Report - 34.76.42.135/

Report Overview

Visited public
2023-12-03 12:55:22
Tags
URL
34.76.42.135/
Finishing URL
34.76.42.135/en-us/ag
IP / ASN
34.76.42.135
#15169 GOOGLE
Title
PRIME MATTER

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
34.76.42.135	unknown	unknown	2020-04-23 08:18:13	2023-11-18 07:34:03	3.9 kB	301 kB	34.76.42.135
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-03 06:51:04	889 B	153 kB	142.250.74.72
consent.cookiebot.com	4972	2010-01-21	2014-02-26 15:48:42	2023-12-02 05:26:07	964 B	35 kB	2.22.31.19
consentcdn.cookiebot.com	5676	2010-01-21	2018-05-23 07:13:43	2023-12-02 05:26:07	538 B	1.0 kB	104.110.3.72
static.plaion.com	unknown	2021-04-20	2022-10-26 09:47:01	2023-07-01 13:00:36	4.7 kB	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	34.76.42.135	Sinkholed
2023-12-03	medium	34.76.42.135	Sinkholed
2023-12-03	medium	34.76.42.135	Sinkholed
2023-12-03	medium	34.76.42.135	Sinkholed
2023-12-03	medium	34.76.42.135	Sinkholed
2023-12-03	medium	34.76.42.135	Sinkholed
2023-12-03	medium	34.76.42.135	Sinkholed
2023-12-03	medium	34.76.42.135	Sinkholed
2023-12-03	medium	34.76.42.135	Sinkholed
2023-12-03	medium	34.76.42.135	Sinkholed
2023-12-03	medium	34.76.42.135	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	consent.cookiebot.com/486d7844-32bc-4eaf-973b-556da6476cde/cc.js?renew=false&referer=34.76.42.135&dnt=true&init=false	ScriptElement	368 B	2023-11-20	2023-12-03
Pretty URL consent.cookiebot.com/486d7844-32bc-4eaf-973b-556da6476cde/cc.js?renew=false&referer=34.76.42.135&dnt=true&init=false IP 2.22.31.19 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 00:15 Last Seen2023-12-03 13:55 Times Seen2 Hash aabb136db8e44bbb5431b59977f27e5c 471eeaf10b3b030e36ca782521f8e924c9a7bf50 78d938c7f9ba46251fab2c115cb1bca043f0cb1f8b4aa28a21d09ad35844c4b0 Loading...

	34.76.42.135/410.d48307b8e65f5c3e.js	ScriptElement	86 kB	2023-11-20	2023-12-03
Pretty URL 34.76.42.135/410.d48307b8e65f5c3e.js IP 34.76.42.135 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 00:15 Last Seen2023-12-03 13:55 Times Seen2 Hash 21fbc6b76dd51c9de2f6446dadb45997 3f55bd6067651546a513f85eb3acf288ae09c5f7 63a8ff1715e8357065ff403d207e83442874987ceb02591c2b4fe8c4800c268a Loading...

	34.76.42.135/polyfills.ee9d791f009ec2e1.js	ScriptElement	41 kB	2023-11-20	2023-12-03
Pretty URL 34.76.42.135/polyfills.ee9d791f009ec2e1.js IP 34.76.42.135 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 00:15 Last Seen2023-12-03 13:55 Times Seen2 Hash d2c84a3b711e1912838aa7a6c2efc79e 77a463d3baf4c42c25d1ed2a335cec4fa3d5260a b814b4d366d6843a16e91fbc0139a68b69d5d43c64531fbaae7f05ebbdf4d9a2 Loading...

	consent.cookiebot.com/uc.js?cbid=486d7844-32bc-4eaf-973b-556da6476cde	ScriptElement	110 kB	2023-11-29	2023-12-12
Pretty URL consent.cookiebot.com/uc.js?cbid=486d7844-32bc-4eaf-973b-556da6476cde IP 2.22.31.19 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-29 16:50 Last Seen2023-12-12 12:51 Times Seen232 Hash aac56c7f29e16e1e97e0130f5e2fa1ab 1b2c81da14aac3caf2ce108ed24a4f73a5255c55 e670474d3ff2eb57099f8590c87e2fef7478ba7971bc2d36c2b156ce3fd22c47 Loading...

	34.76.42.135/runtime.e3a2ca47050d1be6.js	ScriptElement	3.4 kB	2023-11-20	2023-12-03
Pretty URL 34.76.42.135/runtime.e3a2ca47050d1be6.js IP 34.76.42.135 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 00:15 Last Seen2023-12-03 13:55 Times Seen2 Hash 48111afff3a7a227cbd7b540de722b30 d28a5da7589150c86e4d7a02a862bd162642dc90 21ac01e3f802934998b67c94872fcfa91c7ea0e1981cb0ef956ed0cf19257c70 Loading...

	www.googletagmanager.com/gtag/js?id=G-8PG10RGQ2B&l=dataLayer&cx=c	ScriptElement	222 kB	2023-12-03	2023-12-03
Pretty URL www.googletagmanager.com/gtag/js?id=G-8PG10RGQ2B&l=dataLayer&cx=c IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 13:55 Last Seen2023-12-03 13:55 Times Seen1 Hash fc6355b216d088dc78dc7e5fe2bc4e59 7544d2a0505e1ccd232fcfaf4758fff4255c8787 557960ecb53257f48cbca7055ac6d939f45ea969d742211521e1a8810e28965c Loading...

	unknown	ScriptElement	325 B	2023-03-07	2025-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05 Last Seen2025-05-11 02:05 Times Seen3261 Hash 06b4b89af63d7f851febec5906cfdd0b 90000db80d4b2f885e15ec5053dbc69317a50703 642e0885f97ed6cbf7136e43421d3dd084d02b07dfc62a1cc80f42d6f69e3ca5 Loading...

	34.76.42.135/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL 34.76.42.135/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 10:00 Times Seen341873 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 10:00 Times Seen341071 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	consentcdn.cookiebot.com/sdk/bc-v4.min.html	ScriptElement	585 B	2023-04-05	2025-03-02
Pretty URL consentcdn.cookiebot.com/sdk/bc-v4.min.html IP 104.110.3.72 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 07:33 Last Seen2025-03-02 03:53 Times Seen11999 Hash 019b8aaa9f25d986d68395a8c6277be0 4d07e0b8c06f0a26b5be2caaf5c03d72b7c3d630 9ba37511ff74e293467e2c283d7045d2d63d999a1e700a41467f6bcf845329a2 Loading...

	34.76.42.135/	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL 34.76.42.135/ IP 34.76.42.135 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 10:04 Times Seen4653161 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	164 B	2023-11-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 00:15 Last Seen2024-08-20 18:44 Times Seen2 Hash f4f457cb5b7e72ca537b0ae08f1d06e7 219d18d4ee77ed794737be03b5a36ff4506986ad f186b91175d5594a46ccf23801ba211bebdf401a3779095b6800d2198c3eb5c2 Loading...

	34.76.42.135/688.fd09d495bdd030ba.js	ScriptElement	281 kB	2023-11-20	2023-12-03
Pretty URL 34.76.42.135/688.fd09d495bdd030ba.js IP 34.76.42.135 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 00:15 Last Seen2023-12-03 13:55 Times Seen2 Hash 62b5949a272f89409587e003a1b61530 b2e33f6a22deaed07c1e6a3708ae3e38e095ea5b 50622f4fcc818dd00add2f5fe4f1e03c3397dc3febfd71ce8a0f0c1433a02a4e Loading...

	34.76.42.135/main.5bfb5bcadd3b8e4c.js	ScriptElement	673 kB	2023-11-20	2023-12-03
Pretty URL 34.76.42.135/main.5bfb5bcadd3b8e4c.js IP 34.76.42.135 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-20 00:15 Last Seen2023-12-03 13:55 Times Seen2 Hash c3a202ee8253e6d3ab0511054a1c9da1 5a0dc1d49a3e180472f21a9d4d64da0f93eb2e21 d6bdab9fb23c0dec9f07784cedc6494e300b489f4f7adaf7b26d865c8adf7f80 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5LVXSVJ	ScriptElement	203 kB	2023-12-03	2023-12-03
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5LVXSVJ IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 13:55 Last Seen2023-12-03 13:55 Times Seen1 Hash 784eebf41ec82f40357a68be1f22cd4a 7a62589237435a0b5560d618f1c7890300938482 48ff17714e9b5905989415413db0786f6aa853c6e950e5eba06c1346f0e9aed7 Loading...

HTTP Transactions (26)

URL IP Response Size

34.76.42.135/

34.76.42.135

2.4 kB

URL User Request GET
34.76.42.135/
IP
34.76.42.135:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1652)
Size
2.4 kB (2442 bytes)
Hash
7d0d5a080abcd78feb9c40753f006305
15aefc8decd066fb5a403d3f2b64d9a21b0b9e53
1d3f3bcb03cea5e9d962df7129d54a1124666f70705732e4941409add389e79c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 34.76.42.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 12:55:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-type, Accept, X-Access-Token, X-Key
Access-Control-Allow-Methods: GET,POST
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 09 Jan 2023 15:55:37 GMT
ETag: W/"1454-185973e8ca8"
Vary: Accept-Encoding
Content-Encoding: gzip

34.76.42.135/runtime.e3a2ca47050d1be6.js

34.76.42.135

200 OK

1.8 kB

URL GET HTTP/1.1
34.76.42.135/runtime.e3a2ca47050d1be6.js
IP
34.76.42.135:80
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/

File type
ASCII text, with very long lines (3422), with no line terminators
Size
1.8 kB (1754 bytes)
Hash
48111afff3a7a227cbd7b540de722b30
d28a5da7589150c86e4d7a02a862bd162642dc90
21ac01e3f802934998b67c94872fcfa91c7ea0e1981cb0ef956ed0cf19257c70

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /runtime.e3a2ca47050d1be6.js HTTP/1.1
Host: 34.76.42.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 12:55:04 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-type, Accept, X-Access-Token, X-Key
Access-Control-Allow-Methods: GET,POST
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 09 Jan 2023 15:55:37 GMT
ETag: W/"d5e-185973e8ca8"
Vary: Accept-Encoding
Content-Encoding: gzip

34.76.42.135/polyfills.ee9d791f009ec2e1.js

34.76.42.135

200 OK

14 kB

URL GET HTTP/1.1
34.76.42.135/polyfills.ee9d791f009ec2e1.js
IP
34.76.42.135:80
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/

File type
ASCII text, with very long lines (41207), with no line terminators
Size
14 kB (14102 bytes)
Hash
d2c84a3b711e1912838aa7a6c2efc79e
77a463d3baf4c42c25d1ed2a335cec4fa3d5260a
b814b4d366d6843a16e91fbc0139a68b69d5d43c64531fbaae7f05ebbdf4d9a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /polyfills.ee9d791f009ec2e1.js HTTP/1.1
Host: 34.76.42.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 12:55:04 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-type, Accept, X-Access-Token, X-Key
Access-Control-Allow-Methods: GET,POST
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 09 Jan 2023 15:55:36 GMT
ETag: W/"a0f7-185973e88c0"
Vary: Accept-Encoding
Content-Encoding: gzip

34.76.42.135/assets/structure.json

34.76.42.135

200 OK

1.0 kB

URL GET HTTP/1.1
34.76.42.135/assets/structure.json
IP
34.76.42.135:80
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/

File type
JSON data\012- , ASCII text
Size
1.0 kB (1027 bytes)
Hash
3ac2491709f4c4f693d9e965e9666053
9ff5702ec076ff6bf124b47f1fd2c28702b94c65
703451d3f351a330cf544984784c18524834b6bbf801a6a5e089521e82c4d4d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/structure.json HTTP/1.1
Host: 34.76.42.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://34.76.42.135/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 12:55:05 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-type, Accept, X-Access-Token, X-Key
Access-Control-Allow-Methods: GET,POST
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 09 Jan 2023 15:55:36 GMT
ETag: W/"8f0-185973e88c0"
Vary: Accept-Encoding
Content-Encoding: gzip

34.76.42.135/styles.e3ee509f4a08b8b6.css

34.76.42.135

200 OK

11 kB

URL GET HTTP/1.1
34.76.42.135/styles.e3ee509f4a08b8b6.css
IP
34.76.42.135:80
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
11 kB (10573 bytes)
Hash
271d9861254f23658aa04a58be9cfc03
e2c74d372fd1ec83ca557587c4b44b83f28f8a03
d18cb27527fa056071d36246eb42710d6b7bff56b62d99b2d21af0fd590403e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /styles.e3ee509f4a08b8b6.css HTTP/1.1
Host: 34.76.42.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 12:55:05 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-type, Accept, X-Access-Token, X-Key
Access-Control-Allow-Methods: GET,POST
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 09 Jan 2023 15:55:37 GMT
ETag: W/"13195-185973e8ca8"
Vary: Accept-Encoding
Content-Encoding: gzip

34.76.42.135/main.5bfb5bcadd3b8e4c.js

34.76.42.135

200 OK

184 kB

URL GET HTTP/1.1
34.76.42.135/main.5bfb5bcadd3b8e4c.js
IP
34.76.42.135:80
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
184 kB (184086 bytes)
Hash
c3a202ee8253e6d3ab0511054a1c9da1
5a0dc1d49a3e180472f21a9d4d64da0f93eb2e21
d6bdab9fb23c0dec9f07784cedc6494e300b489f4f7adaf7b26d865c8adf7f80

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /main.5bfb5bcadd3b8e4c.js HTTP/1.1
Host: 34.76.42.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 12:55:04 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-type, Accept, X-Access-Token, X-Key
Access-Control-Allow-Methods: GET,POST
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 09 Jan 2023 15:55:37 GMT
ETag: W/"a455d-185973e8ca8"
Vary: Accept-Encoding
Content-Encoding: gzip

www.googletagmanager.com/gtm.js?id=GTM-5LVXSVJ

142.250.74.72

200 OK

72 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5LVXSVJ
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3026)
Size
72 kB (72419 bytes)
Hash
784eebf41ec82f40357a68be1f22cd4a
7a62589237435a0b5560d618f1c7890300938482
48ff17714e9b5905989415413db0786f6aa853c6e950e5eba06c1346f0e9aed7

HTTP Headers

GET /gtm.js?id=GTM-5LVXSVJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 12:55:05 GMT
expires: Sun, 03 Dec 2023 12:55:05 GMT
cache-control: private, max-age=900
last-modified: Sun, 03 Dec 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72419
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.76.42.135/units/SEO

34.76.42.135

200 OK

394 B

URL GET HTTP/1.1
34.76.42.135/units/SEO
IP
34.76.42.135:80
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/

File type
JSON data\012- , ASCII text, with very long lines (1299), with no line terminators
Size
394 B (394 bytes)
Hash
41bd468cabf034db2d2e947480255689
f4412b75f49ec080fae21bbcf86555ae01233c93
6259fae5662ded4201b2a1db83054a54351c7d4df184e6fd5c4d07ffa0dd3558

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /units/SEO HTTP/1.1
Host: 34.76.42.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 12:55:05 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-type, Accept, X-Access-Token, X-Key
Access-Control-Allow-Methods: GET,POST
ETag: W/"513-9EErdfSewID64hu8+GVVrgEjPJM"
Vary: Accept-Encoding
Content-Encoding: gzip

34.76.42.135/units/footer+navigation

34.76.42.135

200 OK

695 B

URL GET HTTP/1.1
34.76.42.135/units/footer+navigation
IP
34.76.42.135:80
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (2415), with no line terminators
Size
695 B (695 bytes)
Hash
ad06586b294e150bd2c735737de6d20e
cb7bb8c2f6307b5db844a93089f9fbea6a4c4af5
8de40df55f93ece82c38e42b04b3845c1843ca2099889aee2d4f4a317a4ac9cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /units/footer+navigation HTTP/1.1
Host: 34.76.42.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 12:55:05 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-type, Accept, X-Access-Token, X-Key
Access-Control-Allow-Methods: GET,POST
ETag: W/"973-y3u4wvYwe124RKkwifn76mpMSvU"
Vary: Accept-Encoding
Content-Encoding: gzip

www.googletagmanager.com/gtag/js?id=G-8PG10RGQ2B&l=dataLayer&cx=c

142.250.74.72

200 OK

79 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-8PG10RGQ2B&l=dataLayer&cx=c
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
79 kB (79160 bytes)
Hash
fc6355b216d088dc78dc7e5fe2bc4e59
7544d2a0505e1ccd232fcfaf4758fff4255c8787
557960ecb53257f48cbca7055ac6d939f45ea969d742211521e1a8810e28965c

HTTP Headers

GET /gtag/js?id=G-8PG10RGQ2B&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 12:55:05 GMT
expires: Sun, 03 Dec 2023 12:55:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

consent.cookiebot.com/uc.js?cbid=486d7844-32bc-4eaf-973b-556da6476cde

2.22.31.19

200 OK

34 kB

URL GET HTTP/2
consent.cookiebot.com/uc.js?cbid=486d7844-32bc-4eaf-973b-556da6476cde
IP
2.22.31.19:443
ASN
#20940 Akamai International B.V.

Requested by
http://34.76.42.135/
Certificate
IssuerDigiCert Inc
Subjectconsent.cookiebot.com
Fingerprint56:33:CA:77:EA:BC:73:51:03:77:3B:70:7C:00:AF:45:02:85:85:98
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499)
Size
34 kB (33865 bytes)
Hash
aac56c7f29e16e1e97e0130f5e2fa1ab
1b2c81da14aac3caf2ce108ed24a4f73a5255c55
e670474d3ff2eb57099f8590c87e2fef7478ba7971bc2d36c2b156ce3fd22c47

HTTP Headers

GET /uc.js?cbid=486d7844-32bc-4eaf-973b-556da6476cde HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 29 Nov 2023 14:10:00 GMT
accept-ranges: bytes
etag: "5c27a8bdcd22da1:0"
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 33865
cache-control: public, max-age=125
expires: Sun, 03 Dec 2023 12:57:10 GMT
date: Sun, 03 Dec 2023 12:55:05 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2

34.76.42.135/assets/main/favicon.ico

34.76.42.135

200 OK

1.7 kB

URL GET HTTP/1.1
34.76.42.135/assets/main/favicon.ico
IP
34.76.42.135:80
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
1.7 kB (1674 bytes)
Hash
005761158f157ef1b29810279f3ffa06
251c0f539aede3edaec77321be0c009b43270826
81bcdd901f47f8d1fd9e5a5237887e389c9d3a7fc1691191dd4733f0fcf849e4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/main/favicon.ico HTTP/1.1
Host: 34.76.42.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 12:55:05 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-type, Accept, X-Access-Token, X-Key
Access-Control-Allow-Methods: GET,POST
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 09 Jan 2023 15:55:37 GMT
ETag: W/"10be-185973e8ca8"
Vary: Accept-Encoding
Content-Encoding: gzip

consentcdn.cookiebot.com/sdk/bc-v4.min.html

104.110.3.72

200 OK

392 B

URL GET HTTP/2
consentcdn.cookiebot.com/sdk/bc-v4.min.html
IP
104.110.3.72:443
ASN
#16625 AKAMAI-AS

Requested by
http://34.76.42.135/
Certificate
IssuerDigiCert Inc
Subject*.cookiebot.com
Fingerprint88:F1:D8:EB:8E:DD:6F:53:9A:31:C3:FE:59:0E:68:FE:24:2F:84:EB
ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators
Size
392 B (392 bytes)
Hash
3d08665fa4c7bcf9fa2dcbbc7efe1d0f
ba57ecee011a4b99d4bb56707325c8e4d0fb8a2b
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

HTTP Headers

GET /sdk/bc-v4.min.html HTTP/1.1
Host: consentcdn.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
x-akamai-transformed: 9 - 0 pmb=mRUM,1
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=30266053
expires: Sun, 17 Nov 2024 20:09:18 GMT
date: Sun, 03 Dec 2023 12:55:05 GMT
content-length: 392
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701608105650_388255644_306957278_24_1137_2_7_21";dur=1
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2

consent.cookiebot.com/486d7844-32bc-4eaf-973b-556da6476cde/cc.js?renew=false&referer=34.76.42.135&dnt=true&init=false

2.22.31.19

200 OK

354 B

URL GET HTTP/2
consent.cookiebot.com/486d7844-32bc-4eaf-973b-556da6476cde/cc.js?renew=false&referer=34.76.42.135&dnt=true&init=false
IP
2.22.31.19:443
ASN
#20940 Akamai International B.V.

Requested by
http://34.76.42.135/
Certificate
IssuerDigiCert Inc
Subjectconsent.cookiebot.com
Fingerprint56:33:CA:77:EA:BC:73:51:03:77:3B:70:7C:00:AF:45:02:85:85:98
ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (368), with no line terminators
Size
354 B (354 bytes)
Hash
aabb136db8e44bbb5431b59977f27e5c
471eeaf10b3b030e36ca782521f8e924c9a7bf50
78d938c7f9ba46251fab2c115cb1bca043f0cb1f8b4aa28a21d09ad35844c4b0

HTTP Headers

GET /486d7844-32bc-4eaf-973b-556da6476cde/cc.js?renew=false&referer=34.76.42.135&dnt=true&init=false HTTP/1.1
Host: consent.cookiebot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: private, max-age=60
content-type: application/x-javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
access-control-expose-headers: Request-Context
content-length: 354
date: Sun, 03 Dec 2023 12:55:05 GMT
cross-origin-resource-policy: cross-origin
X-Firefox-Spdy: h2

34.76.42.135/688.fd09d495bdd030ba.js

34.76.42.135

200 OK

66 kB

URL GET HTTP/1.1
34.76.42.135/688.fd09d495bdd030ba.js
IP
34.76.42.135:80
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (65466 bytes)
Hash
62b5949a272f89409587e003a1b61530
b2e33f6a22deaed07c1e6a3708ae3e38e095ea5b
50622f4fcc818dd00add2f5fe4f1e03c3397dc3febfd71ce8a0f0c1433a02a4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /688.fd09d495bdd030ba.js HTTP/1.1
Host: 34.76.42.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 12:55:05 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-type, Accept, X-Access-Token, X-Key
Access-Control-Allow-Methods: GET,POST
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 09 Jan 2023 15:55:37 GMT
ETag: W/"44a15-185973e8ca8"
Vary: Accept-Encoding
Content-Encoding: gzip

34.76.42.135/410.d48307b8e65f5c3e.js

34.76.42.135

200 OK

13 kB

URL GET HTTP/1.1
34.76.42.135/410.d48307b8e65f5c3e.js
IP
34.76.42.135:80
ASN
#15169 GOOGLE

Requested by
http://34.76.42.135/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
13 kB (13250 bytes)
Hash
21fbc6b76dd51c9de2f6446dadb45997
3f55bd6067651546a513f85eb3acf288ae09c5f7
63a8ff1715e8357065ff403d207e83442874987ceb02591c2b4fe8c4800c268a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /410.d48307b8e65f5c3e.js HTTP/1.1
Host: 34.76.42.135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 03 Dec 2023 12:55:05 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-type, Accept, X-Access-Token, X-Key
Access-Control-Allow-Methods: GET,POST
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 09 Jan 2023 15:55:37 GMT
ETag: W/"14e02-185973e8ca8"
Vary: Accept-Encoding
Content-Encoding: gzip

static.plaion.com/fonts/gabriela_v14.css?family=Gabriela&display=swap

0.0.0.0

0 B

URL GET
static.plaion.com/fonts/gabriela_v14.css?family=Gabriela&display=swap
IP
0.0.0.0:0
ASN
#0

Requested by
http://34.76.42.135/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/gabriela_v14.css?family=Gabriela&display=swap HTTP/1.1
Host: static.plaion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.plaion.com/fonts/asul_v19.css?family=Asul:wght@700&display=swap

0.0.0.0

0 B

URL GET
static.plaion.com/fonts/asul_v19.css?family=Asul:wght@700&display=swap
IP
0.0.0.0:0
ASN
#0

Requested by
http://34.76.42.135/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/asul_v19.css?family=Asul:wght@700&display=swap HTTP/1.1
Host: static.plaion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.plaion.com/fonts/sourcesanspro_v21.css?family=Source+Sans+Pro&display=swap

0.0.0.0

0 B

URL GET
static.plaion.com/fonts/sourcesanspro_v21.css?family=Source+Sans+Pro&display=swap
IP
0.0.0.0:0
ASN
#0

Requested by
http://34.76.42.135/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/sourcesanspro_v21.css?family=Source+Sans+Pro&display=swap HTTP/1.1
Host: static.plaion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.plaion.com/fonts/asul_v19.css?family=Asul:wght@700&display=swap

0.0.0.0

0 B

URL GET
static.plaion.com/fonts/asul_v19.css?family=Asul:wght@700&display=swap
IP
0.0.0.0:0
ASN
#0

Requested by
http://34.76.42.135/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/asul_v19.css?family=Asul:wght@700&display=swap HTTP/1.1
Host: static.plaion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.plaion.com/fonts/inter_v12.css?family=Inter:wght@100;300;400;500;600;700&display=swap

0.0.0.0

0 B

URL GET
static.plaion.com/fonts/inter_v12.css?family=Inter:wght@100;300;400;500;600;700&display=swap
IP
0.0.0.0:0
ASN
#0

Requested by
http://34.76.42.135/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/inter_v12.css?family=Inter:wght@100;300;400;500;600;700&display=swap HTTP/1.1
Host: static.plaion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.plaion.com/fonts/sourcesanspro_v21.css?family=Source+Sans+Pro&display=swap

0.0.0.0

0 B

URL GET
static.plaion.com/fonts/sourcesanspro_v21.css?family=Source+Sans+Pro&display=swap
IP
0.0.0.0:0
ASN
#0

Requested by
http://34.76.42.135/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/sourcesanspro_v21.css?family=Source+Sans+Pro&display=swap HTTP/1.1
Host: static.plaion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.plaion.com/fonts/inter_v12.css?family=Inter:wght@100;300;400;500;600;700&display=swap

0.0.0.0

0 B

URL GET
static.plaion.com/fonts/inter_v12.css?family=Inter:wght@100;300;400;500;600;700&display=swap
IP
0.0.0.0:0
ASN
#0

Requested by
http://34.76.42.135/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/inter_v12.css?family=Inter:wght@100;300;400;500;600;700&display=swap HTTP/1.1
Host: static.plaion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.plaion.com/fonts/asul_v19.css?family=Asul&display=swap

0.0.0.0

0 B

URL GET
static.plaion.com/fonts/asul_v19.css?family=Asul&display=swap
IP
0.0.0.0:0
ASN
#0

Requested by
http://34.76.42.135/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/asul_v19.css?family=Asul&display=swap HTTP/1.1
Host: static.plaion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.plaion.com/fonts/gabriela_v14.css?family=Gabriela&display=swap

0.0.0.0

0 B

URL GET
static.plaion.com/fonts/gabriela_v14.css?family=Gabriela&display=swap
IP
0.0.0.0:0
ASN
#0

Requested by
http://34.76.42.135/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/gabriela_v14.css?family=Gabriela&display=swap HTTP/1.1
Host: static.plaion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

static.plaion.com/fonts/asul_v19.css?family=Asul&display=swap

0.0.0.0

0 B

URL GET
static.plaion.com/fonts/asul_v19.css?family=Asul&display=swap
IP
0.0.0.0:0
ASN
#0

Requested by
http://34.76.42.135/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fonts/asul_v19.css?family=Asul&display=swap HTTP/1.1
Host: static.plaion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://34.76.42.135/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash