Report - 92.204.133.142/

Report Overview

Submitted URL
92.204.133.142/
IP
92.204.133.142
ASN
#398108 GO-DADDY-COM-LLC
Submitted
2024-04-18 11:36:57
Access
public
Website Title
CADzation DWG to PDF Conversion
Final URL
92.204.133.142/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
92.204.133.142	unknown	unknown	No data	No data	13 kB	2.2 MB	92.204.133.142
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	2.7 kB	177 kB	142.250.74.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	2.3 kB	33 kB	216.58.207.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed
2024-04-18	medium	92.204.133.142	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	92.204.133.142/js/plugins.js	562 kB	2023-06-04	2024-04-18
Pretty URL 92.204.133.142/js/plugins.js IP 92.204.133.142 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-04 22:53:13 Last Seen2024-04-18 13:37:03 Times Seen6 Hash f0d2c0bbbdef879e94edce7e88003baa 9160144993ac2da36fc1740d37d44e560beee8cc c17b1a4a236be94902f20290a418911c2441cbfbd4a4e04fcc3f72ab38d976b5 Loading...

	92.204.133.142/js/functions.js	127 kB	2023-03-12	2024-04-18
Pretty URL 92.204.133.142/js/functions.js IP 92.204.133.142 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:10:26 Last Seen2024-04-18 13:37:04 Times Seen5 Hash 78a300d8b03609f68cef1b5c73e3d7c9 b5fa3b2e98423461d5f2546b3b0edb09f0677a9b 9a664866023704ea6d63e3e16b33ee6bfc563f54fb2cf802771770d1088fdf88 Loading...

	92.204.133.142/	99 B	2024-04-18	2024-04-18
Pretty URL 92.204.133.142/ IP 92.204.133.142 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 13:37:04 Last Seen2024-04-18 13:37:04 Times Seen1 Hash 6c7d487f00c4afbe010c2452089a92c8 0790ecb5d0fd9202bd9e4ec7a95f1e3fbb32d837 d2f0c92f0f4341c20c8fb1b0c54103cf3f9d90e09c8fd7f30da2c979279b7023 Loading...

	92.204.133.142/js/jquery.js	96 kB	2023-03-07	2024-04-18
Pretty URL 92.204.133.142/js/jquery.js IP 92.204.133.142 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:39:00 Last Seen2024-04-18 13:37:04 Times Seen30 Hash cdce6651c76bcdd9ed88e4c28b076730 a75e1d1015f3ec7ea87e94926bb2f01a3421dcc4 9801c1c9ecc18a5361fbb2188614518c84837fd23cdcc5dafde214c7efc5ba61 Loading...

HTTP Transactions (40)

URL IP Response Size

92.204.133.142/

92.204.133.142

200 OK

146 B

URL User Request GET HTTP/2
92.204.133.142/
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
HTML document, ASCII text
Size
146 B (146 bytes)
Hash
6a0fb20ef80d3e33f8f131429ee2f4d8
e71f2e4b796111bf9757fe120a882ef1fe016b9d
e94c6b1af67f3e7d4e44ece228108165efaae10a572af23489e7dde7f38cbdfd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://92.204.133.142/
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: https://www.swreg.org
Date: Thu, 18 Apr 2024 11:36:29 GMT
Content-Length: 146

92.204.133.142/

92.204.133.142

200 OK

23 kB

URL User Request GET HTTP/2
92.204.133.142/
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
23 kB (23427 bytes)
Hash
f3ae57fa613042569bee47f2364a38af
305ebed5f401d3e07bb878c42fa116124f1cb178
687a3c9c0caf9d7a3cb8f45f8a4b8b70012a008c7573f280ab41a92100b0d35d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 23427
X-Firefox-Spdy: h2

92.204.133.142/css/font-icons.css

92.204.133.142

200 OK

53 kB

URL GET HTTP/2
92.204.133.142/css/font-icons.css
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
ASCII text
Size
53 kB (53335 bytes)
Hash
c8a26a6daec2301ebf6e8dbbc4dfbed0
f59ec53a3dbf033d5482c2b9162e7ec3a98a65e9
39f3f0e75114d42699b963a3c8204a85ce4fe3ec32942e5226ba9717b885a338

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/font-icons.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Tue, 25 Oct 2016 03:02:01 GMT
accept-ranges: bytes
etag: "801a6286c2ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 53335
X-Firefox-Spdy: h2

92.204.133.142/css/dark.css

92.204.133.142

200 OK

64 kB

URL GET HTTP/2
92.204.133.142/css/dark.css
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
ASCII text, with CRLF line terminators
Size
64 kB (63745 bytes)
Hash
ac1a97fbc284481bb454ab29ef7aa878
792d58939b937ad6bdd6d12d4ca3a5d2d009b05c
b86ffc9378c4e0100f71f456b7a32d3bc981b41e97fa9fd2d9dbc2298f323efa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/dark.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Tue, 10 Jan 2017 01:32:09 GMT
accept-ranges: bytes
etag: "80f2f25be16ad21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 63745
X-Firefox-Spdy: h2

92.204.133.142/css/magnific-popup.css

92.204.133.142

200 OK

8.7 kB

URL GET HTTP/2
92.204.133.142/css/magnific-popup.css
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
ASCII text
Size
8.7 kB (8729 bytes)
Hash
42e41fb7cb3dfea5f0b109e1acfb4232
a62a29e13fff1f5d4627c8c003dea1130f4a4367
c0359a11481ad731b95da24cbab56389f914995f5475a407507a51f2c10d3542

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/magnific-popup.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Tue, 25 Oct 2016 03:01:46 GMT
accept-ranges: bytes
etag: "049151f6c2ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 8729
X-Firefox-Spdy: h2

92.204.133.142/css/bootstrap.css

92.204.133.142

200 OK

158 kB

URL GET HTTP/2
92.204.133.142/css/bootstrap.css
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
ASCII text, with very long lines (540), with CRLF line terminators
Size
158 kB (158006 bytes)
Hash
30d7024d9e89627484bda86cdda09108
2c9c6cc505a0e35e1437d2347e7fa3300738c12b
2c5d2f131e75cbdfaba97306fdf868fe139d991a9fbca44fb41dd75383c170bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/bootstrap.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Wed, 06 Sep 2017 22:45:08 GMT
accept-ranges: bytes
etag: "0b21bca6127d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 158006
X-Firefox-Spdy: h2

92.204.133.142/css/animate.css

92.204.133.142

200 OK

78 kB

URL GET HTTP/2
92.204.133.142/css/animate.css
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
Unicode text, UTF-8 (with BOM) text
Size
78 kB (78141 bytes)
Hash
ff17c246f26a91e56bf3a09a63f71d6d
f5afa6782e3e28d27545f4108581e809c1f6b24e
67ea22ad919fea6c523531f188a637750fbce8c0335599aa78ea633bbceca2d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Tue, 25 Oct 2016 03:01:00 GMT
accept-ranges: bytes
etag: "03eaa36c2ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 78141
X-Firefox-Spdy: h2

92.204.133.142/css/responsive.css

92.204.133.142

200 OK

54 kB

URL GET HTTP/2
92.204.133.142/css/responsive.css
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
ASCII text, with very long lines (437), with CRLF line terminators
Size
54 kB (54459 bytes)
Hash
6a4e88bb435438e592cfa812a0e27c2f
89d5723125e231ef36f0238cb327af8e74f12c68
3ae8f86ae9797bc9063cb0ce4762c4922eeba10da3df5eb8929b7cf2139883e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/responsive.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Tue, 25 Oct 2016 03:18:45 GMT
accept-ranges: bytes
etag: "8058747e6e2ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 54459
X-Firefox-Spdy: h2

92.204.133.142/cadzation_res/font-awesome.css

92.204.133.142

200 OK

36 kB

URL GET HTTP/2
92.204.133.142/cadzation_res/font-awesome.css
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (412), with CRLF line terminators
Size
36 kB (36429 bytes)
Hash
57144939e53c9da99091034cc7720154
fa4c66b9dc68dffe2e1cf832854ece48ddd0b1ae
662e767870c41944803ab701dff96ca60a7be3f66ba649a904303f06affcfcbd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_res/font-awesome.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
last-modified: Fri, 17 Jun 2016 20:59:22 GMT
accept-ranges: bytes
etag: "0715c1fdbc8d11:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 36429
X-Firefox-Spdy: h2

92.204.133.142/style-cadzation.css

92.204.133.142

200 OK

7.6 kB

URL GET HTTP/2
92.204.133.142/style-cadzation.css
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
ASCII text, with very long lines (7623), with CRLF line terminators
Size
7.6 kB (7625 bytes)
Hash
de782e55c320892ce185b624a1a85d21
7effb5a68cf4d7a1b94ad97d3f783db97a803d1a
3912668ee6be6c131190e0b0e36f1391f27c5aa10eed38ffa54d329c6a11f51a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style-cadzation.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/css
last-modified: Thu, 03 Nov 2016 04:08:51 GMT
accept-ranges: bytes
etag: "804be3fb8735d21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 7625
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/logo.png

92.204.133.142

200 OK

3.4 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/logo.png
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
PNG image data, 250 x 100, 8-bit colormap, non-interlaced
Size
3.4 kB (3395 bytes)
Hash
fb7a1ec1ea74df94a182b197c7ce8114
a7c8c5820ce05b3f6767e13c972dd581fd0d6b7a
b1de32b3f8a0a62e63d0cef8f521da7046eb1c74ac63b4c17457b28ced1a7534

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/logo.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 3395
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/logo@2x.png

92.204.133.142

200 OK

4.9 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/logo@2x.png
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
PNG image data, 500 x 200, 8-bit colormap, non-interlaced
Size
4.9 kB (4949 bytes)
Hash
67dbeb72057f2cc31420b8499dd585d3
75eaf9b2b597de690cd64b70625bef84586ca733
0a0605de476212ac00cce1c22377eb8af606e387131ef929296584688ec17c39

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/logo@2x.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 4949
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/recentnews.png

92.204.133.142

200 OK

12 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/recentnews.png
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
PNG image data, 93 x 60, 8-bit/color RGBA, non-interlaced
Size
12 kB (12031 bytes)
Hash
08837702e86930203c0774b67774f1cd
65bd773ca6d684a80c114e53b8bd6b0a4d9940c1
672a9b24e4f34f50b5ca12252f542d4ab3ca4537fab9a9ed7fe502ccd2656596

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/recentnews.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 21 Mar 2017 16:55:54 GMT
accept-ranges: bytes
etag: "049bd064a2d21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 12031
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/linesmerge.png

92.204.133.142

200 OK

181 B

URL GET HTTP/2
92.204.133.142/cadzation_img/linesmerge.png
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
PNG image data, 62 x 62, 4-bit colormap, non-interlaced
Size
181 B (181 bytes)
Hash
d2d3bc56f8c1b909a13ddad1e77f61f5
f8c7019762dbbc4febef19e0fa02cc1d997800e1
cbf3947bf42774bce1920d30cd0df51c465bdfef21607a87b0aa93fea8f6453c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/linesmerge.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 181
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/logo-dark@200x40.png

92.204.133.142

200 OK

2.8 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/logo-dark@200x40.png
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
PNG image data, 200 x 40, 8-bit colormap, non-interlaced
Size
2.8 kB (2788 bytes)
Hash
1fab83522632f9f0512e3216f08a0396
bf9ae885908641914f5d846b1d58e440ebdcca7d
4f62c793c48c3e90df225f794293b002c05771a74d632e0b9f3be6d8a44c3ac2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/logo-dark@200x40.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 2788
X-Firefox-Spdy: h2

92.204.133.142/style.css

92.204.133.142

200 OK

212 kB

URL GET HTTP/2
92.204.133.142/style.css
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
212 kB (211991 bytes)
Hash
78fdccbaeb7f04258531f48409d10508
281ad8c8e0a892fdb187ec5293370078be22ba0f
248be906a871f0d782801c6c7f47af8801bc1cac2d365d6337496c94d9063bf9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style.css HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/css
last-modified: Thu, 21 Jan 2021 19:18:28 GMT
accept-ranges: bytes
etag: "09a77322af0d61:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 211991
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/acroplotsuite_750x500.jpg

92.204.133.142

200 OK

70 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/acroplotsuite_750x500.jpg
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x667, components 3
Size
70 kB (69849 bytes)
Hash
630f1235aab4fd9f0dfb6e76290684ac
5f816db5c86847dea418c529d140c3f9ea28f183
1711904238f7810aa65b14339b081b7be350a630a4110d3389f11b5d94c60c9f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/acroplotsuite_750x500.jpg HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/jpeg
last-modified: Tue, 25 Oct 2016 09:27:14 GMT
accept-ranges: bytes
etag: "0572f8a12ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 69849
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/acroplotauto_750x500.jpg

92.204.133.142

200 OK

49 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/acroplotauto_750x500.jpg
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x666, components 3
Size
49 kB (49269 bytes)
Hash
7940c87cacca48b6f25fbe9ca0cbe3bc
778788ec0600aa6bab025601bf240f9648d796b0
54be4bfc517184e37f57516c29e974c37bbd9ca3c4bf7597c3d1f3ece104f468

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/acroplotauto_750x500.jpg HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/jpeg
last-modified: Tue, 25 Oct 2016 09:27:14 GMT
accept-ranges: bytes
etag: "0572f8a12ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 49269
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/acroplotrepro_750x500.jpg

92.204.133.142

200 OK

68 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/acroplotrepro_750x500.jpg
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x667, components 3
Size
68 kB (68195 bytes)
Hash
9adca9f0db9c5ae8363a0368647be4dc
1c267f835a56cf485e45b6c4a45f67fdfb0ea9e4
2141bd1983a2038bb6113d589aef3b8c8a82f5bd5a91324c3f7dd149dd4c2a9c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/acroplotrepro_750x500.jpg HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/jpeg
last-modified: Tue, 25 Oct 2016 09:27:12 GMT
accept-ranges: bytes
etag: "0d840f7a12ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 68195
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/Adsk_ADN_AuthorizedD_M_Wht.png

92.204.133.142

200 OK

1.2 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/Adsk_ADN_AuthorizedD_M_Wht.png
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
PNG image data, 145 x 35, 8-bit colormap, non-interlaced
Size
1.2 kB (1191 bytes)
Hash
e577277f6c305b86e376ddc0d99d8698
7d035bda700253770e40554b3dacc2f4c35868a7
bbb6ce4ce600ab6c7464d0d3b97b6dd4691f5db567cdbce7bc9bfd73f069e97e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/Adsk_ADN_AuthorizedD_M_Wht.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 1191
X-Firefox-Spdy: h2

92.204.133.142/js/jquery.js

92.204.133.142

200 OK

96 kB

URL GET HTTP/2
92.204.133.142/js/jquery.js
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65451), with CRLF line terminators
Size
96 kB (95954 bytes)
Hash
cdce6651c76bcdd9ed88e4c28b076730
a75e1d1015f3ec7ea87e94926bb2f01a3421dcc4
9801c1c9ecc18a5361fbb2188614518c84837fd23cdcc5dafde214c7efc5ba61

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.js HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 06 Sep 2017 22:26:51 GMT
accept-ranges: bytes
etag: "80c73e3c5f27d31:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 95954
X-Firefox-Spdy: h2

92.204.133.142/js/functions.js

92.204.133.142

200 OK

127 kB

URL GET HTTP/2
92.204.133.142/js/functions.js
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
JavaScript source, ASCII text, with very long lines (491), with CRLF line terminators
Size
127 kB (126684 bytes)
Hash
78a300d8b03609f68cef1b5c73e3d7c9
b5fa3b2e98423461d5f2546b3b0edb09f0677a9b
9a664866023704ea6d63e3e16b33ee6bfc563f54fb2cf802771770d1088fdf88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/functions.js HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/javascript
last-modified: Fri, 17 Jun 2016 19:38:46 GMT
accept-ranges: bytes
etag: "067e1dccfc8d11:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 126684
X-Firefox-Spdy: h2

92.204.133.142/js/plugins.js

92.204.133.142

200 OK

562 kB

URL GET HTTP/2
92.204.133.142/js/plugins.js
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (23754), with CRLF line terminators
Size
562 kB (561893 bytes)
Hash
d3c8ea5d089906bafb94e41d55637bbb
0e740e0f7fa4fcbe42ea56b7bdb6966bf9e12e72
42142711b7b7e9b1f59aee53e3498757a12d1a5687c497a64ef8c0ac0ec846b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/plugins.js HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/javascript
last-modified: Fri, 17 Jun 2016 19:38:46 GMT
accept-ranges: bytes
etag: "067e1dccfc8d11:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 561893
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/acroplotsuite_1920x1080.jpg

92.204.133.142

200 OK

249 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/acroplotsuite_1920x1080.jpg
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2560x1440, components 3
Size
249 kB (248566 bytes)
Hash
d93d532a09adfab2f41edac431ab4271
3cde4f465f122f073b621484bed296128d1337d8
7d37c5d41b4b49671d3e0091d31d3439cf66d32cb1846c0de52e45a7b7a412d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/acroplotsuite_1920x1080.jpg HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/style-cadzation.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/jpeg
last-modified: Tue, 25 Oct 2016 09:27:14 GMT
accept-ranges: bytes
etag: "0572f8a12ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 248566
X-Firefox-Spdy: h2

92.204.133.142/images/icons/iconalt.svg

92.204.133.142

200 OK

312 B

URL GET HTTP/2
92.204.133.142/images/icons/iconalt.svg
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
SVG Scalable Vector Graphics image
Size
312 B (312 bytes)
Hash
a58e730537997f3cdc49ae3ea1878ca5
af30ad370fd7232d44d69b5a9f613d75fa32f417
361017d06db35a5760aca46eb1d07db22ea1b3389c1ce52ee5e21973dc67a307

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/icons/iconalt.svg HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/svg+xml
last-modified: Wed, 12 Mar 2014 23:57:24 GMT
accept-ranges: bytes
etag: "04a4bd04e3ecf1:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:32 GMT
content-length: 312
X-Firefox-Spdy: h2

92.204.133.142/css/fonts/font-icons.woff

92.204.133.142

200 OK

180 kB

URL GET HTTP/2
92.204.133.142/css/fonts/font-icons.woff
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
Web Open Font Format, CFF, length 179736, version 1.0
Size
180 kB (179736 bytes)
Hash
49d544be262deb157694b7501e3283b8
3ca362bc7f39ff6648bccce71a65dd4372c916b4
13de66596d19798ffdcad167e0913ab7afddc5ad944f669242dbeb87814843d4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/fonts/font-icons.woff HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/css/font-icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: font/x-woff
last-modified: Fri, 17 Jun 2016 19:38:26 GMT
accept-ranges: bytes
etag: "0a5f5d0cfc8d11:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:33 GMT
content-length: 179736
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.131

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://92.204.133.142/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://92.204.133.142
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 185521
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/spinnaker/v19/w8gYH2oyX-I0_rvR6HmX23YK.woff2

142.250.74.131

200 OK

10 kB

URL GET HTTP/2
fonts.gstatic.com/s/spinnaker/v19/w8gYH2oyX-I0_rvR6HmX23YK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://92.204.133.142/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10480, version 1.0
Size
10 kB (10480 bytes)
Hash
384f7f79a88734e8c84556ae756e5fcc
ccbaacd081ae44135b38435c235486aada5d4e49
30fed205471d2e627b18975eb3276714519ba417be9fa25be5d4e2b3efcede8c

HTTP Headers

GET /s/spinnaker/v19/w8gYH2oyX-I0_rvR6HmX23YK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://92.204.133.142
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:16:42 GMT
expires: Fri, 18 Apr 2025 03:16:42 GMT
cache-control: public, max-age=31536000
age: 29991
last-modified: Thu, 24 Aug 2023 21:53:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.131

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://92.204.133.142/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://92.204.133.142
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 02:14:58 GMT
expires: Wed, 16 Apr 2025 02:14:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
age: 206495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.131

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://92.204.133.142/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://92.204.133.142
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 185521
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

92.204.133.142/images/preloader-dark.gif

92.204.133.142

200 OK

2.2 kB

URL GET HTTP/2
92.204.133.142/images/preloader-dark.gif
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
GIF image data, version 89a, 24 x 24
Size
2.2 kB (2165 bytes)
Hash
69522f0d3bc89c43483f1d9d1f966a2b
11376f4639851e7969107d2128abbcba6435bf03
815b0caef99b4fe4e2ed6377732fabe05af8b9c377febb22a19c56f68c52a1dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/preloader-dark.gif HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/css/dark.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/gif
last-modified: Thu, 29 Jan 2015 21:21:08 GMT
accept-ranges: bytes
etag: "07a307f93cd01:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:33 GMT
content-length: 2165
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/logo-dark.png

92.204.133.142

200 OK

3.3 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/logo-dark.png
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
PNG image data, 250 x 100, 8-bit colormap, non-interlaced
Size
3.3 kB (3282 bytes)
Hash
7fe5afec6ec5a9c15524d32ee6043a10
752f9aaf979ff770f4c8ca2e478881b97f5160e5
3cb0a0faa76706e782ccf6f2081b6f12dcac6de42b6c181958a826eacd33215f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/logo-dark.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:33 GMT
content-length: 3282
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/logo-dark@2x.png

92.204.133.142

200 OK

4.9 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/logo-dark@2x.png
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
PNG image data, 500 x 200, 8-bit colormap, non-interlaced
Size
4.9 kB (4941 bytes)
Hash
3d0c6356d232f50d66eb28ce61cad299
943bdff4574699022f28dfbe7172d40d177f58f0
7c49a0fd3ab102357ea248d85c9d5812dfd3c54e636aeef5093afe44dae4873c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/logo-dark@2x.png HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/png
last-modified: Tue, 25 Oct 2016 09:28:16 GMT
accept-ranges: bytes
etag: "078661da22ed21:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:33 GMT
content-length: 4941
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.131

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://92.204.133.142/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://92.204.133.142
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 02:14:58 GMT
expires: Wed, 16 Apr 2025 02:14:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
age: 206495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

92.204.133.142/cadzation_img/favicon.ico

92.204.133.142

200 OK

24 kB

URL GET HTTP/2
92.204.133.142/cadzation_img/favicon.ico
IP
92.204.133.142:443
ASN
#398108 GO-DADDY-COM-LLC

Requested by
https://92.204.133.142/
Certificate
IssuerGoDaddy.com, Inc.
Subjectcadzation.com
FingerprintAC:07:9D:67:73:F4:04:A3:20:3E:55:89:6D:79:87:A5:5D:1B:6A:3A
ValidityFri, 02 Jun 2023 11:15:26 GMT - Wed, 03 Jul 2024 11:15:26 GMT

File type
MS Windows icon resource - 7 icons, 48x48, 8 bits/pixel, 32x32, 8 bits/pixel
Size
24 kB (24238 bytes)
Hash
4c2c401fcb37bb87e530db1438d6ffb6
ca8091ad362d911a41e47e80fb01ce6bb8ebf490
a10f661f8593b86f17d010fdcd2590f4956c8dccd4e7878a8c3a7789be499e9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cadzation_img/favicon.ico HTTP/1.1
Host: 92.204.133.142
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: image/x-icon
last-modified: Tue, 24 Sep 2013 12:14:38 GMT
accept-ranges: bytes
etag: "08b96a31fb9ce1:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
access-control-allow-origin: https://www.swreg.org
date: Thu, 18 Apr 2024 11:36:33 GMT
content-length: 24238
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700

216.58.207.234

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://92.204.133.142/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1572)
Size
11 kB (11194 bytes)
Hash
b69c29c8c917c014d6f4b79752d8ce0b
71a580b2e8792ba930815bcca3bda73e7715ca3f
5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0

HTTP Headers

GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:36:32 GMT
date: Thu, 18 Apr 2024 11:36:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:300,400,400italic,600,700|Raleway:300,400,500,600,700|Crete+Round:400italic

216.58.207.234

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:300,400,400italic,600,700|Raleway:300,400,500,600,700|Crete+Round:400italic
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://92.204.133.142/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
12 kB (12006 bytes)
Hash
8763d474cd4128c60efae40cd6ea9171
80e6a9893ef04440d2a653af0880750774070519
0e1677d661fe9267bb8f8ae5cb269eabbb2915a32436a63491febd945c55f8a9

HTTP Headers

GET /css?family=Lato:300,400,400italic,600,700|Raleway:300,400,500,600,700|Crete+Round:400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:36:32 GMT
date: Thu, 18 Apr 2024 11:36:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Spinnaker:400,700

216.58.207.234

200 OK

750 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Spinnaker:400,700
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://92.204.133.142/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (766), with no line terminators
Size
750 B (750 bytes)
Hash
0c80f4b640198c0207cf85f539c5540a
eb30f7a1d1f6ab2235221cc5e6e122079a390548
dc6774faa4e18e13a860ea065be7abddb8f12e3d16ed0293f577682181013d20

HTTP Headers

GET /css?family=Spinnaker:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:36:32 GMT
date: Thu, 18 Apr 2024 11:36:32 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:400,700

216.58.207.234

200 OK

3.4 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat:400,700
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://92.204.133.142/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (3520), with no line terminators
Size
3.4 kB (3440 bytes)
Hash
33cc8247adb15606dc2a75a81f4437bf
0640197a8569aa0d5fd4fa3e665058602cc58534
6ac4d9219bcf5a755e4bbb88b9049421a6cf4e65a409ecf8278614d0b7abc5f0

HTTP Headers

GET /css?family=Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:36:32 GMT
date: Thu, 18 Apr 2024 11:36:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Libre+Franklin:400,700

216.58.207.234

200 OK

2.4 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Libre+Franklin:400,700
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://92.204.133.142/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (2400), with no line terminators
Size
2.4 kB (2352 bytes)
Hash
b1871c40e64cf158e3da80245a1db414
e10f62275a10c1d24dfd3642fefd780e1d47b8b6
d05f070a9d33d146164b646df043f277801c8578ae7dc27ec7b56918bece8ddd

HTTP Headers

GET /css?family=Libre+Franklin:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://92.204.133.142/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 11:36:32 GMT
date: Thu, 18 Apr 2024 11:36:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (40)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size