Report - utweb.rainberrytv.com/gui/share.html

Report Overview

Visitedpublic

2025-07-19 19:06:54

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
utweb.rainberrytv.com	unknown	2022-04-22	2022-12-07	2025-07-13	1.1 kB	28 kB	3.167.2.10
127.0.0.1	unknown	unknown	No data	No data	420 B	0 B	0.0.0.0
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-07-16	1.1 kB	60 kB	142.250.178.99
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-07-16	475 B	4.6 kB	142.250.178.106
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-07-16	442 B	371 kB	142.250.178.72

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-07-19	medium	127.0.0.1	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	utweb.rainberrytv.com/gui/share.html	ScriptElement	857 B	2025-06-15	2025-07-19
URL utweb.rainberrytv.com/gui/share.html IP / ASN 3.167.2.10 #0 Introduced by ScriptElement Embedded true Resource Info First Seen 2025-06-15 Last Seen 2025-07-19 Times Seen 2 Size 857 B (857 bytes) MD5 4537aaafda40f1dc19c0c59635536a38 SHA1 0e501e367939e5d7dd7e71c0ffe79bf0ca39f50e SHA256 b2da40c27b24c9e535bdc648a2ecf7d22b607c2c67b4d44ba73f58e1fd9293b1 Format Code Loading...

	utweb.rainberrytv.com/gui/sandbox%20eval%20code		147 B	2023-04-11	2025-08-02
URL utweb.rainberrytv.com/gui/sandbox%20eval%20code IP / ASN 0.0.0.0 #0 Introduced by Embedded false Resource Info First Seen 2023-04-11 Last Seen 2025-08-02 Times Seen 419698 Size 147 B (147 bytes) MD5 92b651082ce234f66bb544e678befda3 SHA1 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 SHA256 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Format Code Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-08-02
URL www.google-analytics.com/analytics.js IP / ASN 0.0.0.0 #0 Introduced by ScriptElement Embedded false Resource Info First Seen 2023-04-11 Last Seen 2025-08-02 Times Seen 418959 Size 4.7 kB (4691 bytes) MD5 f24128d0c9cba7be2916c693427a3483 SHA1 1b6397d496ea896ebc2018b01b995cee4f166029 SHA256 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Format Code Loading...

	utweb.rainberrytv.com/gui/share.html	ScriptElement	8.4 kB	2024-08-21	2025-07-19
URL utweb.rainberrytv.com/gui/share.html IP / ASN 3.167.2.10 #0 Introduced by ScriptElement Embedded true Resource Info First Seen 2024-08-21 Last Seen 2025-07-19 Times Seen 4 Size 8.4 kB (8433 bytes) MD5 42c116b06954e11baddd8c4648749222 SHA1 a32a8e1b931f628a85b4eb9de02d30b9e57d4db4 SHA256 d3df67dfd69f3074ee7d13392e22e02495e8f77765b7a7057fda0acbf22fca98 Format Code Loading...

	www.googletagmanager.com/gtag/js?id=G-Z28525QR15	ScriptElement	370 kB	2025-07-19	2025-07-19
URL www.googletagmanager.com/gtag/js?id=G-Z28525QR15 IP / ASN 142.250.178.72 #15169 GOOGLE Introduced by ScriptElement Embedded false Resource Info First Seen 2025-07-19 Last Seen 2025-07-19 Times Seen 1 Size 370 kB (370349 bytes) MD5 f0d601aeeb84e7f7706861acceee700b SHA1 219e61acb55d70eee17840a301c1a2278f4426e5 SHA256 85752352f76f2f5bfafe122346070b78a231bc939249e46c302d3c5e6ad3e13d Format Code Loading...

HTTP Transactions (7)

URL IP Response Size

GET utweb.rainberrytv.com/gui/share.html

3.167.2.10

200 OK

22 kB

URL

utweb.rainberrytv.com/gui/share.html

IP / ASN

3.167.2.10

Requested byN/A

Resource Info

File typeHTML document, Unicode text, UTF-8 text, with very long lines (9960)

First Seen2025-06-15

Last Seen2025-07-19

Times Seen2

Size22 kB (22290 bytes)

MD5d9e8ae6eaaca9abd05377dc56f6230c3

SHA19aeb230212b8eedeca418df38c375b4d9c763d50

SHA2568cd1dcfff1db840663b5cc729b854bedcc4200451e9a9f69c083ebd5b6717e95

Certificate Info

IssuerAmazon

Subject*.rainberrytv.com

Fingerprint04:16:73:27:85:D8:5B:84:A4:86:F9:9E:0F:5F:43:CE:1E:3E:E8:9C

ValiditySat, 12 Apr 2025 00:00:00 GMT - Tue, 12 May 2026 23:59:59 GMT

HTTP Headers

GET /gui/share.html HTTP/1.1
Host: utweb.rainberrytv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
date: Sat, 19 Jul 2025 06:57:30 GMT
last-modified: Mon, 19 May 2025 08:49:39 GMT
server: AmazonS3
content-encoding: gzip
etag: W/"3776a3a47caf4072fc24bc7fb0b8c4fd"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 94fbdabfcc07b91a0e8ffbb741347df8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: FLVO1tHs4Zbph2QolSUSPNa66pI10PqJGNC-77l-K5rrkYcOBNOUFw==
age: 43742
X-Firefox-Spdy: h2

GET 127.0.0.1:19575/gui/?action=ping

0.0.0.0

0 B

URL

127.0.0.1:19575/gui/?action=ping

IP / ASN

0.0.0.0

Requested byhttps://utweb.rainberrytv.com/gui/share.html

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5605980

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gui/?action=ping HTTP/1.1
Host: 127.0.0.1:19575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://utweb.rainberrytv.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET fonts.gstatic.com/s/librefranklin/v19/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

142.250.178.99

200 OK

29 kB

URL

fonts.gstatic.com/s/librefranklin/v19/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

IP / ASN

142.250.178.99

#15169 GOOGLE

Requested byhttps://utweb.rainberrytv.com/gui/share.html

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 29336, version 1.0

First Seen2024-10-02

Last Seen2025-08-01

Times Seen775

Size29 kB (29336 bytes)

MD5e762e44cb164b541165601daed140a13

SHA1510cfd47e5fa014beae4ad527cfa1b6d31141789

SHA256c4d5d8c2ab89b2f588e061a7d40627b75dbdb7d3288683fd44bdd4e894ca359b

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

Fingerprint9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA

ValidityMon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT

HTTP Headers

GET /s/librefranklin/v19/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://utweb.rainberrytv.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Jul 2025 17:16:48 GMT
expires: Fri, 17 Jul 2026 17:16:48 GMT
cache-control: public, max-age=31536000
age: 179384
last-modified: Wed, 28 May 2025 16:58:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Libre+Franklin:200,500&display=swap

142.250.178.106

200 OK

3.9 kB

URL

fonts.googleapis.com/css?family=Libre+Franklin:200,500&display=swap

IP / ASN

142.250.178.106

#15169 GOOGLE

Requested byhttps://utweb.rainberrytv.com/gui/share.html

Resource Info

File typeASCII text

First Seen2025-06-01

Last Seen2025-07-27

Times Seen13

Size3.9 kB (3902 bytes)

MD55f67a75ba2201f51d50224eb469fb417

SHA16a5273f6f80c0c94819da246981359a8064439a7

SHA256596e65449202476b6036d69cc945c0832f9ab968315f3f8ab9a21cd1ef137ce9

Certificate Info

IssuerGoogle Trust Services

Subjectupload.video.google.com

FingerprintDC:40:BF:B1:59:C9:CC:B5:4A:38:2D:D0:16:8D:06:A5:1D:B4:08:8B

ValidityMon, 23 Jun 2025 08:41:28 GMT - Mon, 15 Sep 2025 08:41:27 GMT

HTTP Headers

GET /css?family=Libre+Franklin:200,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://utweb.rainberrytv.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Jul 2025 19:06:32 GMT
date: Sat, 19 Jul 2025 19:06:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-Z28525QR15

142.250.178.72

200 OK

370 kB

URL

www.googletagmanager.com/gtag/js?id=G-Z28525QR15

IP / ASN

142.250.178.72

#15169 GOOGLE

Requested byhttps://utweb.rainberrytv.com/gui/share.html

Resource Info

File typeJavaScript source, ASCII text, with very long lines (6004)

First Seen2025-07-19

Last Seen2025-07-19

Times Seen1

Size370 kB (370349 bytes)

MD5f0d601aeeb84e7f7706861acceee700b

SHA1219e61acb55d70eee17840a301c1a2278f4426e5

SHA25685752352f76f2f5bfafe122346070b78a231bc939249e46c302d3c5e6ad3e13d

Certificate Info

IssuerGoogle Trust Services

Subject*.google-analytics.com

Fingerprint3A:12:37:38:16:E5:9F:51:4E:B7:1D:5F:1F:C0:84:BB:92:EA:9E:20

ValidityMon, 23 Jun 2025 08:40:16 GMT - Mon, 15 Sep 2025 08:40:15 GMT

HTTP Headers

GET /gtag/js?id=G-Z28525QR15 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://utweb.rainberrytv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Jul 2025 19:06:32 GMT
expires: Sat, 19 Jul 2025 19:06:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 127205
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/librefranklin/v19/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

142.250.178.99

200 OK

29 kB

URL

fonts.gstatic.com/s/librefranklin/v19/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

IP / ASN

142.250.178.99

#15169 GOOGLE

Requested byhttps://utweb.rainberrytv.com/gui/share.html

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 29336, version 1.0

First Seen2024-10-02

Last Seen2025-08-01

Times Seen775

Size29 kB (29336 bytes)

MD5e762e44cb164b541165601daed140a13

SHA1510cfd47e5fa014beae4ad527cfa1b6d31141789

SHA256c4d5d8c2ab89b2f588e061a7d40627b75dbdb7d3288683fd44bdd4e894ca359b

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

Fingerprint9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA

ValidityMon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT

HTTP Headers

GET /s/librefranklin/v19/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://utweb.rainberrytv.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29336
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Jul 2025 17:16:48 GMT
expires: Fri, 17 Jul 2026 17:16:48 GMT
cache-control: public, max-age=31536000
age: 179384
last-modified: Wed, 28 May 2025 16:58:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET utweb.rainberrytv.com/gui/static/imgs/ut-favicon.ico

3.167.2.10

200 OK

4.3 kB

URL

utweb.rainberrytv.com/gui/static/imgs/ut-favicon.ico

IP / ASN

3.167.2.10

Requested byhttps://utweb.rainberrytv.com/gui/share.html

Resource Info

File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel

First Seen2023-05-07

Last Seen2025-07-27

Times Seen121

Size4.3 kB (4286 bytes)

MD54945a47bd094566a117942d85acedc9f

SHA16105f806156b5c1ce48b8137a16d6d1001e11299

SHA256f5d02ba6c0fb8255ca702a5d88556186b481437d7ab32180235d97fbce46da5a

Certificate Info

IssuerAmazon

Subject*.rainberrytv.com

Fingerprint04:16:73:27:85:D8:5B:84:A4:86:F9:9E:0F:5F:43:CE:1E:3E:E8:9C

ValiditySat, 12 Apr 2025 00:00:00 GMT - Tue, 12 May 2026 23:59:59 GMT

HTTP Headers

GET /gui/static/imgs/ut-favicon.ico HTTP/1.1
Host: utweb.rainberrytv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://utweb.rainberrytv.com/gui/share.html
Cookie: _ga_Z28525QR15=GS2.1.s1752951992$o1$g0$t1752951992$j60$l0$h0; _ga=GA1.1.281531376.1752951993
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/x-icon
content-length: 4286
last-modified: Mon, 19 May 2025 08:49:46 GMT
server: AmazonS3
date: Sat, 19 Jul 2025 00:20:55 GMT
etag: "4945a47bd094566a117942d85acedc9f"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 94fbdabfcc07b91a0e8ffbb741347df8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: rLuTWNTtfkLR7xz6sg_Suo_PH8O4_J_ANleLEuRpt0Op63We1HWqHg==
age: 67538
X-Firefox-Spdy: h2