com/js/siteanalyze_80352.js

3.110.191.226

404 Not Found

196 B

URL GET HTTP/1.1
3.110.191.226/siteimproveanalytics.com/js/siteanalyze_80352.js
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
HTML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /siteimproveanalytics.com/js/siteanalyze_80352.js HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Content-Length: 196
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

3.110.191.226/shts/images/home-6.jpg

3.110.191.226

200 OK

40 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/home-6.jpg
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3
Size
40 kB (40402 bytes)
Hash
bfc01be1f7865f1db6acd50f6cb78992
63ce091210d9db25535adc55d92fe935f052fcc8
27434b8796c47d3410bc026fded7b24c1ca5f3c9dbca026790fe642769f58b33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/home-6.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "9dd2-5f69458870614"
Accept-Ranges: bytes
Content-Length: 40402
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

3.110.191.226/shts/wp-content/uploads/2021/07/20210527_Stanford_OvalDJI_0037-DG-scaled.jpg

3.110.191.226

200 OK

219 kB

URL GET HTTP/1.1
3.110.191.226/shts/wp-content/uploads/2021/07/20210527_Stanford_OvalDJI_0037-DG-scaled.jpg
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2022:03:07 13:25:50], progressive, precision 8, 1280x1100, components 3
Size
219 kB (218801 bytes)
Hash
d682eea39715fc5c8d3064da6349b959
da7e72741c020b65a1ea0c78e89501932eb80996
2698b547e9428c98ca0d20894d78a7dc61ac89721b841432e0daadd73cac207e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/wp-content/uploads/2021/07/20210527_Stanford_OvalDJI_0037-DG-scaled.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:53 GMT
ETag: "356b1-5f6945913969e"
Accept-Ranges: bytes
Content-Length: 218801
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

3.110.191.226/shts/images/footer2.png

3.110.191.226

200 OK

93 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/footer2.png
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
PNG image data, 185 x 200, 8-bit/color RGBA, non-interlaced
Size
93 kB (93102 bytes)
Hash
12181b3ef9bf65bcfc45cde58d1cceca
3d7108a336391d8d05250736beff697e7fd0cf9f
df8330bdc3f2e22ea0e9a9cb8eeff524edfffb629292be50daa6d4dda8ca9826

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/footer2.png HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "16bae-5f69458862b53"
Accept-Ranges: bytes
Content-Length: 93102
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

3.110.191.226/shts/images/home-1.jpg

3.110.191.226

200 OK

120 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/home-1.jpg
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3
Size
120 kB (120010 bytes)
Hash
b19d927e3e56061b6b9b066909bd2ee9
ffc223a40d6670941b07eabff98cff0d700a2cd8
23645aba5a662f272490f996370f2df32cce8afb449349bbd1079397db7681a0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/home-1.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "1d4ca-5f6945884d393"
Accept-Ranges: bytes
Content-Length: 120010
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

3.110.191.226/shts/images/home-4.jpg

3.110.191.226

200 OK

50 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/home-4.jpg
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3
Size
50 kB (50490 bytes)
Hash
886ee4dbf3d9903212a12db0954bf3ce
1b53db4ba1f85b3e9e9807c48c54c6edae0d6c22
b6c1bf3f092c8625e6809be41bf4a9d3017e9e88e2a57c7d1a399bd13b0dfef6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/home-4.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "c53a-5f69458867973"
Accept-Ranges: bytes
Content-Length: 50490
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

3.110.191.226/shts/images/home-2.jpg

3.110.191.226

200 OK

68 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/home-2.jpg
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3
Size
68 kB (67668 bytes)
Hash
812b87a3d058be383b98ae4ac91344bf
41715a98ca4de150b24172b4124ad841206e0394
9f3c72c9f9ebbb9d5494a6725a8fde4983b9d1aa6af028d4eb3b8becd1de077c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/home-2.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "10854-5f69458856033"
Accept-Ranges: bytes
Content-Length: 67668
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

3.110.191.226/shts/images/home-5.jpg

3.110.191.226

200 OK

60 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/home-5.jpg
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3
Size
60 kB (60034 bytes)
Hash
ce2c315174089113c7d75ff24c5b3d94
41dcdb389ef88b03d1de32dc8844739c1c311399
1a04427215b82b68d497dde68ab7cddf370846984a2d9cc41d6f1766e1af96e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/home-5.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "ea82-5f6945886c793"
Accept-Ranges: bytes
Content-Length: 60034
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

3.110.191.226/shts/images/home-8.jpg

3.110.191.226

200 OK

52 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/home-8.jpg
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 522x348, components 3
Size
52 kB (52015 bytes)
Hash
b749aafda185d3ba71bf88fc2a5c9ee2
0961a15ef45f00ef86646280997d2710050142d0
5a7e8e066eb91505b1c70a703432e6a1e03507b0df2e9cae89588f5520222a9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/home-8.jpg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:44 GMT
ETag: "cb2f-5f694588792b4"
Accept-Ranges: bytes
Content-Length: 52015
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

3.110.191.226/shts/images/brew-with-the-starbucks-crew.jpeg

3.110.191.226

200 OK

273 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/brew-with-the-starbucks-crew.jpeg
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1081x1080, components 3
Size
273 kB (272552 bytes)
Hash
f78ad09f9c557ad9bab894d8072140cd
fdcd560c9c044da5be62fd774a3accaf45187f06
55d7119c7d9d81e4e395beeb70fbf3805b253de52d99959302b8a143d3555f5a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/brew-with-the-starbucks-crew.jpeg HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:41 GMT
ETag: "428a8-5f6945856ed85"
Accept-Ranges: bytes
Content-Length: 272552
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

3.110.191.226/favicon.ico

3.110.191.226

404 Not Found

196 B

URL GET HTTP/1.1
3.110.191.226/favicon.ico
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
HTML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Cookie: _gcl_au=1.1.1604481614.1714123407
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 09:23:27 GMT
Server: Apache/2.4.58 ()
Content-Length: 196
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

3.110.191.226/shts/images/newspaper.png

3.110.191.226

200 OK

964 kB

URL GET HTTP/1.1
3.110.191.226/shts/images/newspaper.png
IP
3.110.191.226:80
ASN
#16509 AMAZON-02

Requested by
http://3.110.191.226/shts/index.php

File type
PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced
Size
964 kB (963746 bytes)
Hash
33858d4a1e364e7cb6f98e9e71c776a6
55363f244d33570c4ce192112e9a80075cdeed77
1522610dfe7d9af072d4f810d15750ce58ed67da08e893d3a5fce32396d64278

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /shts/images/newspaper.png HTTP/1.1
Host: 3.110.191.226
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/shts/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 09:23:26 GMT
Server: Apache/2.4.58 ()
Last-Modified: Fri, 10 Mar 2023 23:44:45 GMT
ETag: "eb4a2-5f6945891f2f7"
Accept-Ranges: bytes
Content-Length: 963746
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

fonts.googleapis.com/css?family=Source+Serif+Pro:400,600,700

142.250.74.106

200 OK

3.9 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Serif+Pro:400,600,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
gzip compressed data, max compression
Size
3.9 kB (3860 bytes)
Hash
3d764ea9ee2122f2109c4463658bb4cc
425fbc40dc78dde32f55c62f08eaeb680a9ebeef
1b3b06bb384b2d5e238fc6e42c8116392ab52c2173fd7943650e341d0c83f000

HTTP Headers

GET /css?family=Source+Serif+Pro:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 09:23:26 GMT
date: Fri, 26 Apr 2024 09:23:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Code+Pro

142.250.74.106

200 OK

2.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Code+Pro
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (2534), with no line terminators
Size
2.5 kB (2478 bytes)
Hash
a96f9c37e757f013b86a2c9a3fd2376e
1b2590132151f7292ecec971ffe0d3d3c17e4cdd
5176fd89e3af64edafea9f159fcd0ebfa7a6affa4e4d98e6f8644fcc5854ce6f

HTTP Headers

GET /css?family=Source+Code+Pro HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 09:23:26 GMT
date: Fri, 26 Apr 2024 09:23:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

104.18.10.207

200 OK

60 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
http://3.110.191.226/shts/index.php
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (59765)
Size
60 kB (60044 bytes)
Hash
02d223393e00c273efdcb1ade8f4f8b1
0cc93b8421d89c24a889642428b363cb831de78a
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

HTTP Headers

GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://3.110.191.226/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 09:23:24 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 09/17/2023 22:21:35
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-edgestorageid: 1048
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7f9c470a6349644c490ab0e58dbcefa0
cdn-cache: HIT
cf-cache-status: HIT
age: 13065591
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a5838f1b59569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML