Report - loadingbrick541.netlify.app/toshiba-flashair-app

Report Overview

Submitted URL
loadingbrick541.netlify.app/toshiba-flashair-app
IP
52.58.254.253
ASN
#16509 AMAZON-02
Submitted
2024-04-24 14:09:58
Access
public
Website Title
Toshiba Flashair App
Final URL
loadingbrick541.netlify.app/toshiba-flashair-app
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
basic-tutorials.de	unknown	unknown	2013-09-05	2024-01-30	473 B	81 kB	45.136.29.41
loadingbrick541.netlify.app	unknown	unknown	No data	No data	1.4 kB	121 kB	52.58.254.253
13.cdn.ekm.net	unknown	unknown	2022-08-08	2022-10-22	507 B	370 B	54.230.111.67
subcari.info	unknown	2021-02-17	2021-02-17	2024-03-12	568 B	3.2 kB	104.21.76.140
indejs.space	unknown	unknown	2020-12-05	2023-01-07	442 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	indejs.space	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	loadingbrick541.netlify.app/toshiba-flashair-app	16 kB	2024-04-24	2024-04-24
Pretty URL loadingbrick541.netlify.app/toshiba-flashair-app IP 52.58.254.253 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 16:10:06 Last Seen2024-04-24 16:10:06 Times Seen1 Hash 21d030cfd464cdd1dd327c9eace6df5e 72d481f6808005e8349b8aa1b66d529a732adcdf 94708e937ee72f91795e43cc576529ada9567e003c086399f110503d50bf3628 Loading...

	unknown	326 B	2024-04-24	2024-04-24
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-04-24 16:10:06 Last Seen2024-04-24 16:10:06 Times Seen1 Hash 256c7718c3d6b2c27bae26e809503a92 395e07e6cc5ffa14a5cf6e95f157279ee12fbba2 87b046150329ecd661b66a091e529c04ca89a8b61f964ae3b55440566e91a2eb Loading...

	loadingbrick541.netlify.app/toshiba-flashair-app	568 B	2024-04-24	2024-04-24
Pretty URL loadingbrick541.netlify.app/toshiba-flashair-app IP 52.58.254.253 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 16:10:06 Last Seen2024-04-24 16:10:06 Times Seen1 Hash 3751be5099ab47c0863bf1ead7afdbc8 9bee2e61c4aa2808ad4982fe2f4cfd7d6ca63431 917dd07ea4fdd2cdc1a1f21c4e09c54f251be0a8362b29d5e482a35d752e69d8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - d4cb11f5d2101fc5d2d2691c7573b79d	1.5 kB	2024-04-24	2024-04-24
Pretty Observations First Seen2024-04-24 16:10:06 Last Seen2024-04-24 16:10:06 Times Seen2 Hash d4cb11f5d2101fc5d2d2691c7573b79d 62f0cfe7a66ff571eac1dcbe6e6a4bd505c70122 bf5ba89d09efa2bbad0254fe1ec2294555f3387c2f11e3a8abdcf8002fecb3c0 Loading...

	#2 Eval - 57c255e9e5a344d54c42e825fee71bf9	176 B	2023-03-07	2024-05-04
Pretty Observations First Seen2023-03-07 12:03:20 Last Seen2024-05-04 13:21:34 Times Seen191 Hash 57c255e9e5a344d54c42e825fee71bf9 1e47d2deb09cf81d7a4811cbd24620b5310fdf89 9bea87171bca01d8f7aa0c7d34a5fc8f41e6483136f990056ed6413eb87c5934 Loading...

HTTP Transactions (7)

URL IP Response Size

loadingbrick541.netlify.app/toshiba-flashair-app

52.58.254.253

200 OK

85 kB

URL User Request GET HTTP/2
loadingbrick541.netlify.app/toshiba-flashair-app
IP
52.58.254.253:443
ASN
#16509 AMAZON-02

Certificate
IssuerDigiCert Inc
Subject*.netlify.app
FingerprintB0:8E:E9:A5:C3:D9:B5:C1:FF:B6:51:7A:DF:98:CF:2D:28:18:41:9B
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (18383), with CRLF line terminators
Size
85 kB (84731 bytes)
Hash
e50c26b2c26253f0aa7471fb59592f44
b0c90821b059a907152668f98d45fc197d423e19
33b59762cde87e101a18f7ac9a1197fa2a08c9acc1ad6f58fed198eeb1904712

HTTP Headers

GET /toshiba-flashair-app HTTP/1.1
Host: loadingbrick541.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Apr 2024 14:09:33 GMT
etag: "d054da29b8828115645cc67d6c7a9934-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HW871DHAZHVJN8PMMJBJ7TDP
X-Firefox-Spdy: h2

13.cdn.ekm.net/ekmps/shops/ckwon/images/toshiba-flashair-ii-wireless-sd-card-w-02--[3]-573-p.jpg?v=1

54.230.111.67

404 Not Found

0 B

URL GET HTTP/2
13.cdn.ekm.net/ekmps/shops/ckwon/images/toshiba-flashair-ii-wireless-sd-card-w-02--[3]-573-p.jpg?v=1
IP
54.230.111.67:443
ASN
#16509 AMAZON-02

Requested by
https://loadingbrick541.netlify.app/toshiba-flashair-app
Certificate
IssuerAmazon
Subject*.cdn.ekm.net
FingerprintC9:E3:88:57:11:AE:D6:CC:1A:1C:22:35:2F:18:BF:1C:90:17:EF:10
ValidityFri, 16 Feb 2024 00:00:00 GMT - Sun, 16 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ekmps/shops/ckwon/images/toshiba-flashair-ii-wireless-sd-card-w-02--[3]-573-p.jpg?v=1 HTTP/1.1
Host: 13.cdn.ekm.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadingbrick541.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-length: 0
cache-control: max-age=31536000
server: 
date: Wed, 24 Apr 2024 14:09:22 GMT
access-control-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4lLHjjZwvNja-iZ9IzpkrSLbS49e87Xwziy8T8MeHTUgtv3XbuhFow==
X-Firefox-Spdy: h2

subcari.info/?VD=BQRFRAJWXV0BRgNRCQUHBA8LVlxKRg1EX1lbWU1RX1kSXVJfExtVSBMfBlUIGQJPIQoPCwsZNlhHGwsUSg8dClEHAhpTHAYUBl0aMWoZHk8XBhkQFRdRVhIDWGs=

104.21.76.140

200 OK

2.3 kB

URL GET HTTP/2
subcari.info/?VD=BQRFRAJWXV0BRgNRCQUHBA8LVlxKRg1EX1lbWU1RX1kSXVJfExtVSBMfBlUIGQJPIQoPCwsZNlhHGwsUSg8dClEHAhpTHAYUBl0aMWoZHk8XBhkQFRdRVhIDWGs=
IP
104.21.76.140:443
ASN
#13335 CLOUDFLARENET

Requested by
https://loadingbrick541.netlify.app/toshiba-flashair-app
Certificate
IssuerGoogle Trust Services LLC
Subjectsubcari.info
Fingerprint60:E0:D3:75:DB:60:C2:AB:29:45:BA:7F:DC:CB:5F:2E:10:0E:21:BC
ValidityWed, 03 Apr 2024 09:32:15 GMT - Tue, 02 Jul 2024 09:32:14 GMT

File type
ASCII text, with very long lines (619)
Size
2.3 kB (2271 bytes)
Hash
d4cb11f5d2101fc5d2d2691c7573b79d
62f0cfe7a66ff571eac1dcbe6e6a4bd505c70122
bf5ba89d09efa2bbad0254fe1ec2294555f3387c2f11e3a8abdcf8002fecb3c0

HTTP Headers

GET /?VD=BQRFRAJWXV0BRgNRCQUHBA8LVlxKRg1EX1lbWU1RX1kSXVJfExtVSBMfBlUIGQJPIQoPCwsZNlhHGwsUSg8dClEHAhpTHAYUBl0aMWoZHk8XBhkQFRdRVhIDWGs= HTTP/1.1
Host: subcari.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loadingbrick541.netlify.app
DNT: 1
Connection: keep-alive
Referer: https://loadingbrick541.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 14:09:33 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://loadingbrick541.netlify.app
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With
access-control-allow-credentials: true
access-control-max-age: 86400
set-cookie: KShDQjVaGN=1.1714054173; expires=Thu, 25-Apr-2024 14:09:33 GMT; Max-Age=86400; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZfxKGbiYoMxpTyol%2FoULzm9S8qs5oYJWB2hKxWEx9jNuWFIiLzHOrQSmqOIKt0s31axrJZyjRQ8AmtExu%2BksandbAyB5yLbtsN6lCQpY%2Fmog5qpaGr9moIK2UvWj4nA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8796abfa5cd556c3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

indejs.space/

0.0.0.0

0 B

URL GET
indejs.space/
IP
0.0.0.0:0
ASN
#0

Requested by
https://loadingbrick541.netlify.app/toshiba-flashair-app

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: indejs.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://loadingbrick541.netlify.app
DNT: 1
Connection: keep-alive
Referer: https://loadingbrick541.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

loadingbrick541.netlify.app/favicon.ico

52.58.254.253

200 OK

1.7 kB

URL GET HTTP/2
loadingbrick541.netlify.app/favicon.ico
IP
52.58.254.253:443
ASN
#16509 AMAZON-02

Requested by
https://loadingbrick541.netlify.app/toshiba-flashair-app
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
FingerprintB0:8E:E9:A5:C3:D9:B5:C1:FF:B6:51:7A:DF:98:CF:2D:28:18:41:9B
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
1.7 kB (1678 bytes)
Hash
8194c47e95d2e6bfd23e5f062f657db6
0068aed6cf672f980784a0b195acdda321b3a9f5
49570b5b0435e50e5131ea69027ae56747e869141cafe247563af792d411faf5

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: loadingbrick541.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadingbrick541.netlify.app/toshiba-flashair-app
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 1
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
content-type: image/vnd.microsoft.icon
date: Wed, 24 Apr 2024 14:09:34 GMT
etag: "f7247476e5ed4f3d50fea2a359f25b5e-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HW871E82PHGXAGMMPKVBGBXG
content-length: 1678
X-Firefox-Spdy: h2

loadingbrick541.netlify.app/style.css

52.58.254.253

200 OK

33 kB

URL GET HTTP/2
loadingbrick541.netlify.app/style.css
IP
52.58.254.253:443
ASN
#16509 AMAZON-02

Requested by
https://loadingbrick541.netlify.app/toshiba-flashair-app
Certificate
IssuerDigiCert Inc
Subject*.netlify.app
FingerprintB0:8E:E9:A5:C3:D9:B5:C1:FF:B6:51:7A:DF:98:CF:2D:28:18:41:9B
ValidityMon, 15 Jan 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
33 kB (33094 bytes)
Hash
0a59d209ffd876d4bab5cc0e625c9780
dc876070fd8f6af48cd6d6d9dd53f66eb17c60e0
902b114e03fcdafe9a81c11c77bb0930b81581fe7b81b7c5afdb2ec4f9363ac5

HTTP Headers

GET /style.css HTTP/1.1
Host: loadingbrick541.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadingbrick541.netlify.app/toshiba-flashair-app
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; fwd=miss
content-encoding: br
content-type: text/css; charset=UTF-8
date: Wed, 24 Apr 2024 14:09:33 GMT
etag: "ae8ecbe3ae2621d52c93644edd4e1e20-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HW871DX7DQJVJA8EZAXWYZMT
X-Firefox-Spdy: h2

basic-tutorials.de/wp-content/uploads/2015/10/FlashAir-Karte.jpg

45.136.29.41

200 OK

81 kB

URL GET HTTP/2
basic-tutorials.de/wp-content/uploads/2015/10/FlashAir-Karte.jpg
IP
45.136.29.41:443
ASN
#197540 netcup GmbH

Requested by
https://loadingbrick541.netlify.app/toshiba-flashair-app
Certificate
IssuerLet's Encrypt
Subjectbasic-tutorials.de
Fingerprint73:D5:E3:C5:6B:6F:67:86:90:9C:C5:AA:1B:A5:DE:4B:67:78:94:7A
ValiditySun, 18 Feb 2024 18:56:56 GMT - Sat, 18 May 2024 18:56:55 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", baseline, precision 8, 3000x2000, components 3
Size
81 kB (80762 bytes)
Hash
ae70ca347553fa5eeb4f5c10dfa89fa5
c6a8fdeb28e193a902698b0c6082d374af270328
144ed71c1e4c6721beae9e99557cbc18c142d117a13bb81b6599f1246871938e

HTTP Headers

GET /wp-content/uploads/2015/10/FlashAir-Karte.jpg HTTP/1.1
Host: basic-tutorials.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loadingbrick541.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 14:09:33 GMT
content-type: image/jpeg
content-length: 80762
last-modified: Fri, 28 Aug 2020 05:00:40 GMT
etag: "5f488f78-13b7a"
expires: Thu, 24 Apr 2025 14:09:33 GMT
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (7)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

File type