Report - 185.95.26.76/

Report Overview

Submitted URL
185.95.26.76/
IP
185.95.26.76
ASN
#51468 One.com A/S
Submitted
2024-05-04 13:00:58
Access
public
Website Title
185.95.26.76/
Final URL
185.95.26.76/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-04	451 B	9.4 kB	216.58.207.234
185.95.26.76	unknown	unknown	No data	No data	718 B	806 B	185.95.26.76
placeholder.hostnet.nl	unknown	1999-01-05	2017-02-04	2023-12-23	2.8 kB	106 kB	91.184.8.112
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-04	437 B	35 kB	216.58.211.10
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	525 B	17 kB	216.58.207.227
placeholder.thebrandstones.nl	unknown	unknown	No data	No data	512 B	8.0 kB	185.95.26.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	185.95.26.76	Sinkholed
2024-05-04	medium	185.95.26.76	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js	93 kB	2023-03-07	2024-05-23
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:12:05 Last Seen2024-05-23 14:40:26 Times Seen6428 Hash 0b6ecf17e30037994d3ffee51b525914 d09d3a99ed25d0f1fbe6856de9e14ffd33557256 f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729 Loading...

	placeholder.hostnet.nl/vps/	872 B	2023-03-10	2024-05-04
Pretty URL placeholder.hostnet.nl/vps/ IP 91.184.8.112 ASN #51468 One.com A/S Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 00:42:39 Last Seen2024-05-04 15:01:04 Times Seen5 Hash 2cb1aa43d710ce211fc03049cc983e28 713d098ff5918c2b14a2430edbb7625eef8d7a88 af7cdd00effe857f61500ade1ee02b4065d3e502e1414fa8ea957548a2c4015f Loading...

HTTP Transactions (12)

URL IP Response Size

185.95.26.76/

185.95.26.76

200 OK

121 B

URL User Request GET HTTP/1.1
185.95.26.76/
IP
185.95.26.76:80
ASN
#51468 One.com A/S

File type
HTML document, ASCII text, with no line terminators
Size
121 B (121 bytes)
Hash
8f6f2d3e31c1e80ab1f3655d6859196e
cee1b877e76e6e02498b511b4af4254c776d7924
0b1ef6caa0ca757756e178ee5f4c1d8b332ed8a389cf91a095abc683f895f06d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 185.95.26.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Sat, 04 May 2024 13:00:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 06 Feb 2024 09:03:02 GMT
ETag: W/"87-610b2d881d5f4"
Content-Encoding: gzip

185.95.26.76/favicon.ico

185.95.26.76

404 Not Found

184 B

URL GET HTTP/1.1
185.95.26.76/favicon.ico
IP
185.95.26.76:80
ASN
#51468 One.com A/S

Requested by
http://185.95.26.76/

File type
HTML document, ASCII text
Size
184 B (184 bytes)
Hash
18ffb59b61525f781cf9251045be575d
bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 185.95.26.76
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://185.95.26.76/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.24.0
Date: Sat, 04 May 2024 13:00:33 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

placeholder.hostnet.nl/vps/

91.184.8.112

200 OK

16 kB

URL GET HTTP/2
placeholder.hostnet.nl/vps/
IP
91.184.8.112:443
ASN
#51468 One.com A/S

Requested by
https://placeholder.thebrandstones.nl/
Certificate
IssuerSectigo Limited
Subject*.hostnet.nl
Fingerprint02:1A:B5:AA:7E:D1:06:A8:5B:79:E0:47:3B:20:B3:6D:AA:86:1F:D3
ValidityMon, 15 Jan 2024 00:00:00 GMT - Thu, 13 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (560)
Size
16 kB (16268 bytes)
Hash
886b05290c75e9f54c025a855a552a24
41aca44013869c60bb3df9800657d8963947c7de
429d4b679b9666e4515a6d8c7eba5a094ca0242b6cb94a5bc62840851a649eb9

HTTP Headers

GET /vps/ HTTP/1.1
Host: placeholder.hostnet.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://placeholder.thebrandstones.nl/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: frame
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 05 Feb 2024 15:16:05 GMT
etag: "3f8c-610a3f0be9740"
accept-ranges: bytes
content-length: 16268
content-type: text/html; charset=UTF-8
date: Sat, 04 May 2024 13:00:33 GMT
server: Apache
X-Firefox-Spdy: h2

placeholder.hostnet.nl/css/general.css

91.184.8.112

200 OK

7.6 kB

URL GET HTTP/2
placeholder.hostnet.nl/css/general.css
IP
91.184.8.112:443
ASN
#51468 One.com A/S

Requested by
https://placeholder.hostnet.nl/vps/
Certificate
IssuerSectigo Limited
Subject*.hostnet.nl
Fingerprint02:1A:B5:AA:7E:D1:06:A8:5B:79:E0:47:3B:20:B3:6D:AA:86:1F:D3
ValidityMon, 15 Jan 2024 00:00:00 GMT - Thu, 13 Feb 2025 23:59:59 GMT

File type
assembler source, ASCII text
Size
7.6 kB (7551 bytes)
Hash
6498b58237a3b0e597afa164baabc9dc
d4e2de83c0b7356be293e15329657195bdf0f00b
983f5b6b80b318d1c58a8baefdaba98202f940b18670c1ea681054769fcc343c

HTTP Headers

GET /css/general.css HTTP/1.1
Host: placeholder.hostnet.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://placeholder.hostnet.nl/vps/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 05 Feb 2024 15:16:05 GMT
etag: "1d7f-610a3f0be9740"
accept-ranges: bytes
content-length: 7551
content-type: text/css
date: Sat, 04 May 2024 13:00:33 GMT
server: Apache
X-Firefox-Spdy: h2

placeholder.hostnet.nl/css/base.css

91.184.8.112

200 OK

2.0 kB

URL GET HTTP/2
placeholder.hostnet.nl/css/base.css
IP
91.184.8.112:443
ASN
#51468 One.com A/S

Requested by
https://placeholder.hostnet.nl/vps/
Certificate
IssuerSectigo Limited
Subject*.hostnet.nl
Fingerprint02:1A:B5:AA:7E:D1:06:A8:5B:79:E0:47:3B:20:B3:6D:AA:86:1F:D3
ValidityMon, 15 Jan 2024 00:00:00 GMT - Thu, 13 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (322)
Size
2.0 kB (1976 bytes)
Hash
2947ba7019f5b227781e3965fe978545
0ca8f2f62510ca0f9fe06c540649a1f07d7f7c25
17ae1c31ed90e40df9fccb6b9887eb618dcc472bde08a2d6fbaa1a1b60e2ee56

HTTP Headers

GET /css/base.css HTTP/1.1
Host: placeholder.hostnet.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://placeholder.hostnet.nl/vps/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 05 Feb 2024 15:16:05 GMT
etag: "7b8-610a3f0be9740"
accept-ranges: bytes
content-length: 1976
content-type: text/css
date: Sat, 04 May 2024 13:00:33 GMT
server: Apache
X-Firefox-Spdy: h2

placeholder.hostnet.nl/css/vps.css

91.184.8.112

200 OK

283 B

URL GET HTTP/2
placeholder.hostnet.nl/css/vps.css
IP
91.184.8.112:443
ASN
#51468 One.com A/S

Requested by
https://placeholder.hostnet.nl/vps/
Certificate
IssuerSectigo Limited
Subject*.hostnet.nl
Fingerprint02:1A:B5:AA:7E:D1:06:A8:5B:79:E0:47:3B:20:B3:6D:AA:86:1F:D3
ValidityMon, 15 Jan 2024 00:00:00 GMT - Thu, 13 Feb 2025 23:59:59 GMT

File type
ASCII text
Size
283 B (283 bytes)
Hash
f565762406f10f6776e7a87b9125be6e
df8ef88c988e79865452f7f147911a78cda683b3
499813d493e0534bfb574a32974cd5353fcf07c916c1b72bc5701f33858c2861

HTTP Headers

GET /css/vps.css HTTP/1.1
Host: placeholder.hostnet.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://placeholder.hostnet.nl/vps/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 05 Feb 2024 15:16:05 GMT
etag: "11b-610a3f0be9740"
accept-ranges: bytes
content-length: 283
content-type: text/css
date: Sat, 04 May 2024 13:00:33 GMT
server: Apache
X-Firefox-Spdy: h2

placeholder.hostnet.nl/images/hostnet.svg

91.184.8.112

200 OK

6.2 kB

URL GET HTTP/2
placeholder.hostnet.nl/images/hostnet.svg
IP
91.184.8.112:443
ASN
#51468 One.com A/S

Requested by
https://placeholder.hostnet.nl/vps/
Certificate
IssuerSectigo Limited
Subject*.hostnet.nl
Fingerprint02:1A:B5:AA:7E:D1:06:A8:5B:79:E0:47:3B:20:B3:6D:AA:86:1F:D3
ValidityMon, 15 Jan 2024 00:00:00 GMT - Thu, 13 Feb 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
6.2 kB (6195 bytes)
Hash
691fab00956000613fbf9c16fbff0d7a
e233e81ad46fb95424bb71c6d6b0da0003106c1d
1ce420276b228877b53b4662dcc1c57dffd030e39ee09f5d3eb29f062f66c773

HTTP Headers

GET /images/hostnet.svg HTTP/1.1
Host: placeholder.hostnet.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://placeholder.hostnet.nl/vps/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 05 Feb 2024 15:16:05 GMT
etag: "1833-610a3f0be9740"
accept-ranges: bytes
content-length: 6195
content-type: image/svg+xml
date: Sat, 04 May 2024 13:00:33 GMT
server: Apache
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

216.58.211.10

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://placeholder.hostnet.nl/vps/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65480)
Size
34 kB (33621 bytes)
Hash
0b6ecf17e30037994d3ffee51b525914
d09d3a99ed25d0f1fbe6856de9e14ffd33557256
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

HTTP Headers

GET /ajax/libs/jquery/1.8.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://placeholder.hostnet.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33621
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 01:36:37 GMT
expires: Sat, 03 May 2025 01:36:37 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 127436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

placeholder.hostnet.nl/images/header-vps-desktop.jpg

91.184.8.112

200 OK

71 kB

URL GET HTTP/2
placeholder.hostnet.nl/images/header-vps-desktop.jpg
IP
91.184.8.112:443
ASN
#51468 One.com A/S

Requested by
https://placeholder.hostnet.nl/vps/
Certificate
IssuerSectigo Limited
Subject*.hostnet.nl
Fingerprint02:1A:B5:AA:7E:D1:06:A8:5B:79:E0:47:3B:20:B3:6D:AA:86:1F:D3
ValidityMon, 15 Jan 2024 00:00:00 GMT - Thu, 13 Feb 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 970x564, components 3
Size
71 kB (70808 bytes)
Hash
fba17f5fdba9bfc5faa55e490820f336
6c67cdcb8a8da7483bfede2304063ceacd6b3b66
731aa4bc03c729f3fc7150e4de85a894194b3a53cf79f2c59b56e9e58eca558f

HTTP Headers

GET /images/header-vps-desktop.jpg HTTP/1.1
Host: placeholder.hostnet.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://placeholder.hostnet.nl/css/vps.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=31536000; includeSubDomains;
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
last-modified: Mon, 05 Feb 2024 15:16:05 GMT
etag: "11498-610a3f0be9740"
accept-ranges: bytes
content-length: 70808
content-type: image/jpeg
date: Sat, 04 May 2024 13:00:33 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://placeholder.hostnet.nl/vps/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://placeholder.hostnet.nl
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 12717
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

placeholder.thebrandstones.nl/

185.95.26.76

200 OK

7.8 kB

URL GET HTTP/2
placeholder.thebrandstones.nl/
IP
185.95.26.76:443
ASN
#51468 One.com A/S

Requested by
http://185.95.26.76/
Certificate
IssuerLet's Encrypt
Subjectplaceholder.thebrandstones.nl
Fingerprint8F:C8:82:49:09:9B:F9:32:66:0F:8B:67:93:C6:F0:F9:9C:8E:0A:8C
ValidityFri, 05 Apr 2024 13:58:31 GMT - Thu, 04 Jul 2024 13:58:30 GMT

File type
gzip compressed data, max speed, from Unix
Size
7.8 kB (7754 bytes)
Hash
e0965f4c4f5db9449ad499ab0936e101
315e16c5523070870603357238c171a71916659c
e285c2a0db9d5a54c66101ceb2cf8b7f241de778c30a98252176c469be96ea95

HTTP Headers

GET / HTTP/1.1
Host: placeholder.thebrandstones.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://185.95.26.76/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: frame
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 04 May 2024 13:00:33 GMT
content-type: text/html
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Mon, 05 Feb 2024 14:15:40 GMT
etag: W/"85-610a318b089e4"
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400,300,500,700

216.58.207.234

200 OK

8.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400,300,500,700
IP
216.58.207.234:443
ASN
#15169 GOOGLE

Requested by
https://placeholder.hostnet.nl/vps/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (8956), with no line terminators
Size
8.7 kB (8732 bytes)
Hash
91804c0df51e58b0bf469561e1ac2732
cc5a9023e310b49ef8f8ae32bb89ea774fe116ec
8a8aed46bfb9cdec8e34e76343b7e66796cf09926aef42efdfe5fa8a1fdda8aa

HTTP Headers

GET /css?family=Roboto:400,300,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://placeholder.hostnet.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 13:00:33 GMT
date: Sat, 04 May 2024 13:00:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (12)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by