IP 104.21.35.254:443
CertificateIssuerGoogle Trust Services Subjecthoca4u.xyz Fingerprint0B:69:40:B2:18:CF:06:05:92:9E:46:1E:B5:F1:90:F2:5E:01:87:99 ValidityMon, 05 May 2025 19:53:06 GMT - Sun, 03 Aug 2025 20:51:30 GMT
File typeMS Windows icon resource - 2 icons, 16x16, 32x32 Hashb9a8e5ff83b1dc09dfc5bf5c2eb92213 e984b88fb19067186b2422d1fa023c3833e36e34 819283d68cc238f4798f61f579261aa1a3e7f72a84ea29b9c613df7d7e68a9b9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: hoca4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hoca4u.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 May 2025 13:17:02 GMT
content-type: image/x-icon
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 21 Nov 2023 15:00:36 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7zPqBOToF8vklo9wnTKPttmZ76CWhX9WYYHLivPzOCp8iwZkGIUZYCOrORQL8n7vOyd7Jz4h87uYwggkFPWWw%2FGs%2BFF3uigWaPhNXTfoBvIQbJY0%2BhRyW9dNB%2BL0"}]}
expires: Sat, 17 May 2025 13:17:01 GMT
cache-control: public, max-age=604800, must-revalidate
access-control-allow-origin: *
cf-cache-status: MISS
etag: W/"655cc614-e36"
content-encoding: br
cf-ray: 93d9b6e78e0356bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
IP104.21.35.254:443
CertificateIssuerGoogle Trust Services Subjecthoca4u.xyz Fingerprint0B:69:40:B2:18:CF:06:05:92:9E:46:1E:B5:F1:90:F2:5E:01:87:99 ValidityMon, 05 May 2025 19:53:06 GMT - Sun, 03 Aug 2025 20:51:30 GMT
File typeASCII text, with no line terminators Hash4eae35f1b35977a00ebd8086c259d4c9 c50267b906a652f2142cfab006e215c9f6fdc8a0 7c2ecd07f155648431e0f94b89247d713c5786e1e73e953f2fe7eca39534cd6d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: hoca4u.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 May 2025 13:17:01 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
x-powered-by: PHP/5.6.40
access-control-allow-origin: *
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xJWAjYLyRhD413S50A03R9XgCs3kson8L7Fu54pf6e%2B5ICdoPUty30NV29WMK9KMmHdA4LWoT8NhB59AmgenkTPK5SSjhysZY5Y8HoqIgm8MIho3DiG5R%2F%2B%2F5Wfa"}]}
content-encoding: br
cf-ray: 93d9b6e509fe56bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|