Report - techmediahub.benchurl.com/c/opt?e=1784C90&c=D9933&t=0&l=DAB8D4F5&email=J9uerQEJmxJFYxpvDXtwINWzgsuGuMH3

Report Overview

Visited public
2024-01-29 09:10:55
Tags
URL
techmediahub.benchurl.com/c/opt?e=1784C90&c=D9933&t=0&l=DAB8D4F5&email=J9uerQEJmxJFYxpvDXtwINWzgsuGuMH3
Finishing URL
techmediahub.benchurl.com/c/confirmed?t=0&language=indian
IP / ASN
35.155.10.203
#16509 AMAZON-02
Title
Confirm Your Subscription

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
techmediahub.benchurl.com	unknown	2014-04-11	2023-11-09 20:24:56	2024-01-23 16:42:33	5.1 kB	163 kB	52.89.131.123
use.typekit.com	14731	2006-07-11	2012-05-23 16:28:56	2024-01-28 00:39:38	3.7 kB	123 kB	23.36.76.186
p.typekit.net	620	2010-08-02	2012-05-23 16:28:57	2024-01-28 18:30:37	550 B	371 B	23.36.76.96
aus5.mozilla.org	2548	1998-01-24	2015-10-27 08:06:24	2024-01-28 19:09:07	511 B	6.5 kB	35.244.181.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-01-28	medium	benchurl.com	Sinkholed
2024-01-28	medium	benchurl.com	Sinkholed
2024-01-28	medium	benchurl.com	Sinkholed
2024-01-28	medium	benchurl.com	Sinkholed
2024-01-28	medium	benchurl.com	Sinkholed
2024-01-28	medium	benchurl.com	Sinkholed
2024-01-28	medium	benchurl.com	Sinkholed
2024-01-28	medium	benchurl.com	Sinkholed
2024-01-28	medium	benchurl.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	techmediahub.benchurl.com/script/jquery-1.7.1.min.js	ScriptElement	147 kB	2023-03-07	2025-02-06
Pretty URL techmediahub.benchurl.com/script/jquery-1.7.1.min.js IP 52.89.131.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-02-06 07:38 Times Seen345 Hash 42cf237d7b8d41da174502d8f4ddfcd2 92fdfa9e11d8ab103bb22047ebab12333631bcd8 7f4f6940064931390ca6686d8a593a3038e1a6f33bb4dc9d3ae612d9b2d799c3 Loading...

	use.typekit.com/oai6wkl.js	ScriptElement	18 kB	2024-01-09	2024-09-20
Pretty URL use.typekit.com/oai6wkl.js IP 23.36.76.186 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-09 17:33 Last Seen2024-09-20 19:50 Times Seen193 Hash af9b1a26ed308ccf301e66e3363be846 17bd2f1cb82a8f27abf012cca0d3b024fc00642e bfa9de7a2adc6e705b248795ea31154be2fbcee433440b7396f779d49c809631 Loading...

	techmediahub.benchurl.com/c/confirmed?t=0&language=indian	ScriptElement	0 B	0001-01-01	2025-05-07
Pretty URL techmediahub.benchurl.com/c/confirmed?t=0&language=indian IP 52.89.131.123 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-07 04:10 Times Seen4622549 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (18)

URL IP Response Size

techmediahub.benchurl.com/c/opt?e=1784C90&c=D9933&t=0&l=DAB8D4F5&email=J9uerQEJmxJFYxpvDXtwINWzgsuGuMH3

52.89.131.123

302 Found

153 B

URL User Request GET HTTP/2
techmediahub.benchurl.com/c/opt?e=1784C90&c=D9933&t=0&l=DAB8D4F5&email=J9uerQEJmxJFYxpvDXtwINWzgsuGuMH3
IP
52.89.131.123:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
153 B (153 bytes)
Hash
96849ebd6c236ba1d57c4cffa3fc8978
9d35d9f8b0a4fb07d2b1a94b289361a613b1d620
72b0d1165d6fc38f737896dd6b1931f4f7928ff2f42adf4b3fc086571856941c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c/opt?e=1784C90&c=D9933&t=0&l=DAB8D4F5&email=J9uerQEJmxJFYxpvDXtwINWzgsuGuMH3 HTTP/1.1
Host: techmediahub.benchurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 29 Jan 2024 09:10:31 GMT
content-type: text/html; charset=utf-8
content-length: 153
cache-control: private
location: /c/confirmed?t=0&language=indian
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=pofb2hapkaaoooy1yjrbav5z; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-xss-protection: 0
X-Firefox-Spdy: h2

techmediahub.benchurl.com/c/confirmed?t=0&language=indian

52.89.131.123

200 OK

1.4 kB

URL User Request GET HTTP/2
techmediahub.benchurl.com/c/confirmed?t=0&language=indian
IP
52.89.131.123:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (424), with CRLF line terminators
Size
1.4 kB (1420 bytes)
Hash
a41d00e099804448765793865e045c6f
a8730009d251aca95a15ea97456d4e06cb340b70
249bf6cda9732263d5846552b98d9e6744b33ff406ed56e3a3f1f63dcf4543b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c/confirmed?t=0&language=indian HTTP/1.1
Host: techmediahub.benchurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ASP.NET_SessionId=pofb2hapkaaoooy1yjrbav5z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Jan 2024 09:10:31 GMT
content-type: text/html; charset=utf-8
content-length: 1420
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-xss-protection: 0
X-Firefox-Spdy: h2

techmediahub.benchurl.com/css/header.css

52.89.131.123

200 OK

13 kB

URL GET HTTP/2
techmediahub.benchurl.com/css/header.css
IP
52.89.131.123:443
ASN
#16509 AMAZON-02

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (419), with CRLF line terminators
Size
13 kB (13271 bytes)
Hash
96ff5db6547f62ab1273cba92d9c9eed
eb7442bb2f5f83966156bd288ea4953c4a7d5a4c
e2c4aab64c2c89ea7280cf53346f8fc9e051de8f8acf01e0d75d57217169db11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/header.css HTTP/1.1
Host: techmediahub.benchurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Cookie: ASP.NET_SessionId=pofb2hapkaaoooy1yjrbav5z
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Jan 2024 09:10:31 GMT
content-type: text/css
content-length: 13271
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 18:41:16 GMT
accept-ranges: bytes
etag: "06e3947261cd71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

use.typekit.com/oai6wkl.js

23.36.76.186

200 OK

6.7 kB

URL GET HTTP/2
use.typekit.com/oai6wkl.js
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2258)
Size
6.7 kB (6734 bytes)
Hash
f29c028b24d98f2e2539f225bcb0609a
3731733edc509a0209177900bcf1ff17d0ded5f9
4a4b6a474dc2338620523c98c9cb9d35480b24e8a96df7e702edf7d991f5cd8b

HTTP Headers

GET /oai6wkl.js HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6734
date: Mon, 29 Jan 2024 09:10:32 GMT
X-Firefox-Spdy: h2

techmediahub.benchurl.com/script/jquery-1.7.1.min.js

52.89.131.123

200 OK

62 kB

URL GET HTTP/2
techmediahub.benchurl.com/script/jquery-1.7.1.min.js
IP
52.89.131.123:443
ASN
#16509 AMAZON-02

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (33076), with CRLF line terminators
Size
62 kB (62208 bytes)
Hash
42cf237d7b8d41da174502d8f4ddfcd2
92fdfa9e11d8ab103bb22047ebab12333631bcd8
7f4f6940064931390ca6686d8a593a3038e1a6f33bb4dc9d3ae612d9b2d799c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/jquery-1.7.1.min.js HTTP/1.1
Host: techmediahub.benchurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Cookie: ASP.NET_SessionId=pofb2hapkaaoooy1yjrbav5z
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Jan 2024 09:10:31 GMT
content-type: application/javascript
content-length: 62208
content-encoding: gzip
last-modified: Fri, 28 Sep 2012 12:59:01 GMT
accept-ranges: bytes
etag: "721f298799dcd1:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

use.typekit.com/af/8c5f68/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3

23.36.76.186

200 OK

19 kB

URL GET HTTP/2
use.typekit.com/af/8c5f68/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 19056, version 1.0
Size
19 kB (19056 bytes)
Hash
dddf341025f47901da49cc060730048c
83dc9cee8403778310f2fb5bd0e675192ddddf21
3b361d49881277ab3b92b0d7edc9f781f8f8ccb6738487b927140fee462aec1d

HTTP Headers

GET /af/8c5f68/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://techmediahub.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19056
etag: "518c5f781d51642b3cf2290d365b9b8257de6e1f"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 29 Jan 2024 09:10:32 GMT
X-Firefox-Spdy: h2

use.typekit.com/af/b4e997/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3

23.36.76.186

200 OK

19 kB

URL GET HTTP/2
use.typekit.com/af/b4e997/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 18692, version 1.0
Size
19 kB (18692 bytes)
Hash
39f53d4a2d3741ca8ae973750256c214
cc904f0c5a3e1a9530798207091ea974155b4c1c
f1c1ae1a41ae40e40b10aa9c031ae6850548fe43a736725051753aa6c411668d

HTTP Headers

GET /af/b4e997/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://techmediahub.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 18692
etag: "80987524f2c82c2a36d727971941de8401d3f316"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 29 Jan 2024 09:10:32 GMT
X-Firefox-Spdy: h2

use.typekit.com/af/3b47e3/00000000000000003b9ad1bc/27/l?subset_id=2&fvd=i6&v=3

23.36.76.186

200 OK

19 kB

URL GET HTTP/2
use.typekit.com/af/3b47e3/00000000000000003b9ad1bc/27/l?subset_id=2&fvd=i6&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 19048, version 1.0
Size
19 kB (19048 bytes)
Hash
c58007eb95f4647b0fec64ff9429d800
252e0416e4b297e09b4d9244efa79cd9a3c72d43
1d4797f8814994226060d66485b71446067211dbdf5d1799c437c3ee63258d21

HTTP Headers

GET /af/3b47e3/00000000000000003b9ad1bc/27/l?subset_id=2&fvd=i6&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://techmediahub.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19048
etag: "131c73b236b0a451c55436b26d3b7857d5a10680"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 29 Jan 2024 09:10:32 GMT
X-Firefox-Spdy: h2

use.typekit.com/af/dcab3a/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3

23.36.76.186

200 OK

20 kB

URL GET HTTP/2
use.typekit.com/af/dcab3a/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 19524, version 1.0
Size
20 kB (19524 bytes)
Hash
fcb5c1dd5b07e3786979f619d8af41eb
8142eae602abd9abb15f886673773480082cb2ed
12f57218818734d0c49ab72316a2b415d984f309d217c8d79bed4ed0a0eca1af

HTTP Headers

GET /af/dcab3a/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://techmediahub.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19524
etag: "c85de2b0c8d27e8ecb10964d9c709a0e5397550c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 29 Jan 2024 09:10:32 GMT
X-Firefox-Spdy: h2

use.typekit.com/af/aa8afb/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3

23.36.76.186

200 OK

18 kB

URL GET HTTP/2
use.typekit.com/af/aa8afb/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 18504, version 1.0
Size
18 kB (18504 bytes)
Hash
5cf4886debc81650fb7f6d93f03a503f
06e254aa32bcf2b5aa8bf1cea25568da56cf0495
e0ed483bba0a14e9fe3b33939500515282721fedb70a8ebad014233c02df57c2

HTTP Headers

GET /af/aa8afb/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://techmediahub.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 18504
etag: "f9e85be3f0c8dcdcbd6f0a8471a46280ab7bf664"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 29 Jan 2024 09:10:32 GMT
X-Firefox-Spdy: h2

use.typekit.com/af/9cba47/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3

23.36.76.186

200 OK

19 kB

URL GET HTTP/2
use.typekit.com/af/9cba47/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 19188, version 1.0
Size
19 kB (19188 bytes)
Hash
2052aabaa0038dd2e272016311a0e54b
fddfd48f49a13dee5e2f311d412ce837fdbe6faa
6d52e211ba98d5b5348088d0a9a42b3bc015f6f4ab8bee236f702cd09ba72b9d

HTTP Headers

GET /af/9cba47/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://techmediahub.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19188
etag: "8887aa07a5e31ddeba60d1317cef52532c1e4862"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 29 Jan 2024 09:10:32 GMT
X-Firefox-Spdy: h2

techmediahub.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Regular.woff2

52.89.131.123

200 OK

26 kB

URL GET HTTP/2
techmediahub.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Regular.woff2
IP
52.89.131.123:443
ASN
#16509 AMAZON-02

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26116, version 7.0
Size
26 kB (26116 bytes)
Hash
a3f4bf30367a861f8a16f8c3a9029720
fc2b32c0f6c90e3119dd5e68dd86b062dcbc142a
6953e91532c8a4027421f3ec28b38ff4a2d03a7ab9f60a0a686a0eecbc0cf3e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/fonts/MessinaSans/MessinaSansWeb-Regular.woff2 HTTP/1.1
Host: techmediahub.benchurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/css/header.css
Cookie: ASP.NET_SessionId=pofb2hapkaaoooy1yjrbav5z
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Jan 2024 09:10:32 GMT
content-type: application/font-woff2
content-length: 26116
last-modified: Wed, 21 Mar 2018 23:21:12 GMT
accept-ranges: bytes
etag: "0e4ea4c6bc1d31:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

techmediahub.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Bold.woff2

52.89.131.123

200 OK

26 kB

URL GET HTTP/2
techmediahub.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Bold.woff2
IP
52.89.131.123:443
ASN
#16509 AMAZON-02

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26268, version 7.0
Size
26 kB (26268 bytes)
Hash
19ebcf5625bb72dc4ab22f9190b17a5a
c7fd59a75bafab683587ecd2829662a137e88d93
da4b872cba131f9b516b0f3512a1799358568c7961df90d134ffe6aa10c4b5d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/fonts/MessinaSans/MessinaSansWeb-Bold.woff2 HTTP/1.1
Host: techmediahub.benchurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/css/header.css
Cookie: ASP.NET_SessionId=pofb2hapkaaoooy1yjrbav5z
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Jan 2024 09:10:32 GMT
content-type: application/font-woff2
content-length: 26268
last-modified: Wed, 21 Mar 2018 23:21:12 GMT
accept-ranges: bytes
etag: "0e4ea4c6bc1d31:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

p.typekit.net/p.gif?s=1&k=oai6wkl&ht=tk&h=techmediahub.benchurl.com&f=139.140.173.174.175.176&a=536444&js=1.21.0&app=typekit&e=js&_=1706519434840

23.36.76.96

200 OK

35 B

URL GET HTTP/2
p.typekit.net/p.gif?s=1&k=oai6wkl&ht=tk&h=techmediahub.benchurl.com&f=139.140.173.174.175.176&a=536444&js=1.21.0&app=typekit&e=js&_=1706519434840
IP
23.36.76.96:443
ASN
#20940 Akamai International B.V.

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

HTTP Headers

GET /p.gif?s=1&k=oai6wkl&ht=tk&h=techmediahub.benchurl.com&f=139.140.173.174.175.176&a=536444&js=1.21.0&app=typekit&e=js&_=1706519434840 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/gif
content-length: 35
last-modified: Sun, 15 Oct 2023 12:43:11 GMT
etag: "652bde5f-23"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Mon, 29 Jan 2024 09:10:32 GMT
X-Firefox-Spdy: h2

techmediahub.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Light.woff2

52.89.131.123

200 OK

26 kB

URL GET HTTP/2
techmediahub.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Light.woff2
IP
52.89.131.123:443
ASN
#16509 AMAZON-02

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26048, version 7.0
Size
26 kB (26048 bytes)
Hash
cf5f99a932802c3db892dc004bb7e48a
00801d6a023a2cb6bf03dfe0513d8b6721efb682
5b70004d9d7b33848a564f72ba6e3caf9d409594e59e79426733e2d6167c48ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/fonts/MessinaSans/MessinaSansWeb-Light.woff2 HTTP/1.1
Host: techmediahub.benchurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/css/header.css
Cookie: ASP.NET_SessionId=pofb2hapkaaoooy1yjrbav5z
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Jan 2024 09:10:32 GMT
content-type: application/font-woff2
content-length: 26048
last-modified: Wed, 21 Mar 2018 23:21:12 GMT
accept-ranges: bytes
etag: "0e4ea4c6bc1d31:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

techmediahub.benchurl.com/images/favicon.png

52.89.131.123

200 OK

1.1 kB

URL GET HTTP/2
techmediahub.benchurl.com/images/favicon.png
IP
52.89.131.123:443
ASN
#16509 AMAZON-02

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
1.1 kB (1077 bytes)
Hash
98afef26b0752d4e1c796cd7e224d300
26e39cc4862b2955012e3912d1749392969f80e0
56339793ef6148fdf17378abccd5ac5b1714e3eb639a272919e3c34272d5da41

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: techmediahub.benchurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Cookie: ASP.NET_SessionId=pofb2hapkaaoooy1yjrbav5z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Jan 2024 09:10:32 GMT
content-type: image/png
content-length: 1077
last-modified: Mon, 04 Feb 2019 16:12:19 GMT
accept-ranges: bytes
etag: "57dda267a4bcd41:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

techmediahub.benchurl.com/images/apple-icon-touch.png

52.89.131.123

200 OK

4.0 kB

URL GET HTTP/2
techmediahub.benchurl.com/images/apple-icon-touch.png
IP
52.89.131.123:443
ASN
#16509 AMAZON-02

Requested by
https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
4.0 kB (3973 bytes)
Hash
8af45137d382b5063c8768af7526cf62
7cbff95a75254816d988a6867eb18b3af8b3f7f5
e51cd97d39afb1437022f77609690597d7c593c8e90517a296f85f6055b44e2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/apple-icon-touch.png HTTP/1.1
Host: techmediahub.benchurl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://techmediahub.benchurl.com/c/confirmed?t=0&language=indian
Cookie: ASP.NET_SessionId=pofb2hapkaaoooy1yjrbav5z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 29 Jan 2024 09:10:32 GMT
content-type: image/png
content-length: 3973
last-modified: Fri, 24 Mar 2017 22:54:46 GMT
accept-ranges: bytes
etag: "497472a2f1a4d21:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

5.8 kB

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max speed, from Unix
Size
5.8 kB (5755 bytes)
Hash
c344a9a0ebcec7abc2e5fd1bc31459d9
e19c399652cbd4a242ea4f6d8d84ab275a92d12e
3a59d21f84cd3b7f3ed3ca00c9c97e508cfd2723840b8e66e2f28acca51c8460

HTTP Headers

GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 29 Jan 2024 09:10:49 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-02-29-06-55-23.chain; p384ecdsa=Q7AK-R3nds3idhm0x4VxUgMgberOGQoAC2oQk2EeebmMRYT5hZaZ-jIbk-eHwfNCeH61_LT-hb_zKWq57FJG-0VWhfpPvObheKiXzog8WdvUTD4ZvxxdqMvn5qJke9HZ
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash