Report - 62.212.226.194/admin/dm-launcher.msi

Report Overview

Submitted URL
62.212.226.194/admin/dm-launcher.msi
IP
62.212.226.194
ASN
#29049 Delta Telecom Ltd
Submitted
2024-04-16 12:43:35
Access
public
Website Title
İdrak Liseyi | E-Məktəb
Final URL
62.212.226.194/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-16	1.0 kB	10 kB	142.250.74.106
62.212.226.194	unknown	unknown	2022-11-05	2022-11-05	3.0 kB	6.0 MB	62.212.226.194
pro.fontawesome.com	5887	2012-10-18	2018-03-17	2024-04-15	434 B	799 kB	104.18.40.68
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-16	531 B	20 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	62.212.226.194	Sinkholed
2024-04-16	medium	62.212.226.194	Sinkholed
2024-04-16	medium	62.212.226.194	Sinkholed
2024-04-16	medium	62.212.226.194	Sinkholed
2024-04-16	medium	62.212.226.194	Sinkholed
2024-04-16	medium	62.212.226.194	Sinkholed
2024-04-16	medium	62.212.226.194	Sinkholed
2024-04-16	medium	62.212.226.194	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	62.212.226.194/polyfills.af904fdfac577cb36dfa.js	38 kB	2024-04-16	2024-04-16
Pretty URL 62.212.226.194/polyfills.af904fdfac577cb36dfa.js IP 62.212.226.194 ASN #29049 Delta Telecom Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 14:43:43 Last Seen2024-04-16 14:43:44 Times Seen2 Hash e50a2a6d8a6e4eb665ec545a6c33fd5e 02a90687c8d8b645cb14bbf7cbf75d8c62c3c160 c97174a9bc162b3c11490317c5f916548bdc86ca4893e38ac9ec886c2a906a6f Loading...

	62.212.226.194/scripts.8702c3c79ce5d458da2a.js	481 kB	2024-04-16	2024-04-16
Pretty URL 62.212.226.194/scripts.8702c3c79ce5d458da2a.js IP 62.212.226.194 ASN #29049 Delta Telecom Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 14:43:43 Last Seen2024-04-16 14:43:44 Times Seen2 Hash 58becb9855d065106110035746d8ad43 368a34aafb0069345a21db38cd76b21e18027058 956d1b97acc1127b92c50aea87438d506e6d18a4899fd7fc95affc164fcc18d5 Loading...

	unknown	16 B	2023-04-10	2024-04-29
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57:29 Last Seen2024-04-29 19:55:26 Times Seen33910 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	62.212.226.194/main.aa7ae144848883b050e6.js	4.7 MB	2024-04-16	2024-04-16
Pretty URL 62.212.226.194/main.aa7ae144848883b050e6.js IP 62.212.226.194 ASN #29049 Delta Telecom Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 14:43:43 Last Seen2024-04-16 14:43:44 Times Seen2 Hash 6c30837ae23225b58b1357a9e441c1dc 25e2a0c6798eff6b78d9fe48ecf32aba6c1195e0 8d8bc2784c86353f000389c2bb00bd95244b50f5123bb09d5f58dc0174663c18 Loading...

	62.212.226.194/runtime.acd32fa6e04c165790d0.js	2.9 kB	2024-04-16	2024-04-16
Pretty URL 62.212.226.194/runtime.acd32fa6e04c165790d0.js IP 62.212.226.194 ASN #29049 Delta Telecom Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 14:43:44 Last Seen2024-04-16 14:43:44 Times Seen2 Hash 16fdc80ac694ecb14cf3ca97bfff38c1 bb80f235ccf70c97a14c75b93987219c4a145ab4 367f11f3bb1cdeac7fc77bdf25b01282773adb93a72d7907b7b4c78a4065a63f Loading...

HTTP Transactions (12)

URL IP Response Size

62.212.226.194/admin/dm-launcher.msi

62.212.226.194

200 OK

9.7 kB

URL User Request GET HTTP/1.1
62.212.226.194/admin/dm-launcher.msi
IP
62.212.226.194:80
ASN
#29049 Delta Telecom Ltd

File type
HTML document, ASCII text, with very long lines (6259)
Size
9.7 kB (9742 bytes)
Hash
79b94df062452942a2f6c76dcabf09ba
32ebc1ef21db2652346878e530d47c1514cf28ee
086a03524c50f2d21d305262901a93904f192231aefa171eb90ead2e4845875d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /admin/dm-launcher.msi HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: text/html
Content-Length: 9742
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:54 GMT
ETag: "661e0ab6-260e"
Accept-Ranges: bytes

62.212.226.194/runtime.acd32fa6e04c165790d0.js

62.212.226.194

200 OK

2.9 kB

URL GET HTTP/1.1
62.212.226.194/runtime.acd32fa6e04c165790d0.js
IP
62.212.226.194:80
ASN
#29049 Delta Telecom Ltd

Requested by
http://62.212.226.194/admin/dm-launcher.msi

File type
JavaScript source, ASCII text, with very long lines (2946), with no line terminators
Size
2.9 kB (2946 bytes)
Hash
16fdc80ac694ecb14cf3ca97bfff38c1
bb80f235ccf70c97a14c75b93987219c4a145ab4
367f11f3bb1cdeac7fc77bdf25b01282773adb93a72d7907b7b4c78a4065a63f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /runtime.acd32fa6e04c165790d0.js HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: application/javascript
Content-Length: 2946
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:50 GMT
ETag: "661e0ab2-b82"
Accept-Ranges: bytes

62.212.226.194/polyfills.af904fdfac577cb36dfa.js

62.212.226.194

200 OK

38 kB

URL GET HTTP/1.1
62.212.226.194/polyfills.af904fdfac577cb36dfa.js
IP
62.212.226.194:80
ASN
#29049 Delta Telecom Ltd

Requested by
http://62.212.226.194/admin/dm-launcher.msi

File type
JavaScript source, ASCII text, with very long lines (37450), with no line terminators
Size
38 kB (37450 bytes)
Hash
e50a2a6d8a6e4eb665ec545a6c33fd5e
02a90687c8d8b645cb14bbf7cbf75d8c62c3c160
c97174a9bc162b3c11490317c5f916548bdc86ca4893e38ac9ec886c2a906a6f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /polyfills.af904fdfac577cb36dfa.js HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: application/javascript
Content-Length: 37450
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:50 GMT
ETag: "661e0ab2-924a"
Accept-Ranges: bytes

62.212.226.194/scripts.8702c3c79ce5d458da2a.js

62.212.226.194

200 OK

481 kB

URL GET HTTP/1.1
62.212.226.194/scripts.8702c3c79ce5d458da2a.js
IP
62.212.226.194:80
ASN
#29049 Delta Telecom Ltd

Requested by
http://62.212.226.194/admin/dm-launcher.msi

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
481 kB (480617 bytes)
Hash
58becb9855d065106110035746d8ad43
368a34aafb0069345a21db38cd76b21e18027058
956d1b97acc1127b92c50aea87438d506e6d18a4899fd7fc95affc164fcc18d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /scripts.8702c3c79ce5d458da2a.js HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: application/javascript
Content-Length: 480617
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:50 GMT
ETag: "661e0ab2-75569"
Accept-Ranges: bytes

pro.fontawesome.com/releases/v5.14.0/css/all.css

104.18.40.68

200 OK

799 kB

URL GET HTTP/2
pro.fontawesome.com/releases/v5.14.0/css/all.css
IP
104.18.40.68:443
ASN
#13335 CLOUDFLARENET

Requested by
http://62.212.226.194/admin/dm-launcher.msi
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
799 kB (798595 bytes)
Hash
5d1b1f37123dade8f81521bc36e534d3
a5cd141e793573ea04c69b3dd75b32eb4729f202
84dc3d0e828150665d54435ab0b97570a8157c0416664d5a99d4e19389218202

HTTP Headers

GET /releases/v5.14.0/css/all.css HTTP/1.1
Host: pro.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 12:43:08 GMT
content-type: text/css
x-amz-id-2: dPNQMHebB85ZT6b3dWj2uwuzgtkmMbxGzbbkV0UFQZ6vOiZ8My8gHT/bfdka4ysv8L+70e6eR/Y=
x-amz-request-id: W2C7XP0KMF45R1K2
last-modified: Mon, 28 Jun 2021 17:12:47 GMT
etag: W/"1dfe138ae594553bc5ddec1f1f1ef389"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 12200216
vary: Accept-Encoding
server: cloudflare
cf-ray: 8754426279c5b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://62.212.226.194/admin/dm-launcher.msi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19156, version 1.0
Size
19 kB (19156 bytes)
Hash
0ceb759015a6df090ad355231fdb39f1
b947749baab5bfa0bee35d31e5a5050d4beefe9b
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922

HTTP Headers

GET /s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://62.212.226.194
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:30:42 GMT
expires: Fri, 11 Apr 2025 02:30:42 GMT
cache-control: public, max-age=31536000
age: 468747
last-modified: Tue, 02 May 2023 16:04:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

62.212.226.194/main.aa7ae144848883b050e6.js

62.212.226.194

200 OK

4.7 MB

URL GET HTTP/1.1
62.212.226.194/main.aa7ae144848883b050e6.js
IP
62.212.226.194:80
ASN
#29049 Delta Telecom Ltd

Requested by
http://62.212.226.194/admin/dm-launcher.msi

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
4.7 MB (4712793 bytes)
Hash
6c30837ae23225b58b1357a9e441c1dc
25e2a0c6798eff6b78d9fe48ecf32aba6c1195e0
8d8bc2784c86353f000389c2bb00bd95244b50f5123bb09d5f58dc0174663c18

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main.aa7ae144848883b050e6.js HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: application/javascript
Content-Length: 4712793
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:50 GMT
ETag: "661e0ab2-47e959"
Accept-Ranges: bytes

62.212.226.194/assets/images/logo-l.png

62.212.226.194

200 OK

11 kB

URL GET HTTP/1.1
62.212.226.194/assets/images/logo-l.png
IP
62.212.226.194:80
ASN
#29049 Delta Telecom Ltd

Requested by
http://62.212.226.194/admin/dm-launcher.msi

File type
PNG image data, 195 x 200, 8-bit/color RGBA, non-interlaced
Size
11 kB (10812 bytes)
Hash
0dbf0b582f6badaa463631dc0a12ac73
d3c036b269582a3095e4834fd1ae7bfba52a48d7
5e3f5632af38493412cece112883ad96cada8f0fc19c909c2745efbb9b5e0c13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/logo-l.png HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:10 GMT
Content-Type: image/png
Content-Length: 10812
Connection: keep-alive
Last-Modified: Sun, 14 Apr 2024 15:24:28 GMT
ETag: "661bf52c-2a3c"
Accept-Ranges: bytes

62.212.226.194/assets/i18n/az.json

62.212.226.194

200 OK

8.7 kB

URL GET HTTP/1.1
62.212.226.194/assets/i18n/az.json
IP
62.212.226.194:80
ASN
#29049 Delta Telecom Ltd

Requested by
http://62.212.226.194/admin/dm-launcher.msi

File type
JSON text data
Size
8.7 kB (8696 bytes)
Hash
9f63c608ced7f76313ab1a86b17b275b
e6e1de0e5ecc9273aa1ae5f06390822b91d568ba
9d55ace49ca13aca0bb14424cef06fd72c40b08b9c4ec9f46d540f3a0b28cf38

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/i18n/az.json HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:10 GMT
Content-Type: application/json
Content-Length: 8696
Connection: keep-alive
Last-Modified: Sun, 14 Apr 2024 15:24:28 GMT
ETag: "661bf52c-21f8"
Accept-Ranges: bytes

62.212.226.194/styles.da36ce98f1f3591393ab.css

62.212.226.194

200 OK

766 kB

URL GET HTTP/1.1
62.212.226.194/styles.da36ce98f1f3591393ab.css
IP
62.212.226.194:80
ASN
#29049 Delta Telecom Ltd

Requested by
http://62.212.226.194/admin/dm-launcher.msi

File type

Size
766 kB (765903 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /styles.da36ce98f1f3591393ab.css HTTP/1.1
Host: 62.212.226.194
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/admin/dm-launcher.msi
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 16 Apr 2024 12:43:08 GMT
Content-Type: text/css
Content-Length: 765903
Connection: keep-alive
Last-Modified: Tue, 16 Apr 2024 05:20:50 GMT
ETag: "661e0ab2-bafcf"
Accept-Ranges: bytes

fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;400;500;600&display=swap

142.250.74.106

200 OK

8.9 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;400;500;600&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://62.212.226.194/admin/dm-launcher.msi
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (9068), with no line terminators
Size
8.9 kB (8852 bytes)
Hash
3462a4b3d3c9e6124ab5aa73499a04db
a096b3d89dee3f2b79a875c5a8062bc9054581e5
50c90a520ce6e9ffa67c2a0898a58f76fc69319c1284af0090c0adaba4503d26

HTTP Headers

GET /css2?family=IBM+Plex+Sans:wght@300;400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 12:43:09 GMT
date: Tue, 16 Apr 2024 12:43:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;body,html{height:100%;}body{font-family:Roboto,Helvetica%20Neue,sans-serif;}:root{--bs-blue:

142.250.74.106

400 Bad Request

0 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=IBM+Plex+Sans:wght@300;body,html{height:100%;}body{font-family:Roboto,Helvetica%20Neue,sans-serif;}:root{--bs-blue:
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://62.212.226.194/admin/dm-launcher.msi
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /css2?family=IBM+Plex+Sans:wght@300;body,html{height:100%;}body{font-family:Roboto,Helvetica%20Neue,sans-serif;}:root{--bs-blue: HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://62.212.226.194/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 400 Bad Request
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 16 Apr 2024 12:43:08 GMT
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (12)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by