Report - utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:

Report Overview

Submitted URL
utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:
IP
143.204.55.87
ASN
#16509 AMAZON-02
Submitted
2024-05-10 04:38:31
Access
public
Website Title
Not Authorized · μTorrent Web
Final URL
utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
utweb.rainberrytv.com	unknown	2022-04-22	2022-12-07	2024-03-03	2.3 kB	126 kB	143.204.55.87
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	1.1 kB	58 kB	216.58.207.227
127.0.0.1:19575	unknown	unknown	No data	No data	499 B	0 B	0.0.0.0
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	430 B	284 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	127.0.0.1	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	utweb.rainberrytv.com/gui/sandbox%20eval%20code	147 B	2023-04-11	2024-05-20
Pretty URL utweb.rainberrytv.com/gui/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 16:12:15 Times Seen351235 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 16:12:15 Times Seen350720 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-Z28525QR15	283 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-Z28525QR15 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 06:38:37 Last Seen2024-05-10 06:38:38 Times Seen2 Hash cd3d58b5b8b8c9b6b0c9387ba9db957b 653741904a8d59ea660afc456d45b7f07fde2346 153574ecac9717beae9feb2a96bfb8fc151c6ec7fc43eea90c84a0eb19580572 Loading...

	utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:	953 B	2023-04-09	2024-05-20
Pretty URL utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598: IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-09 14:39:25 Last Seen2024-05-20 01:25:35 Times Seen114 Hash a62c82ed2619b0a6e5fdc5534c38304c 709f6c51b0a62e3984bc4a3e4f81a5b7e5481c0a a00a28b8d0d7b6a8de216513ea296c8602aa6d371c29d88878e3ed7cd589b834 Loading...

	utweb.rainberrytv.com/gui/static/js/start.js	4.2 kB	2023-06-29	2024-05-20
Pretty URL utweb.rainberrytv.com/gui/static/js/start.js IP 143.204.55.87 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-29 16:42:51 Last Seen2024-05-20 01:25:35 Times Seen85 Hash 4b24d43086935bfc6a1c5494af985b46 086880a97975bbed7cc5f83b749b38c76c041b3e 1a2c04411df3f44bbb919c408141f82aa85aa119f3f848c67f713aa9e0afff5f Loading...

	utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:	764 B	2023-04-09	2024-05-20
Pretty URL utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598: IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-09 14:39:25 Last Seen2024-05-20 01:25:35 Times Seen114 Hash 21db38e471c7a0202a33609c8ad6a018 f063bc1d711b9aabf66db78f85e29fcce4bb7121 bc842df5824b7f04ca0e9e6787eb541bd0470602231258cf9c5457e991e65679 Loading...

	unknown	1.1 kB	2024-05-10	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 06:38:37 Last Seen2024-05-10 06:38:37 Times Seen1 Hash 80141f37753b20e6d598cff8470e7673 470ca5803381a6401e1af4a0d105cce7ae3de5d5 29d62c7035ccece53387f9af9fcb3cd0035d7971d04600bdd2ee041d7d7c246a Loading...

	utweb.rainberrytv.com/gui/static/js/base64.js	1.5 kB	2023-04-09	2024-05-20
Pretty URL utweb.rainberrytv.com/gui/static/js/base64.js IP 143.204.55.87 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-09 14:39:25 Last Seen2024-05-20 01:25:35 Times Seen117 Hash 3dd016900a667df4caf79e04fcb23bbb 3154c1dc530011727d9d27b82176ca43dd74434f cdf97fe6715fa46711fd39e19826bdaf38e09bf774ba6a9bc3812fcaf91d9f26 Loading...

HTTP Transactions (9)

URL IP Response Size

utweb.rainberrytv.com/gui/static/imgs/ut-favicon.ico

143.204.55.87

200 OK

4.3 kB

URL GET HTTP/2
utweb.rainberrytv.com/gui/static/imgs/ut-favicon.ico
IP
143.204.55.87:443
ASN
#16509 AMAZON-02

Requested by
https://utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:
Certificate
IssuerAmazon
Subject*.rainberrytv.com
FingerprintB0:96:C2:1B:10:2C:94:97:B7:55:EC:FE:8B:30:C7:31:66:77:10:FC
ValiditySun, 11 Jun 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.3 kB (4286 bytes)
Hash
4945a47bd094566a117942d85acedc9f
6105f806156b5c1ce48b8137a16d6d1001e11299
f5d02ba6c0fb8255ca702a5d88556186b481437d7ab32180235d97fbce46da5a

HTTP Headers

GET /gui/static/imgs/ut-favicon.ico HTTP/1.1
Host: utweb.rainberrytv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utweb.rainberrytv.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
content-length: 4286
last-modified: Mon, 06 May 2024 21:01:36 GMT
server: AmazonS3
date: Fri, 10 May 2024 02:51:56 GMT
etag: "4945a47bd094566a117942d85acedc9f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YBgFztr6XEHOwRWaTq7LwGz1bV4cUeyQfCpPHXcCmBlerHIScVVHQg==
age: 6371
X-Firefox-Spdy: h2

utweb.rainberrytv.com/gui/noauth.html

143.204.55.87

200 OK

110 kB

URL GET HTTP/2
utweb.rainberrytv.com/gui/noauth.html
IP
143.204.55.87:443
ASN
#16509 AMAZON-02

Requested by
https://utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:
Certificate
IssuerAmazon
Subject*.rainberrytv.com
FingerprintB0:96:C2:1B:10:2C:94:97:B7:55:EC:FE:8B:30:C7:31:66:77:10:FC
ValiditySun, 11 Jun 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
110 kB (109531 bytes)
Hash
8911927b2e4585783d342d90fbf2fd35
909f86c7c9bbcc5008998f2a0965ba0f12bbc5ef
ea12a6df94f56d2218c6544ddc45d1c6420b85c1d6358a6885e1c3cd2616e042

HTTP Headers

GET /gui/noauth.html HTTP/1.1
Host: utweb.rainberrytv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utweb.rainberrytv.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
date: Fri, 10 May 2024 03:11:10 GMT
last-modified: Thu, 09 May 2024 19:30:52 GMT
etag: W/"85cbec83e1edcc33f66e4ef26f892926"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a9Exrjlxm9JOQsqnbikQfti6k-DJZpPZBTDaFC-EmKT4j_idgTppMQ==
age: 5217
X-Firefox-Spdy: h2

fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

216.58.207.227

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28224, version 1.0
Size
28 kB (28224 bytes)
Hash
6e95e894bf3dab542264c4bfbe7e677a
c5ef8b858caf7920d451d43f37ea65de3736716c
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b

HTTP Headers

GET /s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://utweb.rainberrytv.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:53:13 GMT
expires: Fri, 09 May 2025 01:53:13 GMT
cache-control: public, max-age=31536000
age: 96293
last-modified: Wed, 13 Sep 2023 23:23:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

216.58.207.227

200 OK

28 kB

URL GET HTTP/2
fonts.gstatic.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 28224, version 1.0
Size
28 kB (28224 bytes)
Hash
6e95e894bf3dab542264c4bfbe7e677a
c5ef8b858caf7920d451d43f37ea65de3736716c
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b

HTTP Headers

GET /s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://utweb.rainberrytv.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:53:13 GMT
expires: Fri, 09 May 2025 01:53:13 GMT
cache-control: public, max-age=31536000
age: 96293
last-modified: Wed, 13 Sep 2023 23:23:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

utweb.rainberrytv.com/gui/static/imgs/ut-favicon.ico

143.204.55.87

200 OK

4.3 kB

URL GET HTTP/2
utweb.rainberrytv.com/gui/static/imgs/ut-favicon.ico
IP
143.204.55.87:443
ASN
#16509 AMAZON-02

Requested by
https://utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:
Certificate
IssuerAmazon
Subject*.rainberrytv.com
FingerprintB0:96:C2:1B:10:2C:94:97:B7:55:EC:FE:8B:30:C7:31:66:77:10:FC
ValiditySun, 11 Jun 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.3 kB (4286 bytes)
Hash
4945a47bd094566a117942d85acedc9f
6105f806156b5c1ce48b8137a16d6d1001e11299
f5d02ba6c0fb8255ca702a5d88556186b481437d7ab32180235d97fbce46da5a

HTTP Headers

GET /gui/static/imgs/ut-favicon.ico HTTP/1.1
Host: utweb.rainberrytv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utweb.rainberrytv.com/
DNT: 1
Connection: keep-alive
Cookie: _ga_Z28525QR15=GS1.1.1715315886.1.0.1715315886.0.0.0; _ga=GA1.1.138271434.1715315887
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
content-length: 4286
last-modified: Mon, 06 May 2024 21:01:36 GMT
server: AmazonS3
date: Fri, 10 May 2024 02:51:56 GMT
etag: "4945a47bd094566a117942d85acedc9f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MQLNU2yNjUziOCkRVVQgeOWgzdIpavjg-JuPVZI2YXLOpvFrk89P8w==
age: 6371
X-Firefox-Spdy: h2

utweb.rainberrytv.com/gui/static/js/base64.js

143.204.55.87

200 OK

1.5 kB

URL GET HTTP/2
utweb.rainberrytv.com/gui/static/js/base64.js
IP
143.204.55.87:443
ASN
#16509 AMAZON-02

Requested by
https://utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:
Certificate
IssuerAmazon
Subject*.rainberrytv.com
FingerprintB0:96:C2:1B:10:2C:94:97:B7:55:EC:FE:8B:30:C7:31:66:77:10:FC
ValiditySun, 11 Jun 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1521), with no line terminators
Size
1.5 kB (1501 bytes)
Hash
d608eb353d93bb6b500d5fc37968bb8c
1552413397a07afd815969902b145dce046b2227
cefef6f7d787443958a51a4c4e44119014a73008d873ab5bc2ea1fb897a60e8f

HTTP Headers

GET /gui/static/js/base64.js HTTP/1.1
Host: utweb.rainberrytv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utweb.rainberrytv.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript
date: Fri, 10 May 2024 02:57:48 GMT
last-modified: Thu, 09 May 2024 19:31:01 GMT
etag: W/"3dd016900a667df4caf79e04fcb23bbb"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W8f8K1ZN33Xv3T7C9uF4UnqV9InzYEjstDQL8g373lE1Qz99svdeYQ==
age: 6019
X-Firefox-Spdy: h2

utweb.rainberrytv.com/gui/static/js/start.js

143.204.55.87

200 OK

4.2 kB

URL GET HTTP/2
utweb.rainberrytv.com/gui/static/js/start.js
IP
143.204.55.87:443
ASN
#16509 AMAZON-02

Requested by
https://utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:
Certificate
IssuerAmazon
Subject*.rainberrytv.com
FingerprintB0:96:C2:1B:10:2C:94:97:B7:55:EC:FE:8B:30:C7:31:66:77:10:FC
ValiditySun, 11 Jun 2023 00:00:00 GMT - Wed, 10 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (4369), with no line terminators
Size
4.2 kB (4230 bytes)
Hash
75ebd8a59581c5754ac7300c3460d84a
87c67e722ead7accd7bc359ee57bd25c9e65a35b
8043b547b0efa8eea480e71d68790f5668002fc917fa4bd9993ed126931ef333

HTTP Headers

GET /gui/static/js/start.js HTTP/1.1
Host: utweb.rainberrytv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utweb.rainberrytv.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-javascript
last-modified: Mon, 06 May 2024 21:01:39 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 10 May 2024 01:07:26 GMT
etag: W/"4b24d43086935bfc6a1c5494af985b46"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3yG5C7eV3X542ler-tcLBJ7-dSzEkqA8DE0fAUi1enT5G3UYTIsZew==
age: 12640
X-Firefox-Spdy: h2

127.0.0.1:19575/gui/token.html?t=1715315886373&localauth=localapi4b64d7cda89aa598:

0.0.0.0

0 B

URL GET
127.0.0.1:19575/gui/token.html?t=1715315886373&localauth=localapi4b64d7cda89aa598:
IP
0.0.0.0:0
ASN
#0

Requested by
https://utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /gui/token.html?t=1715315886373&localauth=localapi4b64d7cda89aa598: HTTP/1.1
Host: 127.0.0.1:19575
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utweb.rainberrytv.com/
Origin: https://utweb.rainberrytv.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.googletagmanager.com/gtag/js?id=G-Z28525QR15

142.250.74.168

200 OK

283 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-Z28525QR15
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://utweb.rainberrytv.com/gui/index.html?v=1.4.0.5759&localauth=localapi4b64d7cda89aa598:
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
283 kB (283188 bytes)
Hash
cd3d58b5b8b8c9b6b0c9387ba9db957b
653741904a8d59ea660afc456d45b7f07fde2346
153574ecac9717beae9feb2a96bfb8fc151c6ec7fc43eea90c84a0eb19580572

HTTP Headers

GET /gtag/js?id=G-Z28525QR15 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utweb.rainberrytv.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 04:38:06 GMT
expires: Fri, 10 May 2024 04:38:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97334
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (9)