Report - isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip

Report Overview

Visited public
2024-03-18 04:48:57
Tags
URL
isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Finishing URL
isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
IP / ASN
82.118.242.147
#201133 Verdina Ltd.
Title
pure-onyx-0.100.0-win.zip - IsekaiExpress

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
isekaiexpress.cloud	unknown	2024-02-12	2024-02-12 22:52:17	2024-03-16 22:53:50	18 kB	1.5 MB	82.118.242.147
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-03-18 01:41:39	3.3 kB	266 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-03-18 02:10:19	925 B	14 kB	142.250.74.170
www.freedownloadmanager.org	451204	2004-04-20	2017-02-01 20:49:01	2024-03-13 05:56:09	441 B	2.6 kB	74.117.181.203

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed
2024-03-18	medium	isekaiexpress.cloud	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	From	Size	First Seen	Last Seen
	isekaiexpress.cloud/themes/spirit/assets/frontend/js/flickity.min.js	ScriptElement	54 kB	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/themes/spirit/assets/frontend/js/flickity.min.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-04 00:12 Times Seen1160 Hash 8c1e666176ac7bdce67d58b45823ffac 75947e4316427ce0c5e33300aeb4dc4d7d54dd09 c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6 Loading...

	isekaiexpress.cloud/themes/spirit/assets/frontend/js/datepicker.js	ScriptElement	21 kB	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/themes/spirit/assets/frontend/js/datepicker.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-04 00:12 Times Seen3234 Hash 8cfe207a6a21c7495cfb751c761217a6 35d686a6c4ecc9946c35444ce93e110cb0e1611c 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc Loading...

	unknown	DomTimer	313 B	2024-02-22	2024-11-06
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-02-22 17:57 Last Seen2024-11-06 20:46 Times Seen18 Hash d49740d43b1d304461d875098f8dee55 d7dc845fa9e79e450405b2f1cf60697b9faaa372 0bad518e32722591c8994e4788a91ba600526846e411a0859ca5d596524e59a9 Loading...

	isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip	ScriptElement	44 B	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:28 Last Seen2025-05-04 00:12 Times Seen3456 Hash 21d884540875fb4d2b8f280c541d092c 9f2a58bb4ff1897269b2df54e333ce35d4435b91 8f75c65a00382bae7799a76f3517023df9a72035e9b469e95469b028d4bd0d0a Loading...

	isekaiexpress.cloud/themes/spirit/assets/frontend/js/cookiealert.js	ScriptElement	1.8 kB	2023-03-07	2025-05-02
Pretty URL isekaiexpress.cloud/themes/spirit/assets/frontend/js/cookiealert.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:47 Last Seen2025-05-02 05:21 Times Seen2620 Hash 81279e22c8ece9e1d0536a402484daa3 911797507fb12d4f451d5900e32db96ad697c401 5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab Loading...

	isekaiexpress.cloud/themes/spirit/assets/frontend/js/typed.min.js	ScriptElement	3.9 kB	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/themes/spirit/assets/frontend/js/typed.min.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-04 00:12 Times Seen3841 Hash 2f6185a8a32a50b2b3e04849f44359d4 0e5501588c5c0d1c9462f34b0d56c21abff5bfef 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b Loading...

	isekaiexpress.cloud/themes/spirit/assets/frontend/js/smooth-scroll.min.js	ScriptElement	6.0 kB	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/themes/spirit/assets/frontend/js/smooth-scroll.min.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-04 00:12 Times Seen1157 Hash c9e3a210d83398f301b3a7049c259676 8e227bb40fe120841829a7fef0ffeb091d179a91 aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805 Loading...

	isekaiexpress.cloud/themes/spirit/assets/frontend/js/countdown.min.js	ScriptElement	5.4 kB	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/themes/spirit/assets/frontend/js/countdown.min.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-04 00:12 Times Seen1390 Hash 76a923d3d69255c45cd24bf9b100244f eb3c96f9901692f1a03500ea632963a16afdb985 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5 Loading...

	isekaiexpress.cloud/themes/spirit/assets/frontend/js/scripts.js	ScriptElement	115 kB	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/themes/spirit/assets/frontend/js/scripts.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-04 00:12 Times Seen891 Hash ce260d2170faf98639ab8e0e3758f1e2 32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c Loading...

	isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip	ScriptElement	936 B	2024-08-20	2024-08-20
Pretty URL isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 07:43 Last Seen2024-08-20 07:43 Times Seen1 Hash 710c5872233d096bfa3d4798b3da91fd 34b72f388b64d8934404294ca6e43e9b4060293f ffb27f3eb15572ed4c7a2462e95e5db1bbf321fb86263eda66d48701ec8249ec Loading...

	isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip	ScriptElement	292 B	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:28 Last Seen2025-05-04 00:12 Times Seen3771 Hash f6038f840321581380bcf8e68fbec2ed 9c64ca84baabd04b9994597b90882d8ec7158ba2 fc7d223cc022e6a00869dea89642667579b0ca033afb07bb0070c7b7a0fd23c3 Loading...

	isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery.dataTables.min.js	ScriptElement	70 kB	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery.dataTables.min.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-04 00:12 Times Seen1167 Hash 6fda19caa29287e6f584f0557fdeb6d4 40f58160090cd1f022704ee1352b343adb9e73b9 8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f Loading...

	isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery.steps.min.js	ScriptElement	14 kB	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery.steps.min.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-04 00:12 Times Seen1170 Hash 0eef6fe46d14f860d5666d2c7b13a564 7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe 95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843 Loading...

	isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js	ScriptElement	87 kB	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19 Last Seen2025-05-04 00:12 Times Seen1827 Hash 5b5a269bd363e0886c17d855c2aab241 042dd055cd289215835a58507c9531f808e1648a 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e Loading...

	isekaiexpress.cloud/themes/spirit/assets/frontend/js/granim.min.js	ScriptElement	11 kB	2023-03-07	2025-05-04
Pretty URL isekaiexpress.cloud/themes/spirit/assets/frontend/js/granim.min.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-04 00:12 Times Seen1159 Hash 714368d20c70f8c91b0a596e128dac07 563954ec3a896fc129d014f01836245829f6d01d e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3 Loading...

	isekaiexpress.cloud/js/xads.js	ScriptElement	151 B	2023-03-07	2025-03-14
Pretty URL isekaiexpress.cloud/js/xads.js IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-03-14 16:44 Times Seen68 Hash 5c25805fe76fdff482427cd907c43ded 801c9dae9abb98963162a8b530fd87c2cd4e56c4 5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e Loading...

	isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip	ScriptElement	274 B	2023-03-07	2025-03-14
Pretty URL isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip IP 82.118.242.147 ASN #201133 Verdina Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 23:57 Last Seen2025-03-14 16:44 Times Seen68 Hash f0e7a7a5aafe90c350c62b86e6995bd6 3f356d379bac9d94087f0b2cb2e0239f947b5fd7 1b04af7e8576003abf78857db18b1f464a2c2289d23b9f181bb6c549bad1262b Loading...

HTTP Transactions (42)

URL IP Response Size

isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip

82.118.242.147

200 OK

4.7 kB

URL User Request GET HTTP/1.1
isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
HTML document, ASCII text
Size
4.7 kB (4675 bytes)
Hash
958510ba145f773279e6a9c445cdd33a
abc978bc6bff03d6b79083fc8029406bbd668c16
a67e5030865d8f180c3bbd1b01768177bb30be46c3c479305d73bc8182bbb269

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /um/pure-onyx-0.100.0-win.zip HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa; expires=Tue, 19-Mar-2024 04:48:31 GMT; Max-Age=86400; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, no-cache, private
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Encoding: gzip

isekaiexpress.cloud/themes/spirit/assets/frontend/css/bootstrap.min.css

82.118.242.147

200 OK

77 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/css/bootstrap.min.css
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
ASCII text, with very long lines (65319), with CRLF line terminators
Size
77 kB (76922 bytes)
Hash
9b67b9ffbfcbe226a8c413fa740fd91c
7837bd0c312897e46311aaf472947f3e23d75df2
2642f94894419d1cebdc4a010b9380a7403063dd6d28ea8a80bd5ebd01186732

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 76922
Last-Modified: Mon, 12 Feb 2024 21:16:43 GMT
Connection: keep-alive
ETag: "65ca8abb-12c7a"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/css/stack-interface.css

82.118.242.147

200 OK

3.2 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/css/stack-interface.css
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
3.2 kB (3160 bytes)
Hash
4541b29b6040bc31b760f98e914fd1d7
0521a4f98cdf5e1fde3eeb9cae64fd39075cd9ba
6910b6609166588208a24355d3c3666140dd0d7fcb3884b31eedb72773e44794

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 3160
Last-Modified: Mon, 12 Feb 2024 21:16:46 GMT
Connection: keep-alive
ETag: "65ca8abe-c58"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/css/socicon.css

82.118.242.147

200 OK

9.8 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/css/socicon.css
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
ASCII text, with CRLF line terminators
Size
9.8 kB (9838 bytes)
Hash
910a42ce112991b31b30a735f1006a5f
6c8b4769270f1c86bb1c7a6b54325465395ba614
010e6ffb18715ededb10c4ae5a8518475c138fb63b83ec1c125d09b714ccdd8b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 9838
Last-Modified: Mon, 12 Feb 2024 21:16:46 GMT
Connection: keep-alive
ETag: "65ca8abe-266e"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/css/lightbox.min.css

82.118.242.147

200 OK

3.9 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/css/lightbox.min.css
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
ASCII text, with CRLF line terminators
Size
3.9 kB (3889 bytes)
Hash
30265c8089a8f3e871d0873ef6a5b944
2804a2fe5a6a956626ce6a46adf6b1a0676ee13d
f9f33dca7f9a5a735a0a03502993e0a092df81d820beb1ed4071e4611a9630ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 3889
Last-Modified: Mon, 12 Feb 2024 21:16:45 GMT
Connection: keep-alive
ETag: "65ca8abd-f31"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/css/flickity.css

82.118.242.147

200 OK

2.5 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/css/flickity.css
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
ASCII text, with CRLF line terminators
Size
2.5 kB (2521 bytes)
Hash
244d315064064270eabbbb7ac9f6c700
21ad53d3efbb40154293190173ee0c497ed7651c
ff5fe542e37297733305fb7e68a41b3269a681d64145945f2131a646044c016a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 2521
Last-Modified: Mon, 12 Feb 2024 21:16:44 GMT
Connection: keep-alive
ETag: "65ca8abc-9d9"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/css/jquery.steps.css

82.118.242.147

200 OK

6.0 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/css/jquery.steps.css
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
ASCII text, with CRLF line terminators
Size
6.0 kB (6019 bytes)
Hash
25cfe48e07622a00154b677afcbaeb47
23e3ae1bd04ad1d00d25d30e39815104ceeae52f
709debbdebf13d8d6c85571caee6e44629142518e9336ed1aa01d6e94ab4d056

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 6019
Last-Modified: Mon, 12 Feb 2024 21:16:45 GMT
Connection: keep-alive
ETag: "65ca8abd-1783"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/css/cookiealert.css

82.118.242.147

200 OK

12 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/css/cookiealert.css
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
ASCII text, with very long lines (11486), with CRLF line terminators
Size
12 kB (12369 bytes)
Hash
3d2946aeae3cc8f43e2acf82ea029bd4
c25a0bd445ff9e6034d34e8f388f5565515a2783
705d9fc8952ac3bf3d9300e3d9ea6753284cdd920c34be0213ec8bc862df7a28

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/css/cookiealert.css HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 12369
Last-Modified: Mon, 12 Feb 2024 21:16:43 GMT
Connection: keep-alive
ETag: "65ca8abb-3051"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/css/custom.css

82.118.242.147

200 OK

8.9 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/css/custom.css
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
8.9 kB (8936 bytes)
Hash
65417cde74809cb9b9e66d0ab4adc448
9729ccac013729aed790fdc25d71d858f50a137b
c8dee41785c1f45859a70f3bb9a65b3cba83d866dd46ca0096d07067fec9d280

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 8936
Last-Modified: Mon, 12 Feb 2024 21:16:44 GMT
Connection: keep-alive
ETag: "65ca8abc-22e8"
Accept-Ranges: bytes

isekaiexpress.cloud/cache/themes/spirit/custom_css.css?r=8e254e69764610f34157912380828dd9

82.118.242.147

200 OK

2.9 kB

URL GET HTTP/1.1
isekaiexpress.cloud/cache/themes/spirit/custom_css.css?r=8e254e69764610f34157912380828dd9
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
ASCII text, with very long lines (319)
Size
2.9 kB (2892 bytes)
Hash
32165ed1913d2734828bd438e3de425b
a9664134d42c4f4f2b3fdc00cf304fb21aefe237
729d220f71646ad804180fb9c1cf378dd3dbbb8e6b10629556bfc1712c9b1136

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/spirit/custom_css.css?r=8e254e69764610f34157912380828dd9 HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 2892
Last-Modified: Tue, 13 Feb 2024 00:02:29 GMT
Connection: keep-alive
ETag: "65cab195-b4c"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/js/flickity.min.js

82.118.242.147

200 OK

54 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/js/flickity.min.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JavaScript source, ASCII text, with very long lines (32032), with CRLF line terminators
Size
54 kB (53873 bytes)
Hash
8c1e666176ac7bdce67d58b45823ffac
75947e4316427ce0c5e33300aeb4dc4d7d54dd09
c0b706b9b1ca12b631496228a0eb0fe15ccb14f21ab554f6c4b4f20474e4d3a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/javascript
Content-Length: 53873
Last-Modified: Mon, 12 Feb 2024 21:17:06 GMT
Connection: keep-alive
ETag: "65ca8ad2-d271"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/css/font-awesome.min.css

82.118.242.147

200 OK

59 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/css/font-awesome.min.css
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
ASCII text, with very long lines (58929), with CRLF line terminators
Size
59 kB (59119 bytes)
Hash
879812fc22af75aa3ae7b5666ca4f4b8
df27469a952b7ee36cc03db471c6198f577186a8
c5d7f0d9e646698b20734ce6dcc2c0a8ecf6ebe27b4b7625bfcf42c4416fb7ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 59119
Last-Modified: Mon, 12 Feb 2024 21:16:45 GMT
Connection: keep-alive
ETag: "65ca8abd-e6ef"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/css/iconsmind.css

82.118.242.147

200 OK

103 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/css/iconsmind.css
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
ASCII text, with CRLF line terminators
Size
103 kB (102727 bytes)
Hash
c9b1c618a7b12bd7ecf6034164b29164
f7a4a8bbc3aab1d7bb44659c40a8702f3aa56c99
fc190f724340fc20fd1d175f49c70e70f4acfdd9303ae4f68d9765a2a5958d9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 102727
Last-Modified: Mon, 12 Feb 2024 21:16:45 GMT
Connection: keep-alive
ETag: "65ca8abd-19147"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/js/typed.min.js

82.118.242.147

200 OK

3.9 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/js/typed.min.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JavaScript source, ASCII text, with very long lines (3949), with no line terminators
Size
3.9 kB (3949 bytes)
Hash
2f6185a8a32a50b2b3e04849f44359d4
0e5501588c5c0d1c9462f34b0d56c21abff5bfef
914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/javascript
Content-Length: 3949
Last-Modified: Mon, 12 Feb 2024 21:17:06 GMT
Connection: keep-alive
ETag: "65ca8ad2-f6d"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/css/theme.css

82.118.242.147

200 OK

206 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/css/theme.css
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
206 kB (206456 bytes)
Hash
e13b70f9d6654b3656aec5b1bd5ae02a
903010ac4b9034f6839847a20ecd0f5a728b2b96
8a10549eed29cff62aa0098311b5c1c37601577a11de64f72095aacb90715c8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: text/css
Content-Length: 206456
Last-Modified: Mon, 12 Feb 2024 21:16:46 GMT
Connection: keep-alive
ETag: "65ca8abe-32678"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js

82.118.242.147

200 OK

87 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators
Size
87 kB (86713 bytes)
Hash
5b5a269bd363e0886c17d855c2aab241
042dd055cd289215835a58507c9531f808e1648a
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/javascript
Content-Length: 86713
Last-Modified: Mon, 12 Feb 2024 21:17:08 GMT
Connection: keep-alive
ETag: "65ca8ad4-152b9"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/js/datepicker.js

82.118.242.147

200 OK

21 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/js/datepicker.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JavaScript source, ASCII text, with very long lines (12692), with CRLF line terminators
Size
21 kB (20975 bytes)
Hash
8cfe207a6a21c7495cfb751c761217a6
35d686a6c4ecc9946c35444ce93e110cb0e1611c
804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/javascript
Content-Length: 20975
Last-Modified: Mon, 12 Feb 2024 21:17:04 GMT
Connection: keep-alive
ETag: "65ca8ad0-51ef"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery.dataTables.min.js

82.118.242.147

200 OK

70 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery.dataTables.min.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JavaScript source, ASCII text, with very long lines (768), with CRLF line terminators
Size
70 kB (69754 bytes)
Hash
6fda19caa29287e6f584f0557fdeb6d4
40f58160090cd1f022704ee1352b343adb9e73b9
8ef749c3869991924150dc932c48cd57bf69ac25a378bb2e14f8e1733c17406f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/javascript
Content-Length: 69754
Last-Modified: Mon, 12 Feb 2024 21:17:09 GMT
Connection: keep-alive
ETag: "65ca8ad5-1107a"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/js/granim.min.js

82.118.242.147

200 OK

11 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/js/granim.min.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JavaScript source, ASCII text, with very long lines (10573), with CRLF line terminators
Size
11 kB (10635 bytes)
Hash
714368d20c70f8c91b0a596e128dac07
563954ec3a896fc129d014f01836245829f6d01d
e70b27194b8793b68cccee28a6d8a1e39aae2ce5d28d5e71ac204d7a3ac164e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/javascript
Content-Length: 10635
Last-Modified: Mon, 12 Feb 2024 21:17:06 GMT
Connection: keep-alive
ETag: "65ca8ad2-298b"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery.steps.min.js

82.118.242.147

200 OK

14 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/js/jquery.steps.min.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JavaScript source, ASCII text, with very long lines (13686), with CRLF line terminators
Size
14 kB (13862 bytes)
Hash
0eef6fe46d14f860d5666d2c7b13a564
7ab5f7deaca2f71efbc3bf9f5ba27b89d4697dbe
95a14a4473ff130eb29f3cc02e135978505655e3c931b6c3726dedd4f558f843

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/javascript
Content-Length: 13862
Last-Modified: Mon, 12 Feb 2024 21:17:09 GMT
Connection: keep-alive
ETag: "65ca8ad5-3626"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/js/countdown.min.js

82.118.242.147

200 OK

5.4 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/js/countdown.min.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JavaScript source, ASCII text, with very long lines (4136), with CRLF line terminators
Size
5.4 kB (5360 bytes)
Hash
76a923d3d69255c45cd24bf9b100244f
eb3c96f9901692f1a03500ea632963a16afdb985
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/javascript
Content-Length: 5360
Last-Modified: Mon, 12 Feb 2024 21:17:03 GMT
Connection: keep-alive
ETag: "65ca8acf-14f0"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/js/smooth-scroll.min.js

82.118.242.147

200 OK

6.0 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/js/smooth-scroll.min.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JavaScript source, ASCII text, with very long lines (4887), with CRLF line terminators
Size
6.0 kB (6028 bytes)
Hash
c9e3a210d83398f301b3a7049c259676
8e227bb40fe120841829a7fef0ffeb091d179a91
aeda362b1d693480453b895cbcf8b92629f58240c42ba8c643f0d5d338baf805

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/javascript
Content-Length: 6028
Last-Modified: Mon, 12 Feb 2024 21:17:05 GMT
Connection: keep-alive
ETag: "65ca8ad1-178c"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/js/cookiealert.js

82.118.242.147

200 OK

1.8 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/js/cookiealert.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.8 kB (1836 bytes)
Hash
81279e22c8ece9e1d0536a402484daa3
911797507fb12d4f451d5900e32db96ad697c401
5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/js/cookiealert.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/javascript
Content-Length: 1836
Last-Modified: Mon, 12 Feb 2024 21:17:03 GMT
Connection: keep-alive
ETag: "65ca8acf-72c"
Accept-Ranges: bytes

isekaiexpress.cloud/js/xads.js

82.118.242.147

200 OK

151 B

URL GET HTTP/1.1
isekaiexpress.cloud/js/xads.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
ASCII text
Size
151 B (151 bytes)
Hash
5c25805fe76fdff482427cd907c43ded
801c9dae9abb98963162a8b530fd87c2cd4e56c4
5cbbde1fe725b4456ec4d6be8567710907ec8bcc337f4e875e1bd021d50be75e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/xads.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, must-revalidate, no-cache, no-store, private
Date: Mon, 18 Mar 2024 04:48:31 GMT

isekaiexpress.cloud/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631

82.118.242.147

200 OK

4.3 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 4292, version 1.0
Size
4.3 kB (4292 bytes)
Hash
ae072782b361d2afdbf43db08d3cfb73
f3db2e65b53d97491672f8631e21d6d05905cc88
31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/octet-stream
Content-Length: 4292
Last-Modified: Mon, 12 Feb 2024 21:16:55 GMT
Connection: keep-alive
ETag: "65ca8ac7-10c4"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/js/scripts.js

82.118.242.147

200 OK

115 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/js/scripts.js
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JavaScript source, ASCII text, with very long lines (914), with CRLF line terminators
Size
115 kB (114862 bytes)
Hash
ce260d2170faf98639ab8e0e3758f1e2
32eeb82a44bf0bce2df78eafae9f2e9ff8d72e1f
ac331833ebf1c06b0f8565caaeb4760c2184bd89d1cb5574c3947a8d0b6dca1c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/javascript
Content-Length: 114862
Last-Modified: Mon, 12 Feb 2024 21:17:05 GMT
Connection: keep-alive
ETag: "65ca8ad1-1c0ae"
Accept-Ranges: bytes

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint4B:01:90:58:08:51:40:F4:08:F1:16:D3:92:26:EE:6C:CD:EA:5A:C3
ValidityMon, 19 Feb 2024 08:18:37 GMT - Mon, 13 May 2024 08:18:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://isekaiexpress.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 14 Mar 2024 11:03:59 GMT
expires: Fri, 14 Mar 2025 11:03:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 323072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint4B:01:90:58:08:51:40:F4:08:F1:16:D3:92:26:EE:6C:CD:EA:5A:C3
ValidityMon, 19 Feb 2024 08:18:37 GMT - Mon, 13 May 2024 08:18:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://isekaiexpress.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 14 Mar 2024 11:03:59 GMT
expires: Fri, 14 Mar 2025 11:03:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 323072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint4B:01:90:58:08:51:40:F4:08:F1:16:D3:92:26:EE:6C:CD:EA:5A:C3
ValidityMon, 19 Feb 2024 08:18:37 GMT - Mon, 13 May 2024 08:18:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://isekaiexpress.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 14 Mar 2024 11:03:59 GMT
expires: Fri, 14 Mar 2025 11:03:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 323072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint4B:01:90:58:08:51:40:F4:08:F1:16:D3:92:26:EE:6C:CD:EA:5A:C3
ValidityMon, 19 Feb 2024 08:18:37 GMT - Mon, 13 May 2024 08:18:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://isekaiexpress.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 14 Mar 2024 11:03:59 GMT
expires: Fri, 14 Mar 2025 11:03:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 323072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

isekaiexpress.cloud/cache/themes/spirit/logo_inverse.png

82.118.242.147

200 OK

114 kB

URL GET HTTP/1.1
isekaiexpress.cloud/cache/themes/spirit/logo_inverse.png
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
PNG image data, 3061 x 1161, 8-bit/color RGBA, non-interlaced
Size
114 kB (113707 bytes)
Hash
a1854398b8b9164f62064eaf52f90ebd
a0a1fea590ff29a310b64e053cfd08876cffec8a
e5bbb69e7edd0203a48d8358590cdb01f0dd9d5fa47b2062d46bccb704bfe499

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/spirit/logo_inverse.png HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: image/png
Content-Length: 113707
Last-Modified: Tue, 13 Feb 2024 00:02:29 GMT
Connection: keep-alive
ETag: "65cab195-1bc2b"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/img/adblock/primary.jpg

82.118.242.147

200 OK

13 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/img/adblock/primary.jpg
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 601x155, components 3
Size
13 kB (12809 bytes)
Hash
0fc3ab39bcdfd3c8d38de7d89b292ada
a89f51203f0b0db4cd1c7f18388f9a84d008efa4
c661391117b70efa486492ff5439d6239ed6bfcca5cf1319ba4ebe7c37cdc72f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/img/adblock/primary.jpg HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: image/jpeg
Content-Length: 12809
Last-Modified: Mon, 12 Feb 2024 21:31:44 GMT
Connection: keep-alive
ETag: "65ca8e40-3209"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/images/share/idm_banner_h.png

82.118.242.147

200 OK

246 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/images/share/idm_banner_h.png
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
PNG image data, 720 x 215, 8-bit/color RGBA, non-interlaced
Size
246 kB (246113 bytes)
Hash
685052b3807170518ed2371d8306aff9
8867fd3bcd3b22fd63950a6c0e4934587abfdbd3
5d8a979ade47cb436de0c1a4064e7809660fe88c6579e56f580681b6557f8459

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/images/share/idm_banner_h.png HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: image/png
Content-Length: 246113
Last-Modified: Mon, 05 Dec 2022 01:10:05 GMT
Connection: keep-alive
ETag: "638d44ed-3c161"
Accept-Ranges: bytes

isekaiexpress.cloud/cache/themes/spirit/logo.png

82.118.242.147

200 OK

114 kB

URL GET HTTP/1.1
isekaiexpress.cloud/cache/themes/spirit/logo.png
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
PNG image data, 3061 x 1161, 8-bit/color RGBA, non-interlaced
Size
114 kB (113707 bytes)
Hash
a1854398b8b9164f62064eaf52f90ebd
a0a1fea590ff29a310b64e053cfd08876cffec8a
e5bbb69e7edd0203a48d8358590cdb01f0dd9d5fa47b2062d46bccb704bfe499

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/themes/spirit/logo.png HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: image/png
Content-Length: 113707
Last-Modified: Tue, 13 Feb 2024 00:02:29 GMT
Connection: keep-alive
ETag: "65cab195-1bc2b"
Accept-Ranges: bytes

isekaiexpress.cloud/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2

82.118.242.147

200 OK

80 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301
Size
80 kB (80148 bytes)
Hash
c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/fonts/font-awesome/fa-solid-900.woff2 HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/themes/spirit/assets/frontend/css/font-awesome.min.css
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:31 GMT
Content-Type: application/octet-stream
Content-Length: 80148
Last-Modified: Mon, 12 Feb 2024 21:31:40 GMT
Connection: keep-alive
ETag: "65ca8e3c-13914"
Accept-Ranges: bytes

fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint4B:01:90:58:08:51:40:F4:08:F1:16:D3:92:26:EE:6C:CD:EA:5A:C3
ValidityMon, 19 Feb 2024 08:18:37 GMT - Mon, 13 May 2024 08:18:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19280, version 1.0
Size
19 kB (19280 bytes)
Hash
386fb59be54b2d819064af98e57cc226
9e2d14d736be97ec84bfca3513558450cd6e3249
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991

HTTP Headers

GET /s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://isekaiexpress.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19280
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 17 Mar 2024 10:46:38 GMT
expires: Mon, 17 Mar 2025 10:46:38 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
content-type: font/woff2
age: 64913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint4B:01:90:58:08:51:40:F4:08:F1:16:D3:92:26:EE:6C:CD:EA:5A:C3
ValidityMon, 19 Feb 2024 08:18:37 GMT - Mon, 13 May 2024 08:18:36 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://isekaiexpress.cloud
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 14 Mar 2024 11:03:59 GMT
expires: Fri, 14 Mar 2025 11:03:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 323072
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

isekaiexpress.cloud/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png

82.118.242.147

200 OK

5.0 kB

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced
Size
5.0 kB (5016 bytes)
Hash
a9a8c24cea41bed7ef78ed1d12d48291
cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7
3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:32 GMT
Content-Type: image/png
Content-Length: 5016
Last-Modified: Mon, 12 Feb 2024 21:31:44 GMT
Connection: keep-alive
ETag: "65ca8e40-1398"
Accept-Ranges: bytes

fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i

142.250.74.170

200 OK

2.6 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9E:E7:D6:4D:90:F3:03:3F:5B:5D:E8:16:08:EC:F1:23:5C:22:AF:2F
ValidityMon, 19 Feb 2024 08:18:43 GMT - Mon, 13 May 2024 08:18:42 GMT

File type
gzip compressed data, max compression
Size
2.6 kB (2631 bytes)
Hash
b23f28cf1b1b5ceabf9c2c7297ec5baf
db00a7a4524d68850da87a40b87030c880108959
5a28bc3da3ced454be81079960fc72ec5bd5bb150db9edc3b7a5b682a2102422

HTTP Headers

GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 18 Mar 2024 04:48:31 GMT
date: Mon, 18 Mar 2024 04:48:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.freedownloadmanager.org/new/fdm_06.gif

74.117.181.203

200 OK

2.3 kB

URL GET HTTP/2
www.freedownloadmanager.org/new/fdm_06.gif
IP
74.117.181.203:443
ASN
#40824 WZ-US-40824

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerSectigo Limited
Subject*.freedownloadmanager.org
Fingerprint6C:C2:97:52:D5:8C:61:17:3A:84:E4:44:10:B3:D2:FD:D4:EC:3D:5B
ValidityMon, 13 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 88 x 31
Size
2.3 kB (2276 bytes)
Hash
72d1dada9b4c559c1edc90a3a4492b46
f9008479a75bbc510918792c6b5c0aa8ae0769a4
1c9be65c59fe86261ff9b6ccd5fd3a0d86515021a316f06cdeaa6117f0ccfaa0

HTTP Headers

GET /new/fdm_06.gif HTTP/1.1
Host: www.freedownloadmanager.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 18 Mar 2024 04:48:32 GMT
content-type: image/gif
content-length: 2276
last-modified: Sat, 16 Sep 2023 17:18:42 GMT
etag: "6505e372-8e4"
expires: Tue, 18 Mar 2025 04:48:32 GMT
cache-control: max-age=31536000
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.170

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9E:E7:D6:4D:90:F3:03:3F:5B:5D:E8:16:08:EC:F1:23:5C:22:AF:2F
ValidityMon, 19 Feb 2024 08:18:43 GMT - Mon, 13 May 2024 08:18:42 GMT

File type
gzip compressed data, max compression
Size
11 kB (10580 bytes)
Hash
16616476524d11e51196d25f47b23dc9
eb52fcd94376e91fe98b7228c273bcff625a4551
3cfdf73cc2cbbdc465c97d20cf5b09297eede8e17b098e2a74de7e2c2cc2b879

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 18 Mar 2024 04:48:31 GMT
date: Mon, 18 Mar 2024 04:48:31 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

isekaiexpress.cloud/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png

82.118.242.147

200 OK

447 B

URL GET HTTP/1.1
isekaiexpress.cloud/themes/spirit/assets/frontend/img/favicon/favicon-16x16.png
IP
82.118.242.147:443
ASN
#201133 Verdina Ltd.

Requested by
https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Certificate
IssuerLet's Encrypt
Subjectisekaiexpress.cloud
FingerprintD6:73:A0:01:8B:24:62:B0:E2:60:E6:01:20:FC:A7:95:C9:7A:D9:24
ValidityMon, 12 Feb 2024 20:52:01 GMT - Sun, 12 May 2024 20:52:00 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
447 B (447 bytes)
Hash
f3d5da06fe8d5a2425d5d229285e5eea
01032b864f3c74bbf44771e2ba41eeb2251fad90
d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1
Host: isekaiexpress.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://isekaiexpress.cloud/um/pure-onyx-0.100.0-win.zip
Cookie: filehosting=v63grchi7lcci4irpt4rcd4bfa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 18 Mar 2024 04:48:32 GMT
Content-Type: image/png
Content-Length: 447
Last-Modified: Mon, 12 Feb 2024 21:31:45 GMT
Connection: keep-alive
ETag: "65ca8e41-1bf"
Accept-Ranges: bytes

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash