Report - 45.148.121.53/~frivarch/

Report Overview

Visited public
2024-07-23 10:45:10
Tags
URL
45.148.121.53/~frivarch/
Finishing URL
45.148.121.53/~frivarch/
IP / ASN
45.148.121.53
#64425 SKB Enterprise B.V.
Title
Friv Old Menu, Friv Legends & Classic (Non-Profit Project)

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-22 18:12:14	1.6 kB	4.4 kB	23.36.77.32
45.148.121.53	unknown	unknown	No data	No data	28 kB	1.4 MB	45.148.121.53
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-07-22 18:21:53	1.3 kB	2.8 kB	142.250.74.131
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2024-07-22 18:52:09	419 B	104 kB	142.250.74.168
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20 16:52:05	2024-07-22 22:30:13	425 B	789 B	142.250.74.130

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-07-23 10:44:32	medium	45.148.121.53	Client IP	ET DROP Spamhaus DROP Listed Traffic Inbound group 5

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed
2024-07-23	medium	45.148.121.53	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	45.148.121.53/~frivarch/	ScriptElement	176 B	2024-08-19	2024-08-19
Pretty URL 45.148.121.53/~frivarch/ IP 45.148.121.53 ASN #64425 SKB Enterprise B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 16:00 Last Seen2024-08-19 16:00 Times Seen1 Hash 8ce258abcc58c3f380025083956f406d 66d9804fc35bc7e492679c427c967925a72a755e 825888c4239b7c19f9f41edabfec022daba99c86f23847d1c1577b02fae73e9e Loading...

	45.148.121.53/~frivarch/public/js/jquery.min.js	ScriptElement	96 kB	2023-03-07	2024-08-19
Pretty URL 45.148.121.53/~frivarch/public/js/jquery.min.js IP 45.148.121.53 ASN #64425 SKB Enterprise B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17 Last Seen2024-08-19 16:00 Times Seen1 Hash 646aa9b014846ffbf6abe161577f397f b8a348cd3a77f709882ae4b3d808b4b38bffe6d0 8c3182c4aeb910e8ddbbc2ca9d85b87c4a672a960b04523751cab59bc10c9a36 Loading...

	45.148.121.53/~frivarch/	ScriptElement	153 B	2024-08-19	2024-08-19
Pretty URL 45.148.121.53/~frivarch/ IP 45.148.121.53 ASN #64425 SKB Enterprise B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 16:00 Last Seen2024-08-19 16:00 Times Seen1 Hash 7cb6249fbd7ba0bdd023b9ebb3ce4d84 dd8a0a5db79a4c68a31c8f4a80a58b8ed9916669 9b29bc2ff904dc36bdc239c081933e0a73a8104f8acd5cfb4c46072eee7fa4de Loading...

	45.148.121.53/~frivarch/public/js/app.js?w=9	ScriptElement	9.5 kB	2024-08-19	2024-08-19
Pretty URL 45.148.121.53/~frivarch/public/js/app.js?w=9 IP 45.148.121.53 ASN #64425 SKB Enterprise B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:00 Last Seen2024-08-19 16:00 Times Seen1 Hash e085a18d97c18c886f7255772940f604 bc89e36216db2d85303a9c9be57314b84b6caecd 12f47b87d5ba69bcbdb505e0d343cb9d1a45c0e5b60cbd580f6602da487c1e95 Loading...

	www.googletagmanager.com/gtag/js?id=G-R2M2MKDVGT	ScriptElement	312 kB	2024-08-19	2024-08-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-R2M2MKDVGT IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-19 16:00 Last Seen2024-08-19 16:00 Times Seen1 Hash 7ac66984f3e95690abe4829dda886535 7b6823b6e4b02af860f2009540312e22cc38c92f b0dd4b9521cdb82a2caef48bdb418fc3bb85fd9c403b755e2b32f08183c210b5 Loading...

HTTP Transactions (37)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
3bd6a6d19bf0ab70e4e0cd3d2833afe1
0dd2ee68cf939d2482a9b30bf767f412eb97e492
23c60c02f8a6f1f7fe01f9f4661cf04a03c046522201927dfa7c51ceba6c5449

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "23C60C02F8A6F1F7FE01F9F4661CF04A03C046522201927DFA7C51CEBA6C5449"
Last-Modified: Sat, 20 Jul 2024 20:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11645
Expires: Tue, 23 Jul 2024 13:58:37 GMT
Date: Tue, 23 Jul 2024 10:44:32 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
924327fa04d108458b0225e7ebe4183b
93e78c953751bfdf53094ddb3cce58550d953bbf
8b733a635618582dda467895c8500629631e4e1b57fa0a2005ed094ca7eae3cf

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8B733A635618582DDA467895C8500629631E4E1B57FA0A2005ED094CA7EAE3CF"
Last-Modified: Tue, 23 Jul 2024 07:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15748
Expires: Tue, 23 Jul 2024 15:07:00 GMT
Date: Tue, 23 Jul 2024 10:44:32 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a3c611a5284d44a90e480768ae5bddec
b403635d82747515139fb262c717283d0f23500c
47728d98a42f446eba80ebc8f2ecf23b7c715054884ca16d357d1d301a441768

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "47728D98A42F446EBA80EBC8F2ECF23B7C715054884CA16D357D1D301A441768"
Last-Modified: Tue, 23 Jul 2024 07:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11357
Expires: Tue, 23 Jul 2024 13:53:49 GMT
Date: Tue, 23 Jul 2024 10:44:32 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fd115439890c93cffca20c1e8e57d7e9
ac392d605dbe2ebd22d7c5fbad07e8c52d77ea5c
6880e7942c7d7fd202d5fa27f05d9bf4d326a927c8017d7eb3fe8935bca9315d

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "6880E7942C7D7FD202D5FA27F05D9BF4D326A927C8017D7EB3FE8935BCA9315D"
Last-Modified: Tue, 23 Jul 2024 07:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11228
Expires: Tue, 23 Jul 2024 13:51:41 GMT
Date: Tue, 23 Jul 2024 10:44:33 GMT
Connection: keep-alive

45.148.121.53/~frivarch/

45.148.121.53

3.0 kB

URL User Request GET
45.148.121.53/~frivarch/
IP
45.148.121.53:0
ASN
#64425 SKB Enterprise B.V.

File type
HTML document, ASCII text, with very long lines (435), with CRLF, LF line terminators
Size
3.0 kB (3006 bytes)
Hash
bc02056f1cad912e4b065ca3ed7b6f64
2a78ad5a99ac80aed67ac527861013b0edb7c8c4
50c0ec61607101d2a627150e315f9f233b558f089e9d9cca8f4277eacff3ce61

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch/ HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
set-cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; expires=Tue, 23-Jul-2024 12:44:32 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D; expires=Tue, 23-Jul-2024 12:44:32 GMT; Max-Age=7200; path=/; httponly; samesite=lax
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch/public/css/app.css?q=62

45.148.121.53

200 OK

2.8 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch/public/css/app.css?q=62
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
ASCII text, with very long lines (446)
Size
2.8 kB (2777 bytes)
Hash
179751e6b16638d91f7a4285a5e388e3
557eb34d74c89533b86486f29cd2d484abc3affb
df14c3fbc218ee0ddaa7567ccbb278038a9a95350cc6f374c1e77fa92e70708f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch/public/css/app.css?q=62 HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public, must-revalidate
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: text/css
last-modified: Wed, 25 Oct 2023 02:30:33 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2777
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch/public/js/app.js?w=9

45.148.121.53

200 OK

3.3 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch/public/js/app.js?w=9
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JavaScript source, ASCII text, with very long lines (2069)
Size
3.3 kB (3307 bytes)
Hash
e085a18d97c18c886f7255772940f604
bc89e36216db2d85303a9c9be57314b84b6caecd
12f47b87d5ba69bcbdb505e0d343cb9d1a45c0e5b60cbd580f6602da487c1e95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch/public/js/app.js?w=9 HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public, must-revalidate
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: application/javascript
last-modified: Thu, 16 Nov 2023 04:09:01 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3307
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/games/April2023/4IzmYgIvyAbFdng8q6VY.jpg

45.148.121.53

200 OK

9.7 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/games/April2023/4IzmYgIvyAbFdng8q6VY.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 100x100, components 3
Size
9.7 kB (9695 bytes)
Hash
7f5ef9b97299065008d1a650184f3eac
7cd8f632e4929ae307bd1ebf957e21531a9afaed
c6e064eb7c8de9e3fcd451c66826efd29771d50c13a14d30d8f849ececcec0d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/games/April2023/4IzmYgIvyAbFdng8q6VY.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 25 Apr 2023 19:36:28 GMT
accept-ranges: bytes
content-length: 9695
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch/public/js/jquery.min.js

45.148.121.53

200 OK

34 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch/public/js/jquery.min.js
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JavaScript source, ASCII text, with very long lines (65483)
Size
34 kB (34174 bytes)
Hash
646aa9b014846ffbf6abe161577f397f
b8a348cd3a77f709882ae4b3d808b4b38bffe6d0
8c3182c4aeb910e8ddbbc2ca9d85b87c4a672a960b04523751cab59bc10c9a36

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch/public/js/jquery.min.js HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=604800, public, must-revalidate
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: application/javascript
last-modified: Thu, 18 Jun 2020 09:36:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 34174
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/games/November2021/ZNaAWRaMCQ5jPAerJkd5.jpg

45.148.121.53

200 OK

13 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/games/November2021/ZNaAWRaMCQ5jPAerJkd5.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 100", baseline, precision 8, 100x100, components 3
Size
13 kB (12947 bytes)
Hash
b0655a366e0517cd4245ef6f55056da0
23a02081ad510ee50786b433b3b3a4bc3b53e2d8
78ddeaba9ba7e6db0af56dca9b3da23fd252a26e6b83499ca5a5cd7fe247b4b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/games/November2021/ZNaAWRaMCQ5jPAerJkd5.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Mon, 15 Nov 2021 21:57:48 GMT
accept-ranges: bytes
content-length: 12947
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/games/September2023/hQHgpZ37sY37TOVjuZz4.jpg

45.148.121.53

200 OK

7.5 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/games/September2023/hQHgpZ37sY37TOVjuZz4.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 100x100, components 3
Size
7.5 kB (7496 bytes)
Hash
5e2ff9c1b8bc38f90e8b6ffe00b0c3c1
bb87564f8981d2ef4524b69d1815d49941b2cb59
4c676b53d6c9a5386b60eab0e8b1428a8c727764d21722571ec3d46183d5547e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/games/September2023/hQHgpZ37sY37TOVjuZz4.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Fri, 22 Sep 2023 03:04:14 GMT
accept-ranges: bytes
content-length: 7496
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/games/September2023/j2evCcWsQcU5JjuoCBRL.jpg

45.148.121.53

200 OK

14 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/games/September2023/j2evCcWsQcU5JjuoCBRL.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 100x100, components 3
Size
14 kB (14329 bytes)
Hash
591685bc00befd0bd57e9b34994046a5
17b51392a19d8e3dba0d399ce62a07486203f009
9e8bc974a996757b9be6b0c41f49b8a10de0711aed7ecaddefb71a81ada790e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/games/September2023/j2evCcWsQcU5JjuoCBRL.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Fri, 22 Sep 2023 03:29:28 GMT
accept-ranges: bytes
content-length: 14329
date: Tue, 23 Jul 2024 10:44:32 GMT

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e8a7467beda442c6a1de9d9ccc7f5985
86d738ef6b12afa41c23e4f6b8d40ed1fdbd5c9e
4a9d8b8aeca0b5c291f41707324f54287bcaeb950d6ea242e55ced12181f31eb

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 Jul 2024 10:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

45.148.121.53/~frivarch//public/storage/games/November2021/4wkQTdBswwWUdqNACc3M.jpg

45.148.121.53

200 OK

13 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/games/November2021/4wkQTdBswwWUdqNACc3M.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 100", baseline, precision 8, 100x100, components 3
Size
13 kB (13054 bytes)
Hash
c2a88d653eb459de5b45221b1030c3ab
290e29baaaa16b7a32012dc1687984b3ec325dbf
40c6f716687762a88e5d9f6a6befd5a52e46472967763ed6bce60ecf1f8cd5bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/games/November2021/4wkQTdBswwWUdqNACc3M.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Thu, 18 Nov 2021 01:49:12 GMT
accept-ranges: bytes
content-length: 13054
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/cflb473kVMWkkU1zoHo5.jpg

45.148.121.53

200 OK

44 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/cflb473kVMWkkU1zoHo5.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 244x665, components 3
Size
44 kB (43980 bytes)
Hash
5f259df0341c12a46543250c24aa0c05
f86547246a697f3f272770133996226d2127780c
2411423710ce60c386f853b26dd28acbcf2bceebbe0b1c9fb67bc1ccc0b66bc0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/cflb473kVMWkkU1zoHo5.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 09:07:26 GMT
accept-ranges: bytes
content-length: 43980
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/8To8jEcX2410XMy6VgtQ.jpg

45.148.121.53

200 OK

40 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/8To8jEcX2410XMy6VgtQ.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 281x504, components 3
Size
40 kB (39599 bytes)
Hash
79f7c48803ae62c0e98a0e143e74c7f4
6d929eb0202671448c1a09f155671c14077f3b63
0a76ce45b6ff28efeac24cd22cc345da79d9286df3384a22e33ce95744ef4060

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/8To8jEcX2410XMy6VgtQ.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 12:09:56 GMT
accept-ranges: bytes
content-length: 39599
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/PLpJnTxlYlCeiNYbH09A.jpg

45.148.121.53

200 OK

45 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/PLpJnTxlYlCeiNYbH09A.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 707x1449, components 3
Size
45 kB (44782 bytes)
Hash
2a01b290296a05ac122385a2b9b343f0
07e67086e6a89bd82b168a61267b9cbc7c4aba49
c7aebe005de3bf6e4af5717d607547eb1d9112b498dabb6aa51e9fd8fd3fe2b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/PLpJnTxlYlCeiNYbH09A.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 13:20:30 GMT
accept-ranges: bytes
content-length: 44782
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/35mmIJ3vNGQGYkJlH93P.jpg

45.148.121.53

200 OK

65 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/35mmIJ3vNGQGYkJlH93P.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 283x671, components 3
Size
65 kB (65316 bytes)
Hash
1abb62e98913c7a23ba44ab32fcc68e8
7614f6294630d621b13d8a96a654e5fa51b6a49c
85a441ea814b59cb4c362efc9f832a874d767425e299a9cfee6d78d2e63be644

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/35mmIJ3vNGQGYkJlH93P.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 12:00:54 GMT
accept-ranges: bytes
content-length: 65316
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/FfINTBCoMiq1rSUH2vQ1.jpg

45.148.121.53

200 OK

87 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/FfINTBCoMiq1rSUH2vQ1.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 631x853, components 3
Size
87 kB (87179 bytes)
Hash
46fea56da8dfc5e6ef1b1fc3bb3167a0
98f1d6d4094264b774b77af238dcd5aa7d164091
f3fa3f997d813e1672c60c440e34faf2656c404fb4ab2b8915184ef92af211c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/FfINTBCoMiq1rSUH2vQ1.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 13:28:26 GMT
accept-ranges: bytes
content-length: 87179
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/ZBkYU12MN6JaTzgvW4J6.jpg

45.148.121.53

200 OK

46 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/ZBkYU12MN6JaTzgvW4J6.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 707x1449, components 3
Size
46 kB (45475 bytes)
Hash
cafd108c1ffc9b918f7878163338f2c7
985e9eecc8c72a117ecfd29c5609af655aec4dee
5f7dfdaa5ebb3e8481bca4d53f6223501a2c588a06f5fb75fcb0ff90e13f92df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/ZBkYU12MN6JaTzgvW4J6.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 13:22:08 GMT
accept-ranges: bytes
content-length: 45475
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch/public/fonts/LEMONMILK-Bold.otf

45.148.121.53

200 OK

35 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch/public/fonts/LEMONMILK-Bold.otf
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
OpenType font data
Size
35 kB (34596 bytes)
Hash
8daf0546ac7662756f96d34988f75b4d
91cef6e742a3816c1f01f41ad039dc401bf6c968
07050370cce15356c771df836dc18e156b82209a3c6376ecd2ca846cf726c7be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch/public/fonts/LEMONMILK-Bold.otf HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/public/css/app.css?q=62
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: font/otf
last-modified: Wed, 15 Jan 2020 04:10:56 GMT
accept-ranges: bytes
content-length: 34596
date: Tue, 23 Jul 2024 10:44:32 GMT

www.googletagmanager.com/gtag/js?id=G-R2M2MKDVGT

142.250.74.168

200 OK

104 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-R2M2MKDVGT
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://45.148.121.53/~frivarch/
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintB3:23:88:EF:34:69:5A:0C:81:CE:02:E2:E3:19:FE:95:71:75:A1:14
ValidityMon, 24 Jun 2024 06:35:05 GMT - Mon, 16 Sep 2024 06:35:04 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
104 kB (103630 bytes)
Hash
7ac66984f3e95690abe4829dda886535
7b6823b6e4b02af860f2009540312e22cc38c92f
b0dd4b9521cdb82a2caef48bdb418fc3bb85fd9c403b755e2b32f08183c210b5

HTTP Headers

GET /gtag/js?id=G-R2M2MKDVGT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 23 Jul 2024 10:44:33 GMT
expires: Tue, 23 Jul 2024 10:44:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103630
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

45.148.121.53/~frivarch//public/storage/fversions/September2023/WLm0GWIeVaNAd6MRx5VK.jpg

45.148.121.53

200 OK

57 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/WLm0GWIeVaNAd6MRx5VK.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 281x672, components 3
Size
57 kB (56955 bytes)
Hash
2a379a6a6dfdbfb468e6b83c4a42c6be
7ae509f5f821a2efb5c3eb210348d378d2dc6686
6da9f7e09bea1fc4287cf05b7acf7ef40b219d9eeb72da490325926eed821e5c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/WLm0GWIeVaNAd6MRx5VK.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 12:04:32 GMT
accept-ranges: bytes
content-length: 56955
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/bUOuoc9XWlfgavhgjXes.jpg

45.148.121.53

200 OK

36 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/bUOuoc9XWlfgavhgjXes.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 707x1448, components 3
Size
36 kB (35501 bytes)
Hash
d5d64188c065f4b49e3ead5a1c91f360
a716cd2f22a1553b7d8569a0dacaa165f0805571
db37366a37447ec25dee5bd60e849ddb389a03ab8c5951506cfd1b2c398de7da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/bUOuoc9XWlfgavhgjXes.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 13:23:38 GMT
accept-ranges: bytes
content-length: 35501
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/evhtN7AIuZyCUU2otQuR.jpg

45.148.121.53

200 OK

184 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/evhtN7AIuZyCUU2otQuR.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 881x902, components 3
Size
184 kB (184399 bytes)
Hash
ce95c26695582cb371bdaffa489e570b
7893ab0ed1bdf47497d5cd0b10a7241e6b85aef1
d64bf629251ce086d7f1d03dfa41686f9620b24b60294e631fcd5a44e3217cde

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/evhtN7AIuZyCUU2otQuR.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Wed, 06 Sep 2023 12:49:40 GMT
accept-ranges: bytes
content-length: 184399
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/MrO7DDe4ZhF2epUQEeao.jpg

45.148.121.53

200 OK

154 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/MrO7DDe4ZhF2epUQEeao.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 599x961, components 3
Size
154 kB (154444 bytes)
Hash
3e06c127551bf728d4868f4cbe27fe5c
01968748350a1d36e1707add89a85b0fc6a3ceb5
06167b5e06da9a6ef67ae60d9ac53b2840608fe1425ae09488273b814fb89e0b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/MrO7DDe4ZhF2epUQEeao.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 13:27:28 GMT
accept-ranges: bytes
content-length: 154444
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/DSBjMha0xuKo5xmEmuH1.jpg

45.148.121.53

200 OK

90 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/DSBjMha0xuKo5xmEmuH1.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 453x670, components 3
Size
90 kB (90454 bytes)
Hash
730a553c58f35f7a3c8ba32494e1fec8
e3da6f7c2072bf750d8993a4a4644fb6f6fa8f66
f60852ec2ca4c9f99031f6c4b6df82edeaf4092c4ed8f76ee1add7bab1f99835

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/DSBjMha0xuKo5xmEmuH1.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 13:24:28 GMT
accept-ranges: bytes
content-length: 90454
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/31u8PPYJB3NtJVp1gFUG.jpg

45.148.121.53

200 OK

158 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/31u8PPYJB3NtJVp1gFUG.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 668x897, components 3
Size
158 kB (157485 bytes)
Hash
69a9198d49c40e1d618cdb961a28e244
0c0142b11a52efa50a40304499366417dfd8f45e
377228e0e6ce711cdb69a616d060204404c2b439a4583d42329814ce086818d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/31u8PPYJB3NtJVp1gFUG.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 13:32:42 GMT
accept-ranges: bytes
content-length: 157485
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/qrk1yD1SVENuiGwjqWmU.jpg

45.148.121.53

200 OK

46 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/qrk1yD1SVENuiGwjqWmU.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 707x1449, components 3
Size
46 kB (45475 bytes)
Hash
cafd108c1ffc9b918f7878163338f2c7
985e9eecc8c72a117ecfd29c5609af655aec4dee
5f7dfdaa5ebb3e8481bca4d53f6223501a2c588a06f5fb75fcb0ff90e13f92df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/qrk1yD1SVENuiGwjqWmU.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Wed, 06 Sep 2023 15:48:44 GMT
accept-ranges: bytes
content-length: 45475
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/m90EFsuLGUJtacrfQITe.jpg

45.148.121.53

200 OK

85 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/m90EFsuLGUJtacrfQITe.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 340x673, components 3
Size
85 kB (85309 bytes)
Hash
fd7c3cf6bc03d816e86a374f39cbff39
b3caf6ababd6e9bb4bb31858dfba3ecec267d0c5
534edb3c0573b390feaf33602c9c3f18d037daf53a2e63c485a3d2d107151766

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/m90EFsuLGUJtacrfQITe.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 09:19:42 GMT
accept-ranges: bytes
content-length: 85309
date: Tue, 23 Jul 2024 10:44:32 GMT

45.148.121.53/~frivarch//public/storage/fversions/September2023/TP4ClFtToUrOHEzqPiqC.jpg

45.148.121.53

200 OK

97 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch//public/storage/fversions/September2023/TP4ClFtToUrOHEzqPiqC.jpg
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 75", baseline, precision 8, 504x667, components 3
Size
97 kB (96695 bytes)
Hash
1cd41f535847130490f5a903b8896395
74577e677eff39566e818ebc8de684e144f0a9f1
929da95f431dd9ecc46da73dfc9e85a5d8a0f2ea4c4493d03614ee702632a269

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch//public/storage/fversions/September2023/TP4ClFtToUrOHEzqPiqC.jpg HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:32 GMT
content-type: image/jpeg
last-modified: Tue, 05 Sep 2023 13:25:50 GMT
accept-ranges: bytes
content-length: 96695
date: Tue, 23 Jul 2024 10:44:32 GMT

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e8a7467beda442c6a1de9d9ccc7f5985
86d738ef6b12afa41c23e4f6b8d40ed1fdbd5c9e
4a9d8b8aeca0b5c291f41707324f54287bcaeb950d6ea242e55ced12181f31eb

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 Jul 2024 10:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

45.148.121.53/~frivarch/public/images/logo-3.png

45.148.121.53

200 OK

12 kB

URL GET HTTP/1.1
45.148.121.53/~frivarch/public/images/logo-3.png
IP
45.148.121.53:80
ASN
#64425 SKB Enterprise B.V.

Requested by
http://45.148.121.53/~frivarch/

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
12 kB (11689 bytes)
Hash
79c08da5d7eda8f88b964757b3c3dfcc
f5fa20e4fadc29c0417571a2e9dd48ad51cc5963
f08c0e3c493d7a0a946a74fd1b5868273eab3d3dd6651a3d4e4a981eb595eda3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /~frivarch/public/images/logo-3.png HTTP/1.1
Host: 45.148.121.53
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://45.148.121.53/~frivarch/
Cookie: XSRF-TOKEN=eyJpdiI6Ill2bEtyczZqdFp4dG9JWFYweUNGMnc9PSIsInZhbHVlIjoiMkFZMkVrejRNa1A0SVZzUEhRUlcrZUt6c1VtMmVRNWNhdzhSNjRSZ09JUjljaVZiV1hjK0pQOW82eXl0STlNZk80NER5NDFpR1RJVTkyU0JHdlVUWWxmRVJMZENFVGIxNWtSR3I3NTcwQXFGM3paWWZTRmVPSGxJL2p6L0VxVXMiLCJtYWMiOiJmMGI2MTM2MTU0OTBlZWMxZGRlMzI5NDBhNWFmOGNmNTg4MTMwZTI3NjAxZTg5NjlkZTYzM2M5ZDM5NjM2MzZiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik1yaFkvNjdrN01zb0xZUDd6cHliZlE9PSIsInZhbHVlIjoibTJmTGFIbzdvUHlGTFJOOXUxYVBEbmREbjhxRVlibHJmYzQxTnltV25ZbXVpSEQrLy95R1FXVTQrd2UybEpvMWZDUmhLQVR4TEhQRHJ4KzB1VUZ5ZkxIVFVMQ0lUd0NzbDhkZGYrcVBnMlU1MkRoNksvSkVRME41T1AwYWxycU8iLCJtYWMiOiJmMzdlNDRmNDk4MDViYjBmZGZmMDhlZjA1MWRkNDIyZmUzNmUyMTAwNjU1NzA1MTIzOThmYWQ1N2U3ODI0OGNlIiwidGFnIjoiIn0%3D
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: max-age=2419200, public
expires: Tue, 30 Jul 2024 10:44:33 GMT
content-type: image/png
last-modified: Wed, 06 Sep 2023 15:35:48 GMT
accept-ranges: bytes
content-length: 11689
date: Tue, 23 Jul 2024 10:44:33 GMT

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d8bffaf6d7857f1c9c3b75e1afb30b42
a1920f8c333d287cb4fdcbe1f722215a1cfe8336
4d1060d010ff80f1edaf73687fabd50490d4dfd0d9843b94e67a5842dd7e6f96

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 Jul 2024 10:44:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.130

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.130:443
ASN
#15169 GOOGLE

Requested by
http://45.148.121.53/~frivarch/
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint7E:BA:46:1C:71:E3:0E:A7:F4:CD:F7:B7:BA:51:08:89:F7:41:6F:72
ValidityMon, 24 Jun 2024 06:35:05 GMT - Mon, 16 Sep 2024 06:35:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://45.148.121.53/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Tue, 23 Jul 2024 10:44:33 GMT
expires: Tue, 23 Jul 2024 10:44:33 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 13432160273510021901
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 53391
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d8bffaf6d7857f1c9c3b75e1afb30b42
a1920f8c333d287cb4fdcbe1f722215a1cfe8336
4d1060d010ff80f1edaf73687fabd50490d4dfd0d9843b94e67a5842dd7e6f96

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 23 Jul 2024 10:44:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6f2910e1ef1f25adc2a608cb3e59166e
da9b723e09fa30a2caee59b3a2d7c31e670f1954
cd7fdfa1d737721a9e30ca08b7d4ee9f0dae31a9a4aab7f1b3c32efa752ccc63

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "CD7FDFA1D737721A9E30CA08B7D4EE9F0DAE31A9A4AAB7F1B3C32EFA752CCC63"
Last-Modified: Tue, 23 Jul 2024 08:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15749
Expires: Tue, 23 Jul 2024 15:07:04 GMT
Date: Tue, 23 Jul 2024 10:44:35 GMT
Connection: keep-alive

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (37)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN