Report - ddna.top/project/barmaley

Report Overview

Submitted URL
ddna.top/project/barmaley
IP
162.19.139.143
ASN
#16276 OVH SAS
Submitted
2024-04-16 03:36:10
Access
public
Website Title
Небходимо пройти провеку
Final URL
ddna.top/project/barmaley
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ddna.top	unknown	unknown	No data	No data	3.2 kB	16 kB	162.19.139.143
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-15	515 B	12 kB	142.250.74.170
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-15	1.0 kB	27 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-15	medium	ddna.top/project/barmaley	PayPal Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (7)

URL IP Response Size

ddna.top/favicon.ico

162.19.139.143

200 OK

1.4 kB

URL GET HTTP/1.1
ddna.top/favicon.ico
IP
162.19.139.143:443
ASN
#16276 OVH SAS

Requested by
https://ddna.top/project/barmaley
Certificate
IssuerLet's Encrypt
Subjectddna.top
FingerprintD0:D7:DE:C9:F0:92:A3:CB:31:22:5D:36:07:BD:DC:BD:FE:5A:5D:5E
ValiditySat, 13 Apr 2024 08:30:08 GMT - Fri, 12 Jul 2024 08:30:07 GMT

File type
data
Size
1.4 kB (1391 bytes)
Hash
bc1066f3fffecbb11a53f0adc5aabc05
d8cd152cbdecd9ec03c485717a2c66a3baf8129c
1dc616788dc2bb5275a72abaeb636f3d6e6ba79861b47b74f68272a86e53a317

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ddna.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ddna.top/project/barmaley
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Apr 2024 03:35:45 UTC
Referrer-Policy: same-origin
Server: CloudWarden
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

ddna.top/capcha/2a2b6fad-cd2b-4858-b7a1-f5a6892ab94e.jpg

162.19.139.143

200 OK

8.5 kB

URL GET HTTP/1.1
ddna.top/capcha/2a2b6fad-cd2b-4858-b7a1-f5a6892ab94e.jpg
IP
162.19.139.143:443
ASN
#16276 OVH SAS

Requested by
https://ddna.top/project/barmaley
Certificate
IssuerLet's Encrypt
Subjectddna.top
FingerprintD0:D7:DE:C9:F0:92:A3:CB:31:22:5D:36:07:BD:DC:BD:FE:5A:5D:5E
ValiditySat, 13 Apr 2024 08:30:08 GMT - Fri, 12 Jul 2024 08:30:07 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 413x139, components 3
Size
8.5 kB (8520 bytes)
Hash
eafb046ff09798edf954e18b7696b43c
d69360b6e133e09944f72706cf3ae3d06418838d
cb17940f024bfe5e99f9ff01e54d00dbe9bb252f0984c19084b584a8f6c3db46

HTTP Headers

GET /capcha/2a2b6fad-cd2b-4858-b7a1-f5a6892ab94e.jpg HTTP/1.1
Host: ddna.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddna.top/project/barmaley
Cookie: msft=cl.b631b30b5a88107daad507607f60cdb4//69IEtZ3-_LbKBDnL0_g0BNVhDy-2E_py4K-UkNEhUY4=; access=9bc42570a1b980ac589ea83f640c671656fdc9271adb3efcc3d87cc97ef02bfd0d15fbcb314d5ca3334c669b3bb35183d3e2dfc1b1434340dfb9863e6524bb20d8123fb73f431b576fb36864d69740d0c583d731980ef8cf9be3560c30854586f65a52fd1ae11e1978c9cfff8e419d95f985ebeacd6e3e4c3e602f31e4606e794fc76f980c2e049ab92e9f8bcbb320ff43cbef618de4a64b94c34e5b1c1613a4a5f34fe6b36188db01195f9bcf7cccc1cc7c708d11b84e0234aa2a2148b7a51ff3295ea0142ec6ef8c5f119c483066bdea17a35c06c727020ec913f4b5c007c64d91d8df57a5779ce8751c4baa5dc6a467e216e25131adbda4828dad529680ebd39916197a6f826ee4917145f779c177ef8bdc64f0310daf; uniq=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 8520
Accept-Ranges: bytes
Cache-Control: max-age=21600
Connection: keep-alive
Content-Encoding: br
Content-Type: image/jpeg
Date: Tue, 16 Apr 2024 03:35:45 GMT
Etag: "657d605c-22f2"
Last-Modified: Sat, 16 Dec 2023 08:31:24 GMT
Server: CloudWarden
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Ua-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block

ddna.top/favicon.ico

162.19.139.143

200 OK

589 B

URL GET HTTP/1.1
ddna.top/favicon.ico
IP
162.19.139.143:443
ASN
#16276 OVH SAS

Requested by
https://ddna.top/project/barmaley
Certificate
IssuerLet's Encrypt
Subjectddna.top
FingerprintD0:D7:DE:C9:F0:92:A3:CB:31:22:5D:36:07:BD:DC:BD:FE:5A:5D:5E
ValiditySat, 13 Apr 2024 08:30:08 GMT - Fri, 12 Jul 2024 08:30:07 GMT

File type
MS Windows icon resource - 1 icon, 60x60, 32 bits/pixel
Size
589 B (589 bytes)
Hash
3674021a7e16fd3f86d52750089dfe54
32b1749f30490250049fbc3e7dbf94d03a520b66
f3cb74c089b7fb133fbf8d63e5b563410676cde0c73c7b96dc6da8551b0629f5

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ddna.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddna.top/project/barmaley
Cookie: msft=cl.b631b30b5a88107daad507607f60cdb4//69IEtZ3-_LbKBDnL0_g0BNVhDy-2E_py4K-UkNEhUY4=; access=9bc42570a1b980ac589ea83f640c671656fdc9271adb3efcc3d87cc97ef02bfd0d15fbcb314d5ca3334c669b3bb35183d3e2dfc1b1434340dfb9863e6524bb20d8123fb73f431b576fb36864d69740d0c583d731980ef8cf9be3560c30854586f65a52fd1ae11e1978c9cfff8e419d95f985ebeacd6e3e4c3e602f31e4606e794fc76f980c2e049ab92e9f8bcbb320ff43cbef618de4a64b94c34e5b1c1613a4a5f34fe6b36188db01195f9bcf7cccc1cc7c708d11b84e0234aa2a2148b7a51ff3295ea0142ec6ef8c5f119c483066bdea17a35c06c727020ec913f4b5c007c64d91d8df57a5779ce8751c4baa5dc6a467e216e25131adbda4828dad529680ebd39916197a6f826ee4917145f779c177ef8bdc64f0310daf; uniq=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 589
Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: br
Content-Type: image/x-icon
Date: Tue, 16 Apr 2024 03:35:45 GMT
Etag: "6618937f-3a5e"
Last-Modified: Fri, 12 Apr 2024 01:50:55 GMT
Server: CloudWarden
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Ua-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.170

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://ddna.top/project/barmaley
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
11 kB (10855 bytes)
Hash
48a3491552d067db0c92ff82a0d42a06
d5d5333cc6f0396e7c12a93cc31a601b6f2fe926
b08ddfa43fb4bfdc390f568e868a367806c0bc06ffb35a6c8d077be5abee87bb

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ddna.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 03:35:45 GMT
date: Tue, 16 Apr 2024 03:35:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ddna.top/project/barmaley
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ddna.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:37:01 GMT
expires: Fri, 11 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 435525
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ddna.top/project/barmaley

162.19.139.143

200 OK

2.9 kB

URL User Request GET HTTP/1.1
ddna.top/project/barmaley
IP
162.19.139.143:443
ASN
#16276 OVH SAS

Certificate
IssuerLet's Encrypt
Subjectddna.top
FingerprintD0:D7:DE:C9:F0:92:A3:CB:31:22:5D:36:07:BD:DC:BD:FE:5A:5D:5E
ValiditySat, 13 Apr 2024 08:30:08 GMT - Fri, 12 Jul 2024 08:30:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2942), with no line terminators
Size
2.9 kB (2851 bytes)
Hash
711e76f22f81f1b03b85bb6fb89be01b
64cc8f0f109f612a5d7ec8f05fc5c3caf2e17f12
3fd2428f028afd1fcd3a6a16559eb137d4f1a2e49e969479e08dc8fae681c164

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	PayPal Inc.

HTTP Headers

GET /project/barmaley HTTP/1.1
Host: ddna.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: msft=cl.b631b30b5a88107daad507607f60cdb4//69IEtZ3-_LbKBDnL0_g0BNVhDy-2E_py4K-UkNEhUY4=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 16 Apr 2024 03:35:45 GMT
Etag: W/"b23-5DcJfy7uP3KTDmexlU7RP/Drc0U"
Server: CloudWarden
Set-Cookie: access=9bc42570a1b980ac589ea83f640c671656fdc9271adb3efcc3d87cc97ef02bfd0d15fbcb314d5ca3334c669b3bb35183d3e2dfc1b1434340dfb9863e6524bb20d8123fb73f431b576fb36864d69740d0c583d731980ef8cf9be3560c30854586f65a52fd1ae11e1978c9cfff8e419d95f985ebeacd6e3e4c3e602f31e4606e794fc76f980c2e049ab92e9f8bcbb320ff43cbef618de4a64b94c34e5b1c1613a4a5f34fe6b36188db01195f9bcf7cccc1cc7c708d11b84e0234aa2a2148b7a51ff3295ea0142ec6ef8c5f119c483066bdea17a35c06c727020ec913f4b5c007c64d91d8df57a5779ce8751c4baa5dc6a467e216e25131adbda4828dad529680ebd39916197a6f826ee4917145f779c177ef8bdc64f0310daf; Max-Age=600; Path=/; Expires=Tue, 16 Apr 2024 03:45:45 GMT; HttpOnly; Secure; SameSite=Strict
uniq=true; Max-Age=600000; Path=/; Expires=Tue, 23 Apr 2024 02:15:45 GMT; HttpOnly; Secure; SameSite=Strict
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: Express
X-Ua-Compatible: IE=Edge
X-Xss-Protection: 1; mode=block

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

142.250.74.131

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://ddna.top/project/barmaley
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9628, version 1.0
Size
9.6 kB (9628 bytes)
Hash
d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ddna.top
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:37:03 GMT
expires: Fri, 11 Apr 2025 02:37:03 GMT
cache-control: public, max-age=31536000
age: 435523
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (7)

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections