URL User Request GET HTTP/2IP176.96.138.90:443 ASN#58212 dataforest GmbH
CertificateIssuerLet's Encrypt Subject*.qu.ax Fingerprint82:9B:25:4F:F4:5A:4D:E3:20:F2:A0:49:24:38:BA:5B:66:4A:CB:6D ValidityMon, 18 Mar 2024 05:21:34 GMT - Sun, 16 Jun 2024 05:21:33 GMT
File typeASCII text, with CRLF line terminators Hash1d0399ff373e7c5c7c88d5509e0c7ba9 7f1a6b3723a2a3f72ac7d5d171bc13c3ba46405e 81e4afa46d3fc539c9f8b88b1ba908eaf12d01fdedcfed59b8a17bab125586a8
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /yhYy.txt HTTP/1.1
Host: qu.ax
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:27:40 GMT
content-type: text/plain
last-modified: Sat, 20 Jan 2024 04:27:30 GMT
x-xss-protection: 1; mode=block
content-encoding: br
alt-svc: h3=":443"; ma=604800
X-Firefox-Spdy: h2
|
IP176.96.138.90:443 ASN#58212 dataforest GmbH
CertificateIssuerLet's Encrypt Subject*.qu.ax Fingerprint82:9B:25:4F:F4:5A:4D:E3:20:F2:A0:49:24:38:BA:5B:66:4A:CB:6D ValidityMon, 18 Mar 2024 05:21:34 GMT - Sun, 16 Jun 2024 05:21:33 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hashb1427ced1520ea9d49dc3ff783f9fc38 f63057f04bbc9685daef2a5bb5f8b6c0ae483bf0 9374e3620b1daa8f7ce59acc9250129e15dae90354280f4ce3b8369209ebdd31
Analyzer | Verdict | Alert | mnemonic secure dns | malicious | Sinkholed | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: qu.ax
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qu.ax/yhYy.txt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
server: nginx
date: Tue, 16 Apr 2024 15:27:41 GMT
content-type: image/x-icon
last-modified: Sun, 05 Jun 2022 23:07:17 GMT
x-xss-protection: 1; mode=block
content-encoding: br
alt-svc: h3=":443"; ma=604800
|