Report - 74.208.130.208

Report Overview

Submitted URL
74.208.130.208
IP
74.208.130.208
ASN
#8560 IONOS SE
Submitted
2024-04-16 06:11:03
Access
public
Website Title
DWService - remote access, remote administration, remote support
Final URL
74.208.130.208/en/home.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
106

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
74.208.130.208	unknown	unknown	2015-01-05	2024-04-13	24 kB	1.3 MB	74.208.130.208

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed
2024-04-16	medium	74.208.130.208	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	74.208.130.208/res/js/hammer.min.js	21 kB	2023-03-07	2024-04-24
Pretty URL 74.208.130.208/res/js/hammer.min.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:09 Last Seen2024-04-24 19:47:52 Times Seen616 Hash 15065981497259d972918a646ab771e0 f2de8453fccb34baf26d784afa965dbe8c0d1550 8a1b58d624eeb47e9e3073531a5d364e41a2e7853c052873a79917f97dd0bb44 Loading...

	74.208.130.208/res/js/better-simple-slideshow.min.js	3.0 kB	2023-03-17	2024-04-16
Pretty URL 74.208.130.208/res/js/better-simple-slideshow.min.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-17 11:37:43 Last Seen2024-04-16 08:11:10 Times Seen4 Hash 5bac2b6a795e13068eb178f9bfad3957 faf6ca68910f98f5aa7e7547cf0b786988d59729 2b7753096da1e207e133e93ee77c1489d962828b3e51b8ac47b93ac8833d9fa7 Loading...

	74.208.130.208/en/download_popup.js	1.7 kB	2024-04-16	2024-04-16
Pretty URL 74.208.130.208/en/download_popup.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:11:10 Last Seen2024-04-16 08:11:10 Times Seen2 Hash e5bdcfc7eae35edb3914fa8482d2eba2 b5b2dffb4fd04a303458bc57dd2cb6e184705330 51b5986d5ac44d6d519d05ac66cbfbd9845d55ef3a00d254564b215917aa54e0 Loading...

	74.208.130.208/res/bootstrap/js/bootstrap.bundle.min.js	84 kB	2023-03-07	2024-04-29
Pretty URL 74.208.130.208/res/bootstrap/js/bootstrap.bundle.min.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-04-29 17:06:51 Times Seen7293 Hash 7f389f5d2622ce2090eca7c36bcb90bc ab27031159724e2421f6ff5c70f48e657abe9d39 8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01 Loading...

	74.208.130.208/res/js/leaflet/leaflet.js	143 kB	2023-03-07	2024-04-16
Pretty URL 74.208.130.208/res/js/leaflet/leaflet.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:45 Last Seen2024-04-16 08:11:10 Times Seen74 Hash 3d572837c18a377367dbcf67427f6fc5 ed42c792a635e57d5d3da311bc2be43be59dc58a 24e9ec66cdbc367cdf424561c6d266a9d6a562417f7a39985970fffef1738160 Loading...

	74.208.130.208/res/js/clipboard.min.js	10 kB	2023-04-09	2024-04-28
Pretty URL 74.208.130.208/res/js/clipboard.min.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-09 07:13:39 Last Seen2024-04-28 01:46:21 Times Seen705 Hash b42944934de0a9c5c18706911874c1b2 77ba921a768a5e3da6a25e389cfed21d966aa131 d60ac05828175a69d3ad94b4714f1292948082cdcfbceca74c1da11955e5de5d Loading...

	74.208.130.208/res/js/jquery/jquery.base64.js	4.5 kB	2023-03-07	2024-04-19
Pretty URL 74.208.130.208/res/js/jquery/jquery.base64.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:34 Last Seen2024-04-19 02:41:35 Times Seen413 Hash 20b1c2c863902e5bda8bab936f3acaf9 1ae88b012c9af18c8b03222810f80d9b324102c2 d38111b8e9d0a7e37b99e00917719eeea05c49c2c0e4da7861ab337e92b61d9b Loading...

	74.208.130.208/res/js/ua-parser.min.js	17 kB	2024-04-16	2024-04-16
Pretty URL 74.208.130.208/res/js/ua-parser.min.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:11:10 Last Seen2024-04-16 08:11:10 Times Seen2 Hash 5d724b9ddb4612f0bf0d976e4f6938b1 e41679ae8ac5f0c70e4d3960beede2ae93eb9bce 7ab79340f414b11ced49cd2e2a5842caa0c7b412c2eccd037a17f5bb34948deb Loading...

	74.208.130.208/en/lib/main.js	2.6 kB	2024-04-16	2024-04-16
Pretty URL 74.208.130.208/en/lib/main.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:11:10 Last Seen2024-04-16 08:11:10 Times Seen2 Hash 1b0c4f9bbbb0a72958b9a5aca2ec88c2 d3f94b2a0ec89abcf55054dde076dbc20b7faf31 0715df6d0d64322b1146fe4a69386496bcab5b56f539cfb9c1bcf2580dbf752f Loading...

	74.208.130.208/en/lib/loginsignupreset_security.js	10 kB	2024-04-16	2024-04-16
Pretty URL 74.208.130.208/en/lib/loginsignupreset_security.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:11:10 Last Seen2024-04-16 08:11:10 Times Seen2 Hash 4f54bf17073beb31027bb01b62792d02 11440616aba6b0feae9bb5ffc29e258940618ee2 c621f152f0f5141fe1398091a59bd0bad779c0355b308ca86e717b118d89912a Loading...

	74.208.130.208/res/js/jquery/jquery.min.js	90 kB	2023-03-07	2024-04-29
Pretty URL 74.208.130.208/res/js/jquery/jquery.min.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-29 23:16:44 Times Seen140293 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	74.208.130.208/en/home.js	4.6 kB	2024-04-16	2024-04-16
Pretty URL 74.208.130.208/en/home.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:11:10 Last Seen2024-04-16 08:11:10 Times Seen2 Hash ddbab91de3133b0d3a30b434a4134a6f e3051b047533ec06f9518cd232c0c3fab2c79513 6790414e5bd122c87b79ab28eb77b811238819a2ffae5272713b51526a3929da Loading...

	74.208.130.208/en/lib/initses.js	6.6 kB	2024-04-16	2024-04-16
Pretty URL 74.208.130.208/en/lib/initses.js IP 74.208.130.208 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 08:11:10 Last Seen2024-04-16 08:11:10 Times Seen2 Hash 25ee1a8608f97481e78dc5c856cf6bda f52c46f58f4370006e6e9c527555fb0756bc22f8 b6a80b76662a2468f65652a029cd4abbf0ea59d0e5973723d7b93a831c2aacb5 Loading...

HTTP Transactions (53)

URL IP Response Size

74.208.130.208/

74.208.130.208

302 Found

162 B

URL User Request GET HTTP/1.1
74.208.130.208/
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 16 Apr 2024 06:10:36 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://74.208.130.208/

74.208.130.208/

74.208.130.208

302 Found

127 B

URL User Request GET HTTP/1.1
74.208.130.208/
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
HTML document, ASCII text, with no line terminators
Size
127 B (127 bytes)
Hash
fdb1a2e1ffffbbaf866601b237af20ac
ccbdeac5264dc32161590db4df8eb0f78e7fb961
e2193665697a9bdd4724f916caf9b87ba571ff1e1f5f875408f139187a9a86cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Tue, 16 Apr 2024 06:10:38 GMT
Content-Type: text/html
Content-Length: 127
Connection: keep-alive
Keep-Alive: timeout=60
Location: /en/home.html
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 16 Apr 2024 06:10:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/en/home.html

74.208.130.208

200 OK

5.5 kB

URL User Request GET HTTP/1.1
74.208.130.208/en/home.html
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (31534), with no line terminators
Size
5.5 kB (5489 bytes)
Hash
014e0b351f5a481954bc5a258f8c3b41
c265c727aa6db565e467074cfe411aaa92363b81
e1cf31c0c14bbba32079a085b55c72fecdb184932c21dfdce0b32c86ccfe7cf9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/home.html HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:38 GMT
Content-Type: text/html
Content-Length: 5489
Connection: keep-alive
Keep-Alive: timeout=60
Content-Security-Policy: frame-ancestors 'self'; frame-src *.youtube-nocookie.com *.hcaptcha.com; default-src 'self' *.dwservice.net *.hcaptcha.com; img-src 'self' data: *.dwservice.net *.hcaptcha.com *.openstreetmap.org *.ytimg.com
Cache-Control: no-cache, must-revalidate
Last-Modified: Sun 07 Apr 2024 10:47:50 GMT
Content-Encoding: gzip
Etag: f7255b37a9e2964cba38d5f2468c2bc618eb82bebf07b6e
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/fonts/montserrat/Montserrat.css

74.208.130.208

200 OK

1.0 kB

URL GET HTTP/1.1
74.208.130.208/res/fonts/montserrat/Montserrat.css
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
ASCII text
Size
1.0 kB (1001 bytes)
Hash
57b3b1e56693c0346454277be36b02db
706adf31604a576e68a2b4db596be99136f3895b
1ddb8bc0a40226957d03db3f1c19b498eaa9b0bca642b2c90851d8720ebc4695

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/fonts/montserrat/Montserrat.css HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: text/css
Content-Length: 1001
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 5ca3c2dce8c063dd878f41be5cf33e7516ed61310a03778
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Thu 05 Dec 2019 12:40:04 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/bootstrap/css/bootstrap.min.css

74.208.130.208

200 OK

24 kB

URL GET HTTP/1.1
74.208.130.208/res/bootstrap/css/bootstrap.min.css
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
ASCII text, with very long lines (65326)
Size
24 kB (23911 bytes)
Hash
023b3876bb73aa541367fc40a193d2b7
8ed2d6350d23f857d92805737d0f97c675de666b
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: text/css
Content-Length: 23911
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 5cb546465e764dc39bcad2d9d2b1e40176cdaaaf6027288
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Mon 04 Jan 2021 01:51:24 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/js/leaflet/leaflet.css

74.208.130.208

200 OK

3.3 kB

URL GET HTTP/1.1
74.208.130.208/res/js/leaflet/leaflet.css
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
ASCII text, with CRLF line terminators
Size
3.3 kB (3301 bytes)
Hash
6b7939304e1bc55fac601aabffcc528d
78d1949026f76e10977bab05b743d2a540a8e255
4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/js/leaflet/leaflet.css HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: text/css
Content-Length: 3301
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 7c7e00a89536e0483d15bbd01fd26c6c16ef09113f037bc
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 10 Dec 2019 04:07:50 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/en/lib/main.css

74.208.130.208

200 OK

3.6 kB

URL GET HTTP/1.1
74.208.130.208/en/lib/main.css
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
ASCII text, with very long lines (17775), with no line terminators
Size
3.6 kB (3601 bytes)
Hash
0c22de7dd7398fc242b166bce8b3a7b5
d4bd4f90dffd3dd1d69aff0f896cc69a0f8b6f68
1f86817aa1aefbb68be378fd4bc39cd3d57bc0524d11691ddec594a83884552a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/lib/main.css HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: text/css
Content-Length: 3601
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 15ba7864bf761281b5adc070f8c0278c18eb82bf3c0456f
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Sun 07 Apr 2024 10:47:52 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/js/clipboard.min.js

74.208.130.208

200 OK

3.4 kB

URL GET HTTP/1.1
74.208.130.208/res/js/clipboard.min.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (10360)
Size
3.4 kB (3354 bytes)
Hash
af8ab36589315582ccdd82f22e84bffb
6371ec0a8e242395c7d4d008d2b98e472c9dcc52
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/js/clipboard.min.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 3354
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 769e8294c99b70c969b70fd33042da95171c23feeb028d5
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 28 Apr 2020 07:25:02 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/js/jquery/jquery.base64.js

74.208.130.208

200 OK

1.6 kB

URL GET HTTP/1.1
74.208.130.208/res/js/jquery/jquery.base64.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text
Size
1.6 kB (1601 bytes)
Hash
20b1c2c863902e5bda8bab936f3acaf9
1ae88b012c9af18c8b03222810f80d9b324102c2
d38111b8e9d0a7e37b99e00917719eeea05c49c2c0e4da7861ab337e92b61d9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/js/jquery/jquery.base64.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 1601
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 3024c2b577991aa7e69790b538a06bd1176cda33d201192
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Mon 04 Jan 2021 01:43:16 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/js/hammer.min.js

74.208.130.208

200 OK

7.3 kB

URL GET HTTP/1.1
74.208.130.208/res/js/hammer.min.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text, with very long lines (20581)
Size
7.3 kB (7345 bytes)
Hash
15065981497259d972918a646ab771e0
f2de8453fccb34baf26d784afa965dbe8c0d1550
8a1b58d624eeb47e9e3073531a5d364e41a2e7853c052873a79917f97dd0bb44

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/js/hammer.min.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 7345
Connection: keep-alive
Keep-Alive: timeout=60
Etag: d027982631d4be2b6a9159b4b5e6b33018a45e23030511d
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Wed 30 Aug 2023 09:59:26 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/js/better-simple-slideshow.min.js

74.208.130.208

200 OK

948 B

URL GET HTTP/1.1
74.208.130.208/res/js/better-simple-slideshow.min.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text, with very long lines (3014), with no line terminators
Size
948 B (948 bytes)
Hash
5bac2b6a795e13068eb178f9bfad3957
faf6ca68910f98f5aa7e7547cf0b786988d59729
2b7753096da1e207e133e93ee77c1489d962828b3e51b8ac47b93ac8833d9fa7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/js/better-simple-slideshow.min.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 948
Connection: keep-alive
Keep-Alive: timeout=60
Etag: db7b4ee17c36e48a0bb810c7447236bc175fa53c7a0bc6
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 24 Nov 2020 12:56:36 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/js/jquery/jquery.min.js

74.208.130.208

200 OK

31 kB

URL GET HTTP/1.1
74.208.130.208/res/js/jquery/jquery.min.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30950 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/js/jquery/jquery.min.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 30950
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 1d3d00cb808e4cd5bf42ce20ab6b18cb176cda33d2015d84
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Mon 04 Jan 2021 01:43:16 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/js/ua-parser.min.js

74.208.130.208

200 OK

7.4 kB

URL GET HTTP/1.1
74.208.130.208/res/js/ua-parser.min.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text, with very long lines (17007), with no line terminators
Size
7.4 kB (7448 bytes)
Hash
5d724b9ddb4612f0bf0d976e4f6938b1
e41679ae8ac5f0c70e4d3960beede2ae93eb9bce
7ab79340f414b11ced49cd2e2a5842caa0c7b412c2eccd037a17f5bb34948deb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/js/ua-parser.min.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 7448
Connection: keep-alive
Keep-Alive: timeout=60
Etag: e09c125afbcf73522a5d8fdfc725533018e576850b0426f
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 19 Mar 2024 03:50:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/bootstrap/js/bootstrap.bundle.min.js

74.208.130.208

200 OK

22 kB

URL GET HTTP/1.1
74.208.130.208/res/bootstrap/js/bootstrap.bundle.min.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
22 kB (21791 bytes)
Hash
7f389f5d2622ce2090eca7c36bcb90bc
ab27031159724e2421f6ff5c70f48e657abe9d39
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 21791
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 47a4a3532914e418bf78b5c304fd3a88176cdaaaf60148b8
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Mon 04 Jan 2021 01:51:24 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/js/leaflet/leaflet.js

74.208.130.208

200 OK

41 kB

URL GET HTTP/1.1
74.208.130.208/res/js/leaflet/leaflet.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text, with very long lines (65325)
Size
41 kB (41062 bytes)
Hash
3d572837c18a377367dbcf67427f6fc5
ed42c792a635e57d5d3da311bc2be43be59dc58a
24e9ec66cdbc367cdf424561c6d266a9d6a562417f7a39985970fffef1738160

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/js/leaflet/leaflet.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 41062
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 2e14e66220b4afcf84f34bef998d7ae516ef09113f022d51
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 10 Dec 2019 04:07:50 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/en/lib/main.js

74.208.130.208

200 OK

931 B

URL GET HTTP/1.1
74.208.130.208/en/lib/main.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text, with very long lines (2605), with no line terminators
Size
931 B (931 bytes)
Hash
1b0c4f9bbbb0a72958b9a5aca2ec88c2
d3f94b2a0ec89abcf55054dde076dbc20b7faf31
0715df6d0d64322b1146fe4a69386496bcab5b56f539cfb9c1bcf2580dbf752f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/lib/main.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 931
Connection: keep-alive
Keep-Alive: timeout=60
Etag: c77db831d9e6c8d2844c47cdbce6048018eb82c1300a2d
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Sun 07 Apr 2024 10:48:00 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/en/lib/initses.js

74.208.130.208

200 OK

2.1 kB

URL GET HTTP/1.1
74.208.130.208/en/lib/initses.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text, with very long lines (6587), with no line terminators
Size
2.1 kB (2051 bytes)
Hash
25ee1a8608f97481e78dc5c856cf6bda
f52c46f58f4370006e6e9c527555fb0756bc22f8
b6a80b76662a2468f65652a029cd4abbf0ea59d0e5973723d7b93a831c2aacb5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/lib/initses.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 2051
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 41a8aaa3335bbe14c574db2b847a835818eb82c130019bb
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Sun 07 Apr 2024 10:48:00 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/en/download_popup.js

74.208.130.208

200 OK

534 B

URL GET HTTP/1.1
74.208.130.208/en/download_popup.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text, with very long lines (1725), with no line terminators
Size
534 B (534 bytes)
Hash
e5bdcfc7eae35edb3914fa8482d2eba2
b5b2dffb4fd04a303458bc57dd2cb6e184705330
51b5986d5ac44d6d519d05ac66cbfbd9845d55ef3a00d254564b215917aa54e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/download_popup.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 534
Connection: keep-alive
Keep-Alive: timeout=60
Etag: ce2c417dbeba9c462446c0700a9a30a718eb82c13006bd
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Sun 07 Apr 2024 10:48:00 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/en/home.js

74.208.130.208

200 OK

1.3 kB

URL GET HTTP/1.1
74.208.130.208/en/home.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text, with very long lines (4629), with no line terminators
Size
1.3 kB (1308 bytes)
Hash
ddbab91de3133b0d3a30b434a4134a6f
e3051b047533ec06f9518cd232c0c3fab2c79513
6790414e5bd122c87b79ab28eb77b811238819a2ffae5272713b51526a3929da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/home.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 1308
Connection: keep-alive
Keep-Alive: timeout=60
Etag: f052d2b6b90d4dffee67460664ca228718e0de6eeb01215
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 05 Mar 2024 09:17:02 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/en/lib/loginsignupreset_security.js

74.208.130.208

200 OK

2.6 kB

URL GET HTTP/1.1
74.208.130.208/en/lib/loginsignupreset_security.js
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JavaScript source, ASCII text, with very long lines (10268), with no line terminators
Size
2.6 kB (2558 bytes)
Hash
4f54bf17073beb31027bb01b62792d02
11440616aba6b0feae9bb5ffc29e258940618ee2
c621f152f0f5141fe1398091a59bd0bad779c0355b308ca86e717b118d89912a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/lib/loginsignupreset_security.js HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/javascript
Content-Length: 2558
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 890aa4fe830f1bf6e256f5ab81b8e1d18eb82c1300281c
Content-Encoding: gzip
Cache-Control: no-cache, must-revalidate
Last-Modified: Sun 07 Apr 2024 10:48:00 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/APIHomeWhite.png

74.208.130.208

200 OK

26 kB

URL GET HTTP/1.1
74.208.130.208/res/images/APIHomeWhite.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 250 x 239, 8-bit/color RGBA, non-interlaced
Size
26 kB (26055 bytes)
Hash
469b0ecaecb1d2d4516c30d7f1db9373
5c04f51b89b2256ca53c775be5e7e9d679135bce
818ad4b823dd9336833749b0ffe92808a04f29a5261c738c2939f8808f4603b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/APIHomeWhite.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: image/png
Content-Length: 26055
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 67d2e573b3bdb459171d19d48af983df1773eb7a23065c7
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 26 Jan 2021 12:42:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/SocialLinkedin.png

74.208.130.208

200 OK

2.5 kB

URL GET HTTP/1.1
74.208.130.208/res/images/SocialLinkedin.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced
Size
2.5 kB (2514 bytes)
Hash
8a7d3ecafe08b3bf1d703ddb0b239867
a6d21f1f5a49e52ce7ea953d068dd95998b23d37
a19f4ef57d7ee39ad3c707b5bcb7e237a138cb8ec45550202fe56140b6fdc4e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/SocialLinkedin.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: image/png
Content-Length: 2514
Connection: keep-alive
Keep-Alive: timeout=60
Etag: a1504586e14e94d7bbbb3ff8b63d7dd71706518e8009d2
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/SocialFacebook.png

74.208.130.208

200 OK

1.9 kB

URL GET HTTP/1.1
74.208.130.208/res/images/SocialFacebook.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced
Size
1.9 kB (1868 bytes)
Hash
e814613652d878afc834012e9b7bbcb9
1859537976dad4e1302865380f3345f538f66db8
ebc8b1ffead712d4ca062016461c9e97d84a3bb8d5f00755482c478eab411315

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/SocialFacebook.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: image/png
Content-Length: 1868
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 7247f51363cecc8a9673126d583c68491706518e80074c
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/AppLogWatch.png

74.208.130.208

200 OK

3.0 kB

URL GET HTTP/1.1
74.208.130.208/res/images/AppLogWatch.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced
Size
3.0 kB (2959 bytes)
Hash
5029a37169fbb3af31804f821f8d06e3
d4030272a2ceac10447b45f640d45024da33fb09
dee6aa26f0648360403b110022b636c09ced5232faabfd84a6e195128e821951

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/AppLogWatch.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: image/png
Content-Length: 2959
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 8544f4ffa42733e90e3538dfa4e89c731706518e800b8f
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/SocialTwitter.png

74.208.130.208

200 OK

2.6 kB

URL GET HTTP/1.1
74.208.130.208/res/images/SocialTwitter.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 34 x 34, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2573 bytes)
Hash
d3d8382f0614978d104e935723dacd06
4cbe84f723160e784616f9ff64e0a3fc81081c28
1820f70a53e20e1978c3a8f3c19ef8411a9f5c99bc4411c30e2b9d007b098fba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/SocialTwitter.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: image/png
Content-Length: 2573
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 193077408804a06707969f1ab2a7dcfe1706518e800a0d
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/LogoDWService.png

74.208.130.208

200 OK

4.9 kB

URL GET HTTP/1.1
74.208.130.208/res/images/LogoDWService.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 176 x 66, 8-bit/color RGBA, non-interlaced
Size
4.9 kB (4898 bytes)
Hash
c79aa42895f4e39ba8606c7b306a637a
1e42a2a417a9d079c8cdc3f83e72a572cac08883
cfde27e4967d24afb65b2b02758faef02da4a1e23e3b0f018500aa58c9977d63

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/LogoDWService.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: image/png
Content-Length: 4898
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 2b70beef529eb0bdcc66f2b243cbaccc175adf3f6001322
Cache-Control: no-cache, must-revalidate
Last-Modified: Mon 09 Nov 2020 05:00:48 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/LogoWindowsLight.png

74.208.130.208

200 OK

1.4 kB

URL GET HTTP/1.1
74.208.130.208/res/images/LogoWindowsLight.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 55 x 64, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1417 bytes)
Hash
0d8045f4629f5f648cc9b8bba932800d
1576ba68bfabf57fdacbfd5283048ff45aa861f4
43d94a513d3578108fa34164da505a3572fe845e8e184fe5fa8629e58c50a3b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/LogoWindowsLight.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: image/png
Content-Length: 1417
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 217c02ff1fe6eccef4705ade831e1e4f1706518e800589
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/LogoLinuxLight.png

74.208.130.208

200 OK

4.4 kB

URL GET HTTP/1.1
74.208.130.208/res/images/LogoLinuxLight.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 53 x 64, 8-bit/color RGBA, non-interlaced
Size
4.4 kB (4410 bytes)
Hash
4cbc6a1abd3f8b51d23ecf95fae4798b
1b93067f772f60ffd5076e99862f07aa0add809a
e26dbb37b3f8a7cb4b1acb0bf13987343facf6ff3276a0d59d5549c05357fbe3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/LogoLinuxLight.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: image/png
Content-Length: 4410
Connection: keep-alive
Keep-Alive: timeout=60
Etag: b391659ffeb33f6811bebbb8b985a0781706518e800113a
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/fonts/montserrat/Montserrat-SemiBold.woff2

74.208.130.208

200 OK

85 kB

URL GET HTTP/1.1
74.208.130.208/res/fonts/montserrat/Montserrat-SemiBold.woff2
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 84968, version 7.13107
Size
85 kB (84968 bytes)
Hash
11fc71689da15c10498d83233c8cbb2e
857d4f4e391255cb6f97c9cc071f2b55e391483d
e638c983b30fb7f4641e3019a15c8112a1d1e7134dd2d8bb926171d95c4b2e74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/fonts/montserrat/Montserrat-SemiBold.woff2 HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/res/fonts/montserrat/Montserrat.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/octet-stream
Content-Length: 84968
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 1eb14d1b9370311b759b2a9a72ac297a16ed612ab1014be8
Cache-Control: no-cache, must-revalidate
Last-Modified: Thu 05 Dec 2019 12:39:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/fonts/montserrat/Montserrat-Bold.woff2

74.208.130.208

200 OK

85 kB

URL GET HTTP/1.1
74.208.130.208/res/fonts/montserrat/Montserrat-Bold.woff2
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 85436, version 7.13107
Size
85 kB (85436 bytes)
Hash
58fe2032a07491d722704318e649acba
4ffc575a97f86b7c20d06664636dbc0e61d20a81
3fc85b839c1b37203eab3e81516a2f207d9e2b911578b549418c6648588f18c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/fonts/montserrat/Montserrat-Bold.woff2 HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/res/fonts/montserrat/Montserrat.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/octet-stream
Content-Length: 85436
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 2fbc6979601bc97b9f54e565fb3bbc2b16ed612d9f014dbc
Cache-Control: no-cache, must-revalidate
Last-Modified: Thu 05 Dec 2019 12:39:50 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/LogoMacLight.png

74.208.130.208

200 OK

3.7 kB

URL GET HTTP/1.1
74.208.130.208/res/images/LogoMacLight.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 55 x 64, 8-bit/color RGBA, non-interlaced
Size
3.7 kB (3723 bytes)
Hash
85bfbef53dd335d34c46bdb18b3c850b
a402a63dd3248dfd40cd99322db8fb491a95265b
61823c9ab17100503333b911f1a229a315f783cdce7e3055541db74267dca436

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/LogoMacLight.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 3723
Connection: keep-alive
Keep-Alive: timeout=60
Etag: a7465c005377ffea15ae0bc0f3a948e41706518e800e8b
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/fonts/montserrat/Montserrat-Regular.woff2

74.208.130.208

200 OK

85 kB

URL GET HTTP/1.1
74.208.130.208/res/fonts/montserrat/Montserrat-Regular.woff2
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 85240, version 7.13107
Size
85 kB (85240 bytes)
Hash
a34a420be1193527133f0a7c11ef1113
10eab7d2df34d0368516fa7a4f16fbb9d70b0f3b
1c72e8f687e6fc9dc60bc9e0d0b6288e7f1c90bc9d0fc852df012a30eb71fb2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/fonts/montserrat/Montserrat-Regular.woff2 HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/res/fonts/montserrat/Montserrat.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/octet-stream
Content-Length: 85240
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 906ed2b5ec0484ef9a78f5feff06f33b16ed612e99014cf8
Cache-Control: no-cache, must-revalidate
Last-Modified: Thu 05 Dec 2019 12:39:54 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/overview/slideshow2.jpg

74.208.130.208

200 OK

50 kB

URL GET HTTP/1.1
74.208.130.208/res/images/overview/slideshow2.jpg
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 102x102, segment length 16, comment: "Created with GIMP", progressive, precision 8, 1280x720, components 3
Size
50 kB (49482 bytes)
Hash
af1e9cc836fc117a6f3d4e6ac7ae37cc
4662aa0c158bc8a3197aca6fdc7ee13990de6798
815b85d464f31bfeebd4b55d5ccf71bbd76861c771154344eb7c4719ea2cc244

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/overview/slideshow2.jpg HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/jpeg
Content-Length: 49482
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 29418b8f37bc311b317f4bc36f653671175fbcd1190c14a
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 24 Nov 2020 07:48:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/fonts/montserrat/Montserrat-BoldItalic.woff2

74.208.130.208

200 OK

89 kB

URL GET HTTP/1.1
74.208.130.208/res/fonts/montserrat/Montserrat-BoldItalic.woff2
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 89164, version 7.13107
Size
89 kB (89164 bytes)
Hash
6bc9ec6624c7edf35856a1c6cfc8abb2
23a3d8a3fc43e1f7805a85881c09683f304247d8
8c59bd40c84caec0f643ef80b8b7be78da0c9453af73701d95504226a299a862

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/fonts/montserrat/Montserrat-BoldItalic.woff2 HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/res/fonts/montserrat/Montserrat.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:39 GMT
Content-Type: application/octet-stream
Content-Length: 89164
Connection: keep-alive
Keep-Alive: timeout=60
Etag: b03a44257dff8059b0245295ebed6f1f16ed612d22015c4c
Cache-Control: no-cache, must-revalidate
Last-Modified: Thu 05 Dec 2019 12:39:48 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/overview/slideshow1.jpg

74.208.130.208

200 OK

50 kB

URL GET HTTP/1.1
74.208.130.208/res/images/overview/slideshow1.jpg
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 102x102, segment length 16, comment: "Created with GIMP", progressive, precision 8, 1280x720, components 3
Size
50 kB (49814 bytes)
Hash
235c81f291bfd1d0bdd0ca131fbe853a
514b9fe6369b8a2719e54be883b7538d455b24a2
f52e466a426b9ed19fdfac005933f0e58e3e10a323c95b7d1ce200cb16ce46c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/overview/slideshow1.jpg HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/jpeg
Content-Length: 49814
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 4c3f49e6c11e1fe96caf3be251e30902175fbcd1190c296
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 24 Nov 2020 07:48:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/overview/slideshow3.jpg

74.208.130.208

200 OK

42 kB

URL GET HTTP/1.1
74.208.130.208/res/images/overview/slideshow3.jpg
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 102x102, segment length 16, comment: "Created with GIMP", progressive, precision 8, 1280x720, components 3
Size
42 kB (41865 bytes)
Hash
371f38c7676ac984623ec6069ef66718
5fe8b9444c62a1bb383a35aa6f673a8e6701daf1
5eabbbbe9f05ffbd3b83cfd1dd50d48b01725c0b3aea3673430dc92ca3c2b962

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/overview/slideshow3.jpg HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/jpeg
Content-Length: 41865
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 5418e19842c5a1041b66e5653ad07d46175fbcd1190a389
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 24 Nov 2020 07:48:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/overview/slideshow5.jpg

74.208.130.208

200 OK

90 kB

URL GET HTTP/1.1
74.208.130.208/res/images/overview/slideshow5.jpg
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 102x102, segment length 16, comment: "Created with GIMP", progressive, precision 8, 1280x720, components 3
Size
90 kB (90269 bytes)
Hash
b54bb0f3a0db24c2d20f4ae6199a9f10
8e781562619960a6b5644c67a3ccf0cd1a98f025
ed54d1fccbcc3d2aefacbd32a1a7060c096aa2f223d9fd5329f54e2fd4367a02

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/overview/slideshow5.jpg HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/jpeg
Content-Length: 90269
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 9bc9fbe9603546499585a4e055b9375a175fbcd11901609d
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 24 Nov 2020 07:48:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/overview/slideshow6.jpg

74.208.130.208

200 OK

83 kB

URL GET HTTP/1.1
74.208.130.208/res/images/overview/slideshow6.jpg
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 102x102, segment length 16, comment: "Created with GIMP", progressive, precision 8, 1280x720, components 3
Size
83 kB (82880 bytes)
Hash
88841b92fcdf1f9160fb7cc6515c9d21
88569f56de56a9a42a85f77b2884213c9a972e20
bbb77f39cb0a192c4276b71c2f291a216251c8a501e0a2f7e04784ea4643651d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/overview/slideshow6.jpg HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/jpeg
Content-Length: 82880
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 17b16179abf3fa31822015001a8b9c88175fbcd1190143c0
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 24 Nov 2020 07:48:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/overview/slideshow7.jpg

74.208.130.208

200 OK

34 kB

URL GET HTTP/1.1
74.208.130.208/res/images/overview/slideshow7.jpg
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 102x102, segment length 16, comment: "Created with GIMP", progressive, precision 8, 1280x720, components 3
Size
34 kB (34428 bytes)
Hash
652fb26b54784c6c20cd4e7575118de1
657dd49bae624e2ae24e95a04077a23f46174006
a857ad9829adb1c605a2818634fbb1b5b85e1626c7991d434e18934112133fd1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/overview/slideshow7.jpg HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/jpeg
Content-Length: 34428
Connection: keep-alive
Keep-Alive: timeout=60
Etag: d8297d3ff7c0ee2a144853770befdf0b175fbcd1190867c
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 24 Nov 2020 07:48:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/VideoYouTubeSmall.png

74.208.130.208

200 OK

977 B

URL GET HTTP/1.1
74.208.130.208/res/images/VideoYouTubeSmall.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 32 x 22, 8-bit/color RGBA, non-interlaced
Size
977 B (977 bytes)
Hash
a1dc2b968d1905741b076801a7791e16
60cb6dcfd86e1771d0b693eb4baaaec4c1800bb7
783c00fd93b48c51cd9abbd0f339e2123f84d3ce3b4f34a0a8a2d2f2825a6a26

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/VideoYouTubeSmall.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 977
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 8c0f013c4a878736623c30e5b6f01b3e17d05fc5a203d1
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 09 Nov 2021 06:36:04 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/CloseVideo.png

74.208.130.208

200 OK

759 B

URL GET HTTP/1.1
74.208.130.208/res/images/CloseVideo.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
759 B (759 bytes)
Hash
446be01392a76c59ca5a79c5231673e9
ff182c97e68720ce6ffb90b8568e12c7b835c82f
78b910cf993894326dd1b5bb3879b26c39eb8946e1dfb166b3cc2a5c092e9d55

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/CloseVideo.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 759
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 4fd5e2f62bd3fc0d5cd089e2d9a9ded517cd7579e002f7
Cache-Control: no-cache, must-revalidate
Last-Modified: Sun 31 Oct 2021 05:13:36 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/AppDesktop.png

74.208.130.208

200 OK

2.3 kB

URL GET HTTP/1.1
74.208.130.208/res/images/AppDesktop.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced
Size
2.3 kB (2325 bytes)
Hash
cd26f32a9f5a5d3875a353cdfc83b958
7d04e59f74bcfd3a7549909090a68e119fdd7c6c
6078f0b047e62c5023ceec7d244f524426d720dd8bb799aeaa060c56b49ecdc3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/AppDesktop.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 2325
Connection: keep-alive
Keep-Alive: timeout=60
Etag: e55478c77f861a9006bf5725382793d01706518e800915
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/AppFileSystem.png

74.208.130.208

200 OK

2.2 kB

URL GET HTTP/1.1
74.208.130.208/res/images/AppFileSystem.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2246 bytes)
Hash
da4a889fbc4c8ba90bee0f8eeeefd8e6
79e73ade770480b8399cb260af9c0ed9e71897e8
5aef456acb547bd715fefc48dc788ab94f3f7b477e8bdd9a8b2b5192c77cae8c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/AppFileSystem.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 2246
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 3fa9631a38215f85acabc73d5e86fdaf1706518e8008c6
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/overview/slideshow8.jpg

74.208.130.208

200 OK

118 kB

URL GET HTTP/1.1
74.208.130.208/res/images/overview/slideshow8.jpg
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 102x102, segment length 16, comment: "Created with GIMP", progressive, precision 8, 1280x720, components 3
Size
118 kB (117703 bytes)
Hash
cba29e596856404dd9a99e804e5a1131
f606e023aa53af154a8da41543b662bafc43a237
b334f99c002f8c12a7c27e681db184c50096e8cafb29f061b0daba447bfffbc8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/overview/slideshow8.jpg HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/jpeg
Content-Length: 117703
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 3a991c670a54fbddab4fffb6bd54d468175fbcd11901cbc7
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 24 Nov 2020 07:48:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/AppResource.png

74.208.130.208

200 OK

2.8 kB

URL GET HTTP/1.1
74.208.130.208/res/images/AppResource.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2823 bytes)
Hash
5bca1c4eff8c1e2631313fd1e422bf16
64c5600af374c7aba8c15aa34b2997bb3f0c2a61
a03ef27c2c4c3df8645601da3f6d99fc5bfd296348a16167fe14f1c72a0e893b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/AppResource.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 2823
Connection: keep-alive
Keep-Alive: timeout=60
Etag: ffde8119ed088c5248b842350c94a7611706518e800b07
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/overview/slideshow4.jpg

74.208.130.208

200 OK

127 kB

URL GET HTTP/1.1
74.208.130.208/res/images/overview/slideshow4.jpg
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 102x102, segment length 16, comment: "Created with GIMP", progressive, precision 8, 1280x720, components 3
Size
127 kB (126893 bytes)
Hash
735bff1b5b2f38a825cc0a97b1af3420
0ac0a6a34c2b4d5b7164617c5ab2e99f21d3c923
70278f11e3db930043caa316e2d3a8d96e6e0b66053be7715d1046176ecee72e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/overview/slideshow4.jpg HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/jpeg
Content-Length: 126893
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 4f35e11b5c516f418fe6f263b37931bf175fbcd11901efad
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 24 Nov 2020 07:48:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/AppShell.png

74.208.130.208

200 OK

2.8 kB

URL GET HTTP/1.1
74.208.130.208/res/images/AppShell.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced
Size
2.8 kB (2817 bytes)
Hash
8b5d01815dbfcb5b102918501d4e0937
41e84a8084473f9f9b0a439fa2f65e40ba9f0969
30a94806bfd90d6baba2185b193b7fed11223cb636a1877399c15b0389443595

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/AppShell.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 2817
Connection: keep-alive
Keep-Alive: timeout=60
Etag: f0789ebf00d45013c5fb8bcd267cf2d11706518e800b01
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/AppTextEditor.png

74.208.130.208

200 OK

2.7 kB

URL GET HTTP/1.1
74.208.130.208/res/images/AppTextEditor.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced
Size
2.7 kB (2744 bytes)
Hash
938b7d4500490d60ec469bd97aa122fc
7c8f4b433f18a45e3b40144fe2e8d55d2f3e48ec
e54a0cdbc62765c1735f56246adaf202047fd343f34c4f5f47a311d34984d4af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/AppTextEditor.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 2744
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 25acf33b4ab2f98fbbe8439bdb5640611706518e800ab8
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/LogoLinuxDark.png

74.208.130.208

200 OK

2.1 kB

URL GET HTTP/1.1
74.208.130.208/res/images/LogoLinuxDark.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 53 x 64, 8-bit/color RGBA, non-interlaced
Size
2.1 kB (2106 bytes)
Hash
16ad3a35cbed3618f4b2da879a71d51e
de98a6d6c089ebe54c556a852af442343d65078a
26d85cc2966ca92a2f6fa519c983222e6ef45f2a6a0afda3f27bcc660ee3d410

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/LogoLinuxDark.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 2106
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 354d419f360362432c5b1c059efbceac1706518e80083a
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 21 Feb 2020 12:14:56 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/DownloadGooglePlayStoreQRCode.png

74.208.130.208

200 OK

76 kB

URL GET HTTP/1.1
74.208.130.208/res/images/DownloadGooglePlayStoreQRCode.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 1113 x 1113, 8-bit/color RGB, non-interlaced
Size
76 kB (76028 bytes)
Hash
9cdb0affe100da3240001df2b9a3b58e
eac05de235531c47d259dfe95e8c551cb38011a8
9f785e6c1258265cceb542c19171ad1ee6f534b49173fe5ff9e48a24e4eef61b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/DownloadGooglePlayStoreQRCode.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 76028
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 3f019097455bd9a4bea9eb248258a55e184f7a92bd0128fc
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 09 Dec 2022 04:12:50 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/CopyLink.png

74.208.130.208

200 OK

933 B

URL GET HTTP/1.1
74.208.130.208/res/images/CopyLink.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
Size
933 B (933 bytes)
Hash
384495a5b5af9e3fa8adf87a7ac11625
bcb7f559bb76532a36924d9f4ec6cae032e43ce5
d74dd92204adc9c49bf1857532db427c5fc62f77119e85cb224ada62d63fdf1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/CopyLink.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 933
Connection: keep-alive
Keep-Alive: timeout=60
Etag: fbd093dcdd9d00675dd454db566de2d5171c24d6bd03a5
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 28 Apr 2020 07:39:46 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/res/images/DownloadGooglePlayStore.png

74.208.130.208

200 OK

9.8 kB

URL GET HTTP/1.1
74.208.130.208/res/images/DownloadGooglePlayStore.png
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
PNG image data, 180 x 53, 8-bit/color RGBA, non-interlaced
Size
9.8 kB (9775 bytes)
Hash
546e9849c1142d3ac10b2567ac2bdf89
f3efd2baa58e6ea203eb1803097cadd3db5e4a11
775bb17fb1b9a733b6f33fae2f52b15ce5aa62717797c534370ae85399ee0867

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /res/images/DownloadGooglePlayStore.png HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 16 Apr 2024 06:10:40 GMT
Content-Type: image/png
Content-Length: 9775
Connection: keep-alive
Keep-Alive: timeout=60
Etag: 1e02395c59e4fe2fbfe0fae3d832372183b3c2d610262f
Cache-Control: no-cache, must-revalidate
Last-Modified: Fri 07 Oct 2022 06:43:54 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: deny

74.208.130.208/favicon.ico

74.208.130.208

404 Not Found

189 B

URL GET HTTP/1.1
74.208.130.208/favicon.ico
IP
74.208.130.208:443
ASN
#8560 IONOS SE

Requested by
https://74.208.130.208/en/home.html
Certificate
IssuerLet's Encrypt
Subjectdwservice.net
Fingerprint75:65:C2:4F:C3:6D:50:D3:7D:FF:35:B2:B2:67:C9:0A:B8:F6:3E:C6
ValiditySat, 23 Mar 2024 14:33:13 GMT - Fri, 21 Jun 2024 14:33:12 GMT

File type
HTML document, ASCII text, with no line terminators
Size
189 B (189 bytes)
Hash
c9f6f82c0b1e2d6eb40294f876eac55e
abe89f9bfb756bbdfb2f535420e10bb5625eb4e2
9dcc361cf979ea9471e1076ab30724c665229614d2d7432dfe9127c8b6d3a443

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 74.208.130.208
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://74.208.130.208/en/home.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 16 Apr 2024 06:10:42 GMT
Content-Type: text/html
Content-Length: 189
Connection: keep-alive
Keep-Alive: timeout=60
Cache-Control: no-cache, must-revalidate
Last-Modified: Tue 16 Apr 2024 06:10:40 GMT

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML