IP 104.21.235.195:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashb25d5e7ec72fe7c181c56fe286b44875 10f16139f7f5e07bd4a2f49ae4c1a407df5578b6 99d6333713dc294a4d960b71cbdecfcd89d57960c2715ceb2b289199b5fe9297
GET / HTTP/1.1
Host: native.tubecup.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Sun, 03 Dec 2023 04:06:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://109.206.167.252:8006/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHwOzO%2B45%2F9id0pPLy7xeWqgDdeS%2BhhGt1%2BWbiKmcq%2Bf7Y%2FKeSe2M%2F53Fm2Q0OTKeqENM82OkB4509q4GvK0DTSke8sS7ofSlP1C5%2B3z4iEUn89nGWaW0PZ5SqUugcu8sniPp2g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 82f8ef51df51d93b-HEL
alt-svc: h2=":443"; ma=60
|
| GET native.tubecup.org/video/native/hdzog/ | 0.0.0.0 | | 0 B |
URL User Request GET native.tubecup.org/video/native/hdzog/ IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/native/hdzog/ HTTP/1.1
Host: native.tubecup.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 03 Dec 2023 04:06:00 GMT
content-type: text/html
location: https://109.206.167.252:8006/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2HzMTgspMFo3IH5UBACm52dCTUOtNquCyQqGOLHRhWuxt1WdDNpo9kyraX%2BIeU%2FLUTiIy5K4sRXb%2Bldwm0%2BYa%2BuTCeDwASm9rmDHDNNrCTRM39F0%2BfOfeeiPccYwXOQzLhPmpE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f8ef3f8d76df68-HEL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
| GET 109.206.167.252:8006/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 109.206.167.252:8006
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|