Report - immediatefusion-engine.com/it/

Report Overview

Visited public
2025-07-03 17:47:17
Tags
Submit Tags
URL
immediatefusion-engine.com/it/
Finishing URL
immediatefusion-engine.com/it/
IP / ASN
185.62.58.189
#62370 Snel.com B.V.
Title
Immediate Fusion ™ - Sito Web ufficiale dell'app 2025 [AGGIORNATO]

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-07-02	527 B	29 kB	142.250.74.10
d3e54v103j8qbb.cloudfront.net	unknown	2008-04-25	2016-03-11	2025-07-03	533 B	90 kB	54.230.245.53
immediatefusion-engine.com	unknown	2025-05-26	2025-07-03	2025-07-03	8.2 kB	346 kB	185.62.58.189
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-07-02	5.1 kB	282 kB	142.250.74.35
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-07-02	1.0 kB	36 kB	104.17.25.14
api.immediatefusion-engine.com	unknown	2025-05-26	2025-07-03	2025-07-03	1.4 kB	66 kB	172.67.221.12
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-07-02	454 B	14 kB	142.250.178.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-07-03	medium	immediatefusion-engine.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	From	Size	First Seen	Last Seen
	immediatefusion-engine.com/it/	ScriptElement	181 B	2023-03-07	2025-07-21
Pretty URL immediatefusion-engine.com/it/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17 Last Seen2025-07-21 05:38 Times Seen21182 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	immediatefusion-engine.com/assets/languageSwitcher.js	ScriptElement	1.1 kB	2023-07-24	2025-07-19
Pretty URL immediatefusion-engine.com/assets/languageSwitcher.js IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-24 11:10 Last Seen2025-07-19 02:26 Times Seen227 Hash 6dd666393aca76e7608e5ea0886102ae dc2f00219490ff31cbcbf1148e1a8e936aaf0531 65baaf73001c13bbb1ae1934c4267e35f27855d25a0f2d2ac3dd20f0df6d66ba Loading...

	immediatefusion-engine.com/js/the-bitcoin-traders-app-new.js	ScriptElement	52 kB	2025-03-15	2025-07-03
Pretty URL immediatefusion-engine.com/js/the-bitcoin-traders-app-new.js IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-15 22:00 Last Seen2025-07-03 17:47 Times Seen7 Hash d9ce7e3592c23aa1cb97e30cbf181ec0 a0b6db8728bc642a436bdd582e16517ab021d179 e6ee7efda89d3aac8247ba7c199b1e5f78870e4fbaf330bc109e1eefb04155d1 Loading...

	immediatefusion-engine.com/it/	ScriptElement	178 B	2025-07-03	2025-07-03
Pretty URL immediatefusion-engine.com/it/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-07-03 17:47 Last Seen2025-07-03 17:47 Times Seen1 Hash 61bec22d6b7ce9b085c0ca97ca77ea74 4d6ea47772e2287ca779a009ab3270925c260b4c 5dbd15cdc2b6eb85f097beec6282a1160bfaa1c7d6004584c37f35fd957d8e58 Loading...

	ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js	ScriptElement	13 kB	2023-03-07	2025-07-21
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js IP 142.250.178.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-07-21 05:31 Times Seen21461 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	api.immediatefusion-engine.com/dist/js/loader.js	ScriptElement	9.8 kB	2024-07-03	2025-07-19
Pretty URL api.immediatefusion-engine.com/dist/js/loader.js IP 172.67.221.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-03 02:39 Last Seen2025-07-19 02:26 Times Seen206 Hash 3a609df0d4643fa4861a3ab6ba295bdc 1a50548665835183a7dcd1b8fe681bee9ff8003f 07355c339c1b5e618d742af78400302fc96ad1e601a08b554c4c3d24472a4fd6 Loading...

	immediatefusion-engine.com/it/	EventHandler	16 B	2023-04-10	2025-07-21
Pretty URL immediatefusion-engine.com/it/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57 Last Seen2025-07-21 06:15 Times Seen74995 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	immediatefusion-engine.com/it/	ScriptElement	1.8 kB	2024-10-14	2025-07-03
Pretty URL immediatefusion-engine.com/it/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-14 05:58 Last Seen2025-07-03 17:47 Times Seen8 Hash 92c831e363f66ca8b85b7c4ae6fdcdb0 494c3cc5f953562557e0f9c82f837addf33841ab 2268db52546dafa305a7af33a74f77d843e0838cce56b7b24f067b6885c3145d Loading...

	d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=632c33c83829ee13743e5bc2	ScriptElement	90 kB	2023-03-07	2025-07-21
Pretty URL d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=632c33c83829ee13743e5bc2 IP 54.230.245.53 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-21 06:19 Times Seen125279 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	immediatefusion-engine.com/it/	ScriptElement	124 B	2025-03-15	2025-07-03
Pretty URL immediatefusion-engine.com/it/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-15 22:00 Last Seen2025-07-03 17:47 Times Seen7 Hash 1df45b3d32fffd75bed881c56c8753cd 69bf9bf4b20dd6f95749a03f017f502fc4d8d15d 3a4662ab2fc1730bbbccab88c12d89e0df58edd8537d126d6ab7050a3413b5ad Loading...

	immediatefusion-engine.com/it/	ScriptElement	435 B	2023-03-14	2025-07-19
Pretty URL immediatefusion-engine.com/it/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 10:45 Last Seen2025-07-19 02:26 Times Seen215 Hash 9654491a44ebf24e2758586599482b82 b4becc498cfc06d797a233d36bf2e6645476b53d 873b1577af7c21cc3661dd7524f4f8fa4c7735a5c96c170c988e47c29a85fe24 Loading...

	immediatefusion-engine.com/it/	ScriptElement	1.3 kB	2025-03-15	2025-07-03
Pretty URL immediatefusion-engine.com/it/ IP 185.62.58.189 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-15 22:00 Last Seen2025-07-03 17:47 Times Seen7 Hash 15330479268240ab054b1be8d74fba6e 52306d97121021829d7cdfd7f70e4ea39678d9dc 653f7072ae80e582ce00da062ef1f8d338a91b0ea94bfc286293e36858496ebe Loading...

HTTP Transactions (34)

URL IP Response Size

GET immediatefusion-engine.com/css/components.css

185.62.58.189

200 OK

30 kB

URL GET
immediatefusion-engine.com/css/components.css
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
ASCII text, with very long lines (30139), with no line terminators
Size
30 kB (30139 bytes)
Hash
3b78d70d092468056b4c049327a8c478
18a0c6c66929faba08012170288c90d2fcbbd192
b77ff7000752c0f9d1ac2a031002a2bd2a32ffad1f1ba7ce8e8c2bcdbca65cbe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/components.css HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:40 GMT
content-type: text/css
content-length: 30139
last-modified: Thu, 05 Jun 2025 11:11:05 GMT
etag: "68417b49-75bb"
expires: Thu, 10 Jul 2025 17:46:40 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/images/login-ico_1login-ico.png

185.62.58.189

200 OK

160 B

URL GET
immediatefusion-engine.com/images/login-ico_1login-ico.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
RIFF (little-endian) data, Web/P image
Size
160 B (160 bytes)
Hash
a75b8d44f1d64b55f09bb0d27230de5d
a49a5d0a8cd0f7e100e71baa83da6eb230c47fc8
bc273fb4ca58d238d33fb2850f6b4f85dfff7915a61b99c7f522137fb953eed4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/login-ico_1login-ico.png HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: image/webp
content-length: 160
last-modified: Thu, 05 Jun 2025 11:11:06 GMT
etag: "68417b4a-a0"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2

142.250.74.35

200 OK

23 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22796, version 1.0
Size
23 kB (22796 bytes)
Hash
40ee6416c01f7a00cb9e1c3cef551f68
dff6282f80563c09ed0d584f15fdc0fc0078731f
c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://immediatefusion-engine.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 10:06:25 GMT
expires: Fri, 03 Jul 2026 10:06:25 GMT
cache-control: public, max-age=31536000
age: 27616
last-modified: Thu, 29 May 2025 23:30:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/flags/4x3/it.svg

104.17.25.14

200 OK

292 B

URL GET
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/flags/4x3/it.svg
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
SVG Scalable Vector Graphics image
Size
292 B (292 bytes)
Hash
8d15de04f5f6e8e89cab4e5eb237f607
01b40cef32d2b471ba6596fbac7b6dcdae637c12
2d46fd7fde3f19c3f278fe9028e6fab6fa997fbdda3e18116fb70e57cfc78598

HTTP Headers

GET /ajax/libs/flag-icon-css/3.4.6/flags/4x3/it.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 184
cf-ray: 9598342bde01568a-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5d-124"
last-modified: Mon, 04 May 2020 16:10:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 34626
expires: Tue, 23 Jun 2026 17:46:41 GMT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=al3itdDLuP6TfVurKZhWSMTq4XrBHPzOaOyjbF2bVpxkpJ8PJ15Xxf4X8ymImYPcZFds6DKD6GpGrxlhDKUkfaFlvc5u8WTE6KbZvFx4JhLbPDoyom%2BNexT386AOhDxaAo0cLOti"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET immediatefusion-engine.com/images/favicon.ico?v=1749121860

185.62.58.189

200 OK

1.4 kB

URL GET
immediatefusion-engine.com/images/favicon.ico?v=1749121860
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1392 bytes)
Hash
fa06834e024f013ff6b9c7270626b234
3270bdb9249746cfd9ed4a02ec1228b991a0420a
911d397421f52cc6b4817bb97d8bc6991799c8a50f2c936be172948869bfbbba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/favicon.ico?v=1749121860 HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: image/x-icon
last-modified: Tue, 27 May 2025 13:28:08 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fjSOL7K%2FdM8MuwRCvOWIG6jUOfpDzCiNTcNwEjwxJ%2BrbIpkGujj1ZdAPSckfkESN6SU27X%2B8ZbyjnYHRH46hEdPl7ifWxegh0i4mXO9KjmdFfiU%3D"}]}
age: 1578
cache-control: max-age=14400
cf-cache-status: HIT
etag: W/"6835bde8-570"
content-encoding: br
cf-ray: 9598342c0f6db89a-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/assets/languageSwitcher.css

185.62.58.189

200 OK

2.6 kB

URL GET
immediatefusion-engine.com/assets/languageSwitcher.css
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
ASCII text
Size
2.6 kB (2630 bytes)
Hash
34f9a98a85713580849f35db50174b74
f7d7c21843e2df3ec700d6564d092aaa9c9ec298
8ea67b667dec3a3e1f29bed71a5f30c4338465e05f880586f2cb970159996e39

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/languageSwitcher.css HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:40 GMT
content-type: text/css
content-length: 2630
last-modified: Thu, 05 Jun 2025 11:11:03 GMT
etag: "68417b47-a46"
expires: Thu, 10 Jul 2025 17:46:40 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/images/trade-ico-1-.png

185.62.58.189

200 OK

252 B

URL GET
immediatefusion-engine.com/images/trade-ico-1-.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
RIFF (little-endian) data, Web/P image
Size
252 B (252 bytes)
Hash
9a14a1dc7ce87e591459c42466addb1d
ac23b80df071e27dc3ea0cad8181a36d5d80f118
1dad20e33d43b2d8abb476fd05b1c42a1b991a79620675cf6f046020c8657a15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/trade-ico-1-.png HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/css/the-bitcoin-traders-app-new.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: image/webp
content-length: 252
last-modified: Thu, 05 Jun 2025 11:11:07 GMT
etag: "68417b4b-fc"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/images/main-bg-1.jpg

185.62.58.189

200 OK

5.9 kB

URL GET
immediatefusion-engine.com/images/main-bg-1.jpg
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1110x1318, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.9 kB (5946 bytes)
Hash
c79f5dcb4dba2dab17610a43aa26ca4c
6466071b9efde00579c64348e390735ae1455c1a
313802727f4679d154d76da208cd24262a11f968e855cf0fe78b7ee88629076d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/main-bg-1.jpg HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/css/the-bitcoin-traders-app-new.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: image/webp
content-length: 5946
last-modified: Thu, 05 Jun 2025 11:11:06 GMT
etag: "68417b4a-173a"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css

104.17.25.14

200 OK

34 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
ASCII text, with very long lines (33818), with no line terminators
Size
34 kB (33818 bytes)
Hash
79fb36dda0a235254c3e31bf00b57065
89eb6d6adc16de57dda315fb2b5602bfe5728ccf
623702bd791d4553ae7226c2f48e26052e359573eb59fa98d819e9b248593e7c

HTTP Headers

GET /ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: text/css; charset=utf-8
content-length: 1466
cf-ray: 9598342a3d28712a-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5d-841a"
last-modified: Mon, 04 May 2020 16:10:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 93622
expires: Tue, 23 Jun 2026 17:46:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEQw9V2Oe6KLKyl1AD%2FwIkNJXLzHK%2FiMsHma4TTuoLzsUpyMBbaOV5pPE0PAz9nB63%2BKbZcuuZD6wfpgzM69EZdQLO0XUBMZOg0H%2BVjpB6Hmo2gXHszV0CydnDgzM%2FsAZcO8POYQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2

142.250.74.35

200 OK

23 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22796, version 1.0
Size
23 kB (22796 bytes)
Hash
40ee6416c01f7a00cb9e1c3cef551f68
dff6282f80563c09ed0d584f15fdc0fc0078731f
c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://immediatefusion-engine.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 10:06:25 GMT
expires: Fri, 03 Jul 2026 10:06:25 GMT
cache-control: public, max-age=31536000
age: 27616
last-modified: Thu, 29 May 2025 23:30:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://immediatefusion-engine.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 10:09:08 GMT
expires: Fri, 03 Jul 2026 10:09:08 GMT
cache-control: public, max-age=31536000
age: 27453
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://immediatefusion-engine.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 10:09:08 GMT
expires: Fri, 03 Jul 2026 10:09:08 GMT
cache-control: public, max-age=31536000
age: 27453
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/css/the-bitcoin-traders-app-new.css

185.62.58.189

200 OK

44 kB

URL GET
immediatefusion-engine.com/css/the-bitcoin-traders-app-new.css
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
ASCII text, with very long lines (43598), with no line terminators
Size
44 kB (43598 bytes)
Hash
7cd456230acd0723d3e21d9eca966278
5ddef82e597cf5baf428f3181f25316356520bca
0cfa105fd6dc509db13a26068dc12b214b03a6c1a1744905a91ff310d17e3053

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/the-bitcoin-traders-app-new.css HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:40 GMT
content-type: text/css
content-length: 43598
last-modified: Thu, 05 Jun 2025 11:11:05 GMT
etag: "68417b49-aa4e"
expires: Thu, 10 Jul 2025 17:46:40 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/images/main-bg-2.png

185.62.58.189

200 OK

56 kB

URL GET
immediatefusion-engine.com/images/main-bg-2.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
RIFF (little-endian) data, Web/P image
Size
56 kB (56030 bytes)
Hash
e04b7b2a207dceff25eedbd3d18287b8
791f07ac265f6cea1ee64a78cfc51687ff1cce40
d601c03abac80f21c5757fa665b3aa9cb97618ca84b53f89d5081b988619add4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/main-bg-2.png HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/css/the-bitcoin-traders-app-new.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: image/webp
content-length: 56030
last-modified: Thu, 05 Jun 2025 11:11:06 GMT
etag: "68417b4a-dade"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://immediatefusion-engine.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 10:09:08 GMT
expires: Fri, 03 Jul 2026 10:09:08 GMT
cache-control: public, max-age=31536000
age: 27453
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET api.immediatefusion-engine.com/images/loader.svg?74ab3a4b65d04814e59a43543c8379f0

172.67.221.12

200 OK

1.2 kB

URL GET
api.immediatefusion-engine.com/images/loader.svg?74ab3a4b65d04814e59a43543c8379f0
IP
172.67.221.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subjectimmediatefusion-engine.com
Fingerprint15:6D:62:83:D7:31:1C:40:67:CC:22:CF:90:D5:48:FA:33:46:9C:38
ValidityTue, 27 May 2025 09:13:16 GMT - Mon, 25 Aug 2025 10:11:51 GMT

File type
SVG Scalable Vector Graphics image
Size
1.2 kB (1236 bytes)
Hash
74ab3a4b65d04814e59a43543c8379f0
8e5a0a73079044e6dca128329d6c95d39bd70266
f319d450c3745ce3b0767b2402f9a26b57ffc4a49753d6726a208b70e6858fa5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/loader.svg?74ab3a4b65d04814e59a43543c8379f0 HTTP/1.1
Host: api.immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://api.immediatefusion-engine.com/dist/css/integration.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: image/svg+xml
server: cloudflare
last-modified: Thu, 19 Oct 2023 12:39:52 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=F9FUPwNf9uJTC9BWnHH9sXLFQtTfwSsOaWwAI%2FFi4v3fuoWG4Vf%2Fj2yfvz%2F4g3LRoTHL9Cfg%2B%2FqugMPjqMSsZMBZRIskxYV43df0C8UiZdVO4BP%2FKa3AzHt2vSM%3D"}]}
cache-control: public, max-age=432000, must-revalidate
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"4d4-608110d5e1600;636e4f2032640"
content-encoding: br
cf-ray: 95983429fa477127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/it/

185.62.58.189

200 OK

82 kB

URL User Request GET
immediatefusion-engine.com/it/
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (638)
Size
82 kB (82272 bytes)
Hash
59767ee95cd56a297e852eedd6558e3d
01e47e5d13c7348a188f5c1e63dfdd7b944d410b
a823fb5d709a21403f97f69363219980dc080eee341656fb1d09c3246f1839b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /it/ HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:40 GMT
content-type: text/html
content-length: 82272
last-modified: Thu, 05 Jun 2025 11:11:03 GMT
etag: "68417b47-14160"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

142.250.178.42

200 OK

13 kB

URL GET
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
JavaScript source, ASCII text, with very long lines (2134)
Size
13 kB (13188 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

HTTP Headers

GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 15:02:51 GMT
expires: Fri, 03 Jul 2026 15:02:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 9830
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/images/trade-ico-3.png

185.62.58.189

200 OK

254 B

URL GET
immediatefusion-engine.com/images/trade-ico-3.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
RIFF (little-endian) data, Web/P image
Size
254 B (254 bytes)
Hash
4a0f71edff73f125ad8f8e3ce7b107e7
aea7ffe3bc8ed2564cf62d25990f031680c7e14f
05df54644b330492beb3859c00b28436babfb866d3e0cc2c30c071ab372dce5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/trade-ico-3.png HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/css/the-bitcoin-traders-app-new.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: image/webp
content-length: 254
last-modified: Thu, 05 Jun 2025 11:11:07 GMT
etag: "68417b4b-fe"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/images/scam-bg.jpg

185.62.58.189

200 OK

11 kB

URL GET
immediatefusion-engine.com/images/scam-bg.jpg
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1865, Scaling: [none]x[none], YUV color, decoders should clamp
Size
11 kB (10572 bytes)
Hash
6abd815a45b32e51caebee71cab52e61
215ad21772d47836e05b9dd29c929c47b21824b0
6b2402a83b871e572992428ad16faaa95842b00fea37273520feeb4869b4d929

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/scam-bg.jpg HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/css/the-bitcoin-traders-app-new.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: image/webp
content-length: 10572
last-modified: Thu, 05 Jun 2025 11:11:07 GMT
etag: "68417b4b-294c"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap

142.250.74.10

200 OK

28 kB

URL GET
fonts.googleapis.com/css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
ASCII text, with very long lines (1572)
Size
28 kB (27925 bytes)
Hash
f4750af68367a47f008eb72275951b1d
b1e63e8057fda6c66d2e611eb66dd276b3757eaf
263747406fe01f080646b58ebbb63367d1255a8051c7bb08be373390158e0e04

HTTP Headers

GET /css?family=Roboto:300,regular,500,700,900&subset=cyrillic,greek,latin,vietnamese&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 03 Jul 2025 17:46:41 GMT
date: Thu, 03 Jul 2025 17:46:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET api.immediatefusion-engine.com/dist/js/loader.js

172.67.221.12

200 OK

9.8 kB

URL GET
api.immediatefusion-engine.com/dist/js/loader.js
IP
172.67.221.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subjectimmediatefusion-engine.com
Fingerprint15:6D:62:83:D7:31:1C:40:67:CC:22:CF:90:D5:48:FA:33:46:9C:38
ValidityTue, 27 May 2025 09:13:16 GMT - Mon, 25 Aug 2025 10:11:51 GMT

File type
JavaScript source, ASCII text, with very long lines (9753)
Size
9.8 kB (9817 bytes)
Hash
3a609df0d4643fa4861a3ab6ba295bdc
1a50548665835183a7dcd1b8fe681bee9ff8003f
07355c339c1b5e618d742af78400302fc96ad1e601a08b554c4c3d24472a4fd6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dist/js/loader.js HTTP/1.1
Host: api.immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: application/javascript
content-length: 3529
server: cloudflare
last-modified: Tue, 25 Jun 2024 08:23:23 GMT
etag: "2659-61bb29c7054c0;636e4f2032640-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=432000, must-revalidate
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cWmO76fl6epISh7xvRtoJ7XxZv0%2BVniKu34goNI2vvhW94JB62gJxoJhpKzxc5XxvuBX2dS92D6Y42XAKG%2BHl6c9UbCqIklRMfaQmukguPOeMefd2Mk6T57HXo8%3D"}]}
cf-ray: 959834284fac7127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2

142.250.74.35

200 OK

23 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22796, version 1.0
Size
23 kB (22796 bytes)
Hash
40ee6416c01f7a00cb9e1c3cef551f68
dff6282f80563c09ed0d584f15fdc0fc0078731f
c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://immediatefusion-engine.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 10:06:25 GMT
expires: Fri, 03 Jul 2026 10:06:25 GMT
cache-control: public, max-age=31536000
age: 27616
last-modified: Thu, 29 May 2025 23:30:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2

142.250.74.35

200 OK

23 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22796, version 1.0
Size
23 kB (22796 bytes)
Hash
40ee6416c01f7a00cb9e1c3cef551f68
dff6282f80563c09ed0d584f15fdc0fc0078731f
c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://immediatefusion-engine.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 10:06:25 GMT
expires: Fri, 03 Jul 2026 10:06:25 GMT
cache-control: public, max-age=31536000
age: 27616
last-modified: Thu, 29 May 2025 23:30:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://immediatefusion-engine.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 10:09:08 GMT
expires: Fri, 03 Jul 2026 10:09:08 GMT
cache-control: public, max-age=31536000
age: 27453
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/css/normalize.css

185.62.58.189

200 OK

1.9 kB

URL GET
immediatefusion-engine.com/css/normalize.css
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
ASCII text, with very long lines (1863), with no line terminators
Size
1.9 kB (1863 bytes)
Hash
335a5b1351b11607e99d488a4fb435ec
676a51c37049628da4ec2431f80472f2ccc02b70
d95ef29b3a8ea5e57fc7385f0b2f798c2843268c45b727d3a87eb5ef85504a4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/normalize.css HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:40 GMT
content-type: text/css
content-length: 1863
last-modified: Thu, 05 Jun 2025 11:11:05 GMT
etag: "68417b49-747"
expires: Thu, 10 Jul 2025 17:46:40 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/images/poster_index.jpg

185.62.58.189

200 OK

50 kB

URL GET
immediatefusion-engine.com/images/poster_index.jpg
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 884x442, Scaling: [none]x[none], YUV color, decoders should clamp
Size
50 kB (50446 bytes)
Hash
2abb5a240b6942c65b21e8a569243011
53b458bc98dd7d1f66dcfaeaf20d7ef83f20e368
a991d3c29bc73ec594f0407865ad91666270b73329c786ed3e4b5fda5710a07f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/poster_index.jpg HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:40 GMT
content-type: image/webp
content-length: 50446
last-modified: Thu, 05 Jun 2025 11:11:06 GMT
etag: "68417b4a-c50e"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=632c33c83829ee13743e5bc2

54.230.245.53

200 OK

90 kB

URL GET
d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=632c33c83829ee13743e5bc2
IP
54.230.245.53:443
ASN
#16509 AMAZON-02

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerAmazon
Subject*.cloudfront.net
Fingerprint8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72
ValidityMon, 05 May 2025 00:00:00 GMT - Thu, 23 Apr 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=632c33c83829ee13743e5bc2 HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://immediatefusion-engine.com
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 03 Jul 2025 02:00:03 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: accept-encoding
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
age: 57543
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uYqxyQQTi2fRczBbIyd_TD0K1EjPuz5limuONKTFQRk3i79up97reA==
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/images/trade-ico-2.png

185.62.58.189

200 OK

358 B

URL GET
immediatefusion-engine.com/images/trade-ico-2.png
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
RIFF (little-endian) data, Web/P image
Size
358 B (358 bytes)
Hash
938d1b705f35487ab347b92e4b6cb31e
f18de5cceed9b12f2f0c63b2dc496ca8af351c82
884c6035ed9bb01008e024041e4311443ccc42e1bb7887bd4e42da94c1e42af0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/trade-ico-2.png HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/css/the-bitcoin-traders-app-new.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: image/webp
content-length: 358
last-modified: Thu, 05 Jun 2025 11:11:07 GMT
etag: "68417b4b-166"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET api.immediatefusion-engine.com/dist/css/integration.css

172.67.221.12

200 OK

52 kB

URL GET
api.immediatefusion-engine.com/dist/css/integration.css
IP
172.67.221.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subjectimmediatefusion-engine.com
Fingerprint15:6D:62:83:D7:31:1C:40:67:CC:22:CF:90:D5:48:FA:33:46:9C:38
ValidityTue, 27 May 2025 09:13:16 GMT - Mon, 25 Aug 2025 10:11:51 GMT

File type
ASCII text, with very long lines (52366), with no line terminators
Size
52 kB (52366 bytes)
Hash
74670b86d313fc9c1cfecc4577320a49
2e6f390b8455dc82ad94c868fd31c9e485d448b6
862218562bab023f4a3b3d4b4ad6f5319d8efce39f59e2eafe99e9b080805102

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dist/css/integration.css HTTP/1.1
Host: api.immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 03 Jul 2025 17:46:41 GMT
content-type: text/css
content-length: 9144
server: cloudflare
last-modified: Wed, 02 Apr 2025 23:20:26 GMT
etag: "cc8e-631d3e5f28280;636e4f2032640-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=432000, must-revalidate
cf-cache-status: MISS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=e%2Bs12Yu503fU0I1hE22S%2F78e0HkpIgCCeqmhRGa9zCfDKjwhySr7q7uU58%2BKkI22afMvia6Bg%2Br%2FIoHOUJ2Tr6oqs1aaC9Jo9o7xrFhOzIB8CMBDoLi4SaVE%2F50%3D"}]}
cf-ray: 959834284fb17127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/images/logo.png?v=1749121860

185.62.58.189

200 OK

1.4 kB

URL GET
immediatefusion-engine.com/images/logo.png?v=1749121860
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1392 bytes)
Hash
fa06834e024f013ff6b9c7270626b234
3270bdb9249746cfd9ed4a02ec1228b991a0420a
911d397421f52cc6b4817bb97d8bc6991799c8a50f2c936be172948869bfbbba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/logo.png?v=1749121860 HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:40 GMT
content-type: image/png
content-length: 1392
last-modified: Tue, 27 May 2025 13:28:07 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "6835bde7-570"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
age: 1579
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qvhm2ojAtgLiIr68ylDu9xEh%2BenAPLNYt8oMFGPGm8mlkCyrthejgSXR5XJU65q0rOD0xQToZ6zkZnO4vQ0zG1co4c9FT09df8DTuhXc635l19E%3D"}]}
cf-ray: 95983425a9cb6642-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/js/the-bitcoin-traders-app-new.js

185.62.58.189

200 OK

52 kB

URL GET
immediatefusion-engine.com/js/the-bitcoin-traders-app-new.js
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
JavaScript source, ASCII text, with very long lines (28765)
Size
52 kB (51648 bytes)
Hash
d9ce7e3592c23aa1cb97e30cbf181ec0
a0b6db8728bc642a436bdd582e16517ab021d179
e6ee7efda89d3aac8247ba7c199b1e5f78870e4fbaf330bc109e1eefb04155d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/the-bitcoin-traders-app-new.js HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:40 GMT
content-type: application/javascript
content-length: 51648
last-modified: Thu, 05 Jun 2025 11:11:03 GMT
etag: "68417b47-c9c0"
expires: Thu, 10 Jul 2025 17:46:40 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET immediatefusion-engine.com/assets/languageSwitcher.js

185.62.58.189

200 OK

1.1 kB

URL GET
immediatefusion-engine.com/assets/languageSwitcher.js
IP
185.62.58.189:443
ASN
#62370 Snel.com B.V.

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerLet's Encrypt
Subjectimmediatefusion-engine.com
FingerprintFF:D9:85:63:58:30:BA:79:FB:AE:20:B3:8F:B8:61:47:D2:80:40:E4
ValidityTue, 27 May 2025 14:42:11 GMT - Mon, 25 Aug 2025 14:42:10 GMT

File type
JavaScript source, ASCII text
Size
1.1 kB (1109 bytes)
Hash
6dd666393aca76e7608e5ea0886102ae
dc2f00219490ff31cbcbf1148e1a8e936aaf0531
65baaf73001c13bbb1ae1934c4267e35f27855d25a0f2d2ac3dd20f0df6d66ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/languageSwitcher.js HTTP/1.1
Host: immediatefusion-engine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://immediatefusion-engine.com/it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.1
date: Thu, 03 Jul 2025 17:46:40 GMT
content-type: application/javascript
content-length: 1109
last-modified: Thu, 05 Jun 2025 11:11:03 GMT
etag: "68417b47-455"
expires: Thu, 10 Jul 2025 17:46:40 GMT
cache-control: max-age=604800, max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2

142.250.74.35

200 OK

23 kB

URL GET
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://immediatefusion-engine.com/it/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
ValidityMon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22796, version 1.0
Size
23 kB (22796 bytes)
Hash
40ee6416c01f7a00cb9e1c3cef551f68
dff6282f80563c09ed0d584f15fdc0fc0078731f
c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb

HTTP Headers

GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://immediatefusion-engine.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 10:06:25 GMT
expires: Fri, 03 Jul 2026 10:06:25 GMT
cache-control: public, max-age=31536000
age: 27616
last-modified: Thu, 29 May 2025 23:30:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML