Report - s3.athenacdn09.site/cdn/down/60650b3b0e1c09756a763b5c5ff6ab73/Video/720p/720p

Report Overview

Visitedpublic

2024-06-15 20:35:24

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-06-15 18:20:48	1.6 kB	4.4 kB	23.36.77.32
s3.athenacdn09.site	unknown	unknown	No data	No data	1.0 kB	470 kB	104.26.6.66

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-06-15	medium	athenacdn09.site	Sinkholed
2024-06-15	medium	athenacdn09.site	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (7)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-06-15

Last Seen2024-08-19

Times Seen41629

Size504 B (504 bytes)

MD55c35a3180482afadf4e89f4cc249fa7b

SHA18a088c184606fe3e4e0da8cd90b6eb5e6d30fb97

SHA256146fe131cf8436e3de4832a23b351400b4819dbd9b9716302248d3ab447f000c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "146FE131CF8436E3DE4832A23B351400B4819DBD9B9716302248D3AB447F000C"
Last-Modified: Sat, 15 Jun 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17002
Expires: Sun, 16 Jun 2024 01:18:19 GMT
Date: Sat, 15 Jun 2024 20:34:57 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-06-15

Last Seen2024-08-19

Times Seen41892

Size504 B (504 bytes)

MD5ede0b27def700f18bb6d4eb4c1d97352

SHA1c802c366cb2eee6b9339349aa21677fdb1bd5fa5

SHA25618ffb58da62f40b37a43b0baaceefe8bc3ef83ccdf9ee19ff874ccb0d802c9f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "18FFB58DA62F40B37A43B0BAACEEFE8BC3EF83CCDF9EE19FF874CCB0D802C9F2"
Last-Modified: Sat, 15 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10606
Expires: Sat, 15 Jun 2024 23:31:47 GMT
Date: Sat, 15 Jun 2024 20:35:01 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-06-15

Last Seen2024-08-19

Times Seen41892

Size504 B (504 bytes)

MD5ede0b27def700f18bb6d4eb4c1d97352

SHA1c802c366cb2eee6b9339349aa21677fdb1bd5fa5

SHA25618ffb58da62f40b37a43b0baaceefe8bc3ef83ccdf9ee19ff874ccb0d802c9f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "18FFB58DA62F40B37A43B0BAACEEFE8BC3EF83CCDF9EE19FF874CCB0D802C9F2"
Last-Modified: Sat, 15 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10606
Expires: Sat, 15 Jun 2024 23:31:47 GMT
Date: Sat, 15 Jun 2024 20:35:01 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-06-15

Last Seen2024-08-19

Times Seen41892

Size504 B (504 bytes)

MD5ede0b27def700f18bb6d4eb4c1d97352

SHA1c802c366cb2eee6b9339349aa21677fdb1bd5fa5

SHA25618ffb58da62f40b37a43b0baaceefe8bc3ef83ccdf9ee19ff874ccb0d802c9f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "18FFB58DA62F40B37A43B0BAACEEFE8BC3EF83CCDF9EE19FF874CCB0D802C9F2"
Last-Modified: Sat, 15 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10606
Expires: Sat, 15 Jun 2024 23:31:47 GMT
Date: Sat, 15 Jun 2024 20:35:01 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-06-15

Last Seen2024-08-19

Times Seen41892

Size504 B (504 bytes)

MD5ede0b27def700f18bb6d4eb4c1d97352

SHA1c802c366cb2eee6b9339349aa21677fdb1bd5fa5

SHA25618ffb58da62f40b37a43b0baaceefe8bc3ef83ccdf9ee19ff874ccb0d802c9f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "18FFB58DA62F40B37A43B0BAACEEFE8BC3EF83CCDF9EE19FF874CCB0D802C9F2"
Last-Modified: Sat, 15 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10606
Expires: Sat, 15 Jun 2024 23:31:47 GMT
Date: Sat, 15 Jun 2024 20:35:01 GMT
Connection: keep-alive

GET s3.athenacdn09.site/cdn/down/60650b3b0e1c09756a763b5c5ff6ab73/Video/720p/720p_188.html

104.26.6.66

200 OK

468 kB

URL

s3.athenacdn09.site/cdn/down/60650b3b0e1c09756a763b5c5ff6ab73/Video/720p/720p_188.html

IP / ASN

104.26.6.66

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typedata

First Seen2024-08-19

Last Seen2024-08-19

Times Seen1

Size468 kB (468120 bytes)

MD5a4d26bb37a0c0059690080fa88d52d82

SHA1d5e3f1d37c5d7fbadb0f61a2b624e912d3f7b8fc

SHA2560604f5de57ef5b49df1d244fd9a56e869d3e98e13e8f3fc310aa370c89275354

Certificate Info

IssuerGoogle Trust Services LLC

Subjectathenacdn09.site

Fingerprint07:17:E0:3B:D5:6E:C3:09:74:76:FB:15:CA:DA:1C:DE:7C:77:FA:13

ValidityFri, 10 May 2024 18:40:33 GMT - Thu, 08 Aug 2024 18:40:32 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn/down/60650b3b0e1c09756a763b5c5ff6ab73/Video/720p/720p_188.html HTTP/1.1
Host: s3.athenacdn09.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 15 Jun 2024 20:34:57 GMT
content-type: text/html
last-modified: Fri, 19 Apr 2024 12:09:06 GMT
access-control-allow-origin: https://jeniusplay.com
cache-control: public, max-age=31536000, s-maxage=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hlwyg7S3NpJD6ob9LFPjld13V25BTfk7Dp5HdU5PWX7cvBnz1KFfMbZwdNmnxRtK5BWHk0t7BdRZ2g4W3EK%2FtsVeOo%2FcVxh%2BIGSq9Xg4oPcPHUuHvm6UVwXuE7N7D3BbWUGA4x8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 89455808398756a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET s3.athenacdn09.site/favicon.ico

104.26.6.66

404 Not Found

564 B

URL

s3.athenacdn09.site/favicon.ico

IP / ASN

104.26.6.66

#13335 CLOUDFLARENET

Requested byhttps://s3.athenacdn09.site/cdn/down/60650b3b0e1c09756a763b5c5ff6ab73/Video/720p/720p_188.html

Resource Info

File typeHTML document, ASCII text, with very long lines (592), with no line terminators

First Seen2023-04-10

Last Seen2025-04-05

Times Seen239

Size564 B (564 bytes)

MD5fdcc3670b5749c79b9fd2506176af388

SHA11095fe0f01313e6da2c11cf5dbce11702601910a

SHA2563186816c26c71c47fa28220ea83b02b93fa62389d22d3d77e8eeefcc573f2b69

Certificate Info

IssuerGoogle Trust Services LLC

Subjectathenacdn09.site

Fingerprint07:17:E0:3B:D5:6E:C3:09:74:76:FB:15:CA:DA:1C:DE:7C:77:FA:13

ValidityFri, 10 May 2024 18:40:33 GMT - Thu, 08 Aug 2024 18:40:32 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: s3.athenacdn09.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s3.athenacdn09.site/cdn/down/60650b3b0e1c09756a763b5c5ff6ab73/Video/720p/720p_188.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 15 Jun 2024 20:35:03 GMT
content-type: text/html
cache-control: max-age=31536000
cf-cache-status: HIT
age: 96017
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TmTB2MFWnrhXknVNG16T4PXFpLUiVXHM00CAWsQTO3pl6O52lic%2B3k4sOW46UTPkUBzyS1bkDXPsvdR%2FhFwqli4B1od97%2B8%2Ftf42HJozWkUH6SmtyS0c%2B6KKbQvKVUfQ%2BPGMWUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 89455828fa935695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400