Report - demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag

Report Overview

Visited public
2023-12-06 23:49:32
Tags
Submit Tags
URL
demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Finishing URL
demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
IP / ASN
52.38.176.100
#16509 AMAZON-02
Title
Manage Your Subscription

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
p.typekit.net	620	2010-08-02	2012-05-23 16:28:57	2023-12-06 05:11:35	572 B	371 B	23.33.119.50
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-12-06 11:33:58	350 B	942 B	143.204.53.97
demandtechreports.benchurl.com	unknown	2014-04-11	2018-02-26 12:57:53	2023-12-05 08:22:06	5.5 kB	178 kB	52.35.250.25
use.typekit.com	14731	2006-07-11	2012-05-23 16:28:56	2023-12-06 10:03:32	3.9 kB	123 kB	23.36.76.186

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-06	medium	benchurl.com	Sinkholed
2023-12-06	medium	benchurl.com	Sinkholed
2023-12-06	medium	benchurl.com	Sinkholed
2023-12-06	medium	benchurl.com	Sinkholed
2023-12-06	medium	benchurl.com	Sinkholed
2023-12-06	medium	benchurl.com	Sinkholed
2023-12-06	medium	benchurl.com	Sinkholed
2023-12-06	medium	benchurl.com	Sinkholed
2023-12-06	medium	benchurl.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	use.typekit.com/oai6wkl.js	ScriptElement	18 kB	2023-04-11	2024-08-21
Pretty URL use.typekit.com/oai6wkl.js IP 23.36.76.186 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 23:23 Last Seen2024-08-21 08:28 Times Seen148 Hash 1ef84ed60077f08690b8f9ccac36ad1c f7fd68d756c23da073d8bac13db8b4cbe093ba5f 70ed4bee3174c13328a52a37df0f8acc4efde9bf2ae3fc9ec2e2ae185e516386 Loading...

	demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag	ScriptElement	0 B	0001-01-01	2025-07-05
Pretty URL demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag IP 52.35.250.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-05 16:28 Times Seen5289962 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag	ScriptElement	0 B	0001-01-01	2025-07-05
Pretty URL demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag IP 52.35.250.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-05 16:28 Times Seen5289962 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	demandtechreports.benchurl.com/script/jquery-1.7.1.min.js	ScriptElement	147 kB	2023-03-07	2025-02-06
Pretty URL demandtechreports.benchurl.com/script/jquery-1.7.1.min.js IP 52.35.250.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01 Last Seen2025-02-06 07:38 Times Seen345 Hash 42cf237d7b8d41da174502d8f4ddfcd2 92fdfa9e11d8ab103bb22047ebab12333631bcd8 7f4f6940064931390ca6686d8a593a3038e1a6f33bb4dc9d3ae612d9b2d799c3 Loading...

HTTP Transactions (18)

URL IP Response Size

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
051fe626bb3fa0522b0739b5f8fe67d0
d521fd408c352163a04a9cfdd7685cec5861ce7f
0927c068f315d1a4d5036aa5f366bc44299bc3f76b7fe953e4b3e2b26e29abd9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 06 Dec 2023 23:49:15 GMT
Last-Modified: Wed, 06 Dec 2023 23:01:09 GMT
Server: ECAcc (amb/6AFD)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T3BGJ5N_KlaCX66LF-soZaos6u4I2L1E2AFpky9lMB8lUP98NlM8AQ==
Age: 2886

GET demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag

52.35.250.25

200 OK

3.8 kB

URL User Request GET HTTP/2
demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
IP
52.35.250.25:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1708), with CRLF line terminators
Size
3.8 kB (3827 bytes)
Hash
91dcc8425e090f10b25863d0471cecf0
8cc37aecfa9415b704e697ed9cc432b827364ae0
b11b5e030e34b4b64b408fa31b07e4adc8e7d1f833b27bc79e91cc752f198d80

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag HTTP/1.1
Host: demandtechreports.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 23:49:15 GMT
content-type: text/html; charset=utf-8
content-length: 3827
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
set-cookie: ASP.NET_SessionId=aisl5sugpc3n2qd3x5qlv3zt; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-xss-protection: 0
X-Firefox-Spdy: h2

GET demandtechreports.benchurl.com/script/jquery-1.7.1.min.js

52.35.250.25

200 OK

49 kB

URL GET HTTP/2
demandtechreports.benchurl.com/script/jquery-1.7.1.min.js
IP
52.35.250.25:443
ASN
#16509 AMAZON-02

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33076), with CRLF line terminators
Size
49 kB (48981 bytes)
Hash
42cf237d7b8d41da174502d8f4ddfcd2
92fdfa9e11d8ab103bb22047ebab12333631bcd8
7f4f6940064931390ca6686d8a593a3038e1a6f33bb4dc9d3ae612d9b2d799c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /script/jquery-1.7.1.min.js HTTP/1.1
Host: demandtechreports.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Cookie: ASP.NET_SessionId=aisl5sugpc3n2qd3x5qlv3zt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 23:49:15 GMT
content-type: application/javascript
content-length: 48981
content-encoding: gzip
last-modified: Fri, 28 Sep 2012 12:59:01 GMT
accept-ranges: bytes
etag: "8058bc7799dcd1:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

GET demandtechreports.benchurl.com/css/header.css

52.35.250.25

200 OK

13 kB

URL GET HTTP/2
demandtechreports.benchurl.com/css/header.css
IP
52.35.250.25:443
ASN
#16509 AMAZON-02

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (419), with CRLF line terminators
Size
13 kB (13271 bytes)
Hash
96ff5db6547f62ab1273cba92d9c9eed
eb7442bb2f5f83966156bd288ea4953c4a7d5a4c
e2c4aab64c2c89ea7280cf53346f8fc9e051de8f8acf01e0d75d57217169db11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/header.css HTTP/1.1
Host: demandtechreports.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Cookie: ASP.NET_SessionId=aisl5sugpc3n2qd3x5qlv3zt
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 23:49:15 GMT
content-type: text/css
content-length: 13271
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 18:41:16 GMT
accept-ranges: bytes
etag: "06e3947261cd71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

GET use.typekit.com/oai6wkl.js

23.36.76.186

200 OK

6.7 kB

URL GET HTTP/2
use.typekit.com/oai6wkl.js
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2258)
Size
6.7 kB (6734 bytes)
Hash
341d5f7ee42ae3d9b3d54b68d5318ff6
509fc3b4f8469ce3ea90ca74ff407386bb47b8c5
ae8c31c790d8028094778b6eb6e77c780eb51d6c79030ebf816b06c90b104695

HTTP Headers

GET /oai6wkl.js HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6734
date: Wed, 06 Dec 2023 23:49:20 GMT
X-Firefox-Spdy: h2

GET use.typekit.com/af/aa8afb/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3

23.36.76.186

200 OK

18 kB

URL GET HTTP/2
use.typekit.com/af/aa8afb/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 18504, version 1.0\012- data
Size
18 kB (18504 bytes)
Hash
5cf4886debc81650fb7f6d93f03a503f
06e254aa32bcf2b5aa8bf1cea25568da56cf0495
e0ed483bba0a14e9fe3b33939500515282721fedb70a8ebad014233c02df57c2

HTTP Headers

GET /af/aa8afb/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demandtechreports.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 18504
etag: "f9e85be3f0c8dcdcbd6f0a8471a46280ab7bf664"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 23:49:20 GMT
X-Firefox-Spdy: h2

GET use.typekit.com/af/3b47e3/00000000000000003b9ad1bc/27/l?subset_id=2&fvd=i6&v=3

23.36.76.186

200 OK

19 kB

URL GET HTTP/2
use.typekit.com/af/3b47e3/00000000000000003b9ad1bc/27/l?subset_id=2&fvd=i6&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 19048, version 1.0\012- data
Size
19 kB (19048 bytes)
Hash
c58007eb95f4647b0fec64ff9429d800
252e0416e4b297e09b4d9244efa79cd9a3c72d43
1d4797f8814994226060d66485b71446067211dbdf5d1799c437c3ee63258d21

HTTP Headers

GET /af/3b47e3/00000000000000003b9ad1bc/27/l?subset_id=2&fvd=i6&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demandtechreports.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19048
etag: "131c73b236b0a451c55436b26d3b7857d5a10680"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 23:49:20 GMT
X-Firefox-Spdy: h2

GET use.typekit.com/af/8c5f68/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3

23.36.76.186

200 OK

19 kB

URL GET HTTP/2
use.typekit.com/af/8c5f68/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 19056, version 1.0\012- data
Size
19 kB (19056 bytes)
Hash
dddf341025f47901da49cc060730048c
83dc9cee8403778310f2fb5bd0e675192ddddf21
3b361d49881277ab3b92b0d7edc9f781f8f8ccb6738487b927140fee462aec1d

HTTP Headers

GET /af/8c5f68/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demandtechreports.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19056
etag: "518c5f781d51642b3cf2290d365b9b8257de6e1f"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 23:49:20 GMT
X-Firefox-Spdy: h2

GET use.typekit.com/af/b4e997/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3

23.36.76.186

200 OK

19 kB

URL GET HTTP/2
use.typekit.com/af/b4e997/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 18692, version 1.0\012- data
Size
19 kB (18692 bytes)
Hash
39f53d4a2d3741ca8ae973750256c214
cc904f0c5a3e1a9530798207091ea974155b4c1c
f1c1ae1a41ae40e40b10aa9c031ae6850548fe43a736725051753aa6c411668d

HTTP Headers

GET /af/b4e997/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demandtechreports.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 18692
etag: "80987524f2c82c2a36d727971941de8401d3f316"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 23:49:20 GMT
X-Firefox-Spdy: h2

GET demandtechreports.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Regular.woff2

52.35.250.25

200 OK

26 kB

URL GET HTTP/2
demandtechreports.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Regular.woff2
IP
52.35.250.25:443
ASN
#16509 AMAZON-02

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26116, version 7.0\012- data
Size
26 kB (26116 bytes)
Hash
a3f4bf30367a861f8a16f8c3a9029720
fc2b32c0f6c90e3119dd5e68dd86b062dcbc142a
6953e91532c8a4027421f3ec28b38ff4a2d03a7ab9f60a0a686a0eecbc0cf3e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/fonts/MessinaSans/MessinaSansWeb-Regular.woff2 HTTP/1.1
Host: demandtechreports.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/css/header.css
Cookie: ASP.NET_SessionId=aisl5sugpc3n2qd3x5qlv3zt
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 23:49:20 GMT
content-type: application/font-woff2
content-length: 26116
last-modified: Wed, 21 Mar 2018 23:21:12 GMT
accept-ranges: bytes
etag: "0e4ea4c6bc1d31:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

GET use.typekit.com/af/dcab3a/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3

23.36.76.186

200 OK

20 kB

URL GET HTTP/2
use.typekit.com/af/dcab3a/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 19524, version 1.0\012- data
Size
20 kB (19524 bytes)
Hash
fcb5c1dd5b07e3786979f619d8af41eb
8142eae602abd9abb15f886673773480082cb2ed
12f57218818734d0c49ab72316a2b415d984f309d217c8d79bed4ed0a0eca1af

HTTP Headers

GET /af/dcab3a/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demandtechreports.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19524
etag: "c85de2b0c8d27e8ecb10964d9c709a0e5397550c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 23:49:20 GMT
X-Firefox-Spdy: h2

GET use.typekit.com/af/9cba47/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3

23.36.76.186

200 OK

19 kB

URL GET HTTP/2
use.typekit.com/af/9cba47/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3
IP
23.36.76.186:443
ASN
#20940 Akamai International B.V.

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 19188, version 1.0\012- data
Size
19 kB (19188 bytes)
Hash
2052aabaa0038dd2e272016311a0e54b
fddfd48f49a13dee5e2f311d412ce837fdbe6faa
6d52e211ba98d5b5348088d0a9a42b3bc015f6f4ab8bee236f702cd09ba72b9d

HTTP Headers

GET /af/9cba47/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://demandtechreports.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19188
etag: "8887aa07a5e31ddeba60d1317cef52532c1e4862"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 23:49:20 GMT
X-Firefox-Spdy: h2

GET demandtechreports.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Bold.woff2

52.35.250.25

200 OK

26 kB

URL GET HTTP/2
demandtechreports.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Bold.woff2
IP
52.35.250.25:443
ASN
#16509 AMAZON-02

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26268, version 7.0\012- data
Size
26 kB (26268 bytes)
Hash
19ebcf5625bb72dc4ab22f9190b17a5a
c7fd59a75bafab683587ecd2829662a137e88d93
da4b872cba131f9b516b0f3512a1799358568c7961df90d134ffe6aa10c4b5d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/fonts/MessinaSans/MessinaSansWeb-Bold.woff2 HTTP/1.1
Host: demandtechreports.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/css/header.css
Cookie: ASP.NET_SessionId=aisl5sugpc3n2qd3x5qlv3zt
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 23:49:20 GMT
content-type: application/font-woff2
content-length: 26268
last-modified: Wed, 21 Mar 2018 23:21:12 GMT
accept-ranges: bytes
etag: "0e4ea4c6bc1d31:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

GET demandtechreports.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Light.woff2

52.35.250.25

200 OK

26 kB

URL GET HTTP/2
demandtechreports.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Light.woff2
IP
52.35.250.25:443
ASN
#16509 AMAZON-02

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26048, version 7.0\012- data
Size
26 kB (26048 bytes)
Hash
cf5f99a932802c3db892dc004bb7e48a
00801d6a023a2cb6bf03dfe0513d8b6721efb682
5b70004d9d7b33848a564f72ba6e3caf9d409594e59e79426733e2d6167c48ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/fonts/MessinaSans/MessinaSansWeb-Light.woff2 HTTP/1.1
Host: demandtechreports.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/css/header.css
Cookie: ASP.NET_SessionId=aisl5sugpc3n2qd3x5qlv3zt
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 23:49:20 GMT
content-type: application/font-woff2
content-length: 26048
last-modified: Wed, 21 Mar 2018 23:21:12 GMT
accept-ranges: bytes
etag: "0e4ea4c6bc1d31:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

GET p.typekit.net/p.gif?s=1&k=oai6wkl&ht=tk&h=demandtechreports.benchurl.com&f=139.140.173.174.175.176&a=536444&js=1.21.0&app=typekit&e=js&_=1701906566764

23.33.119.50

200 OK

35 B

URL GET HTTP/2
p.typekit.net/p.gif?s=1&k=oai6wkl&ht=tk&h=demandtechreports.benchurl.com&f=139.140.173.174.175.176&a=536444&js=1.21.0&app=typekit&e=js&_=1701906566764
IP
23.33.119.50:443
ASN
#20940 Akamai International B.V.

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

HTTP Headers

GET /p.gif?s=1&k=oai6wkl&ht=tk&h=demandtechreports.benchurl.com&f=139.140.173.174.175.176&a=536444&js=1.21.0&app=typekit&e=js&_=1701906566764 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
date: Wed, 06 Dec 2023 23:49:20 GMT
X-Firefox-Spdy: h2

GET demandtechreports.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-SemiBold.woff2

52.35.250.25

200 OK

26 kB

URL GET HTTP/2
demandtechreports.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-SemiBold.woff2
IP
52.35.250.25:443
ASN
#16509 AMAZON-02

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 26200, version 7.0\012- data
Size
26 kB (26200 bytes)
Hash
fd5254e5646086ed97bed0737315ae1b
0e36af0e295b96693375c3cd3b321083135ec8e7
de624aeea37498628577acc2389f507969c11a500ef4179057c9bd9cb5e019fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/fonts/MessinaSans/MessinaSansWeb-SemiBold.woff2 HTTP/1.1
Host: demandtechreports.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/css/header.css
Cookie: ASP.NET_SessionId=aisl5sugpc3n2qd3x5qlv3zt
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 23:49:20 GMT
content-type: application/font-woff2
content-length: 26200
last-modified: Wed, 21 Mar 2018 23:21:12 GMT
accept-ranges: bytes
etag: "0e4ea4c6bc1d31:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

GET demandtechreports.benchurl.com/images/favicon.png

52.35.250.25

200 OK

1.1 kB

URL GET HTTP/2
demandtechreports.benchurl.com/images/favicon.png
IP
52.35.250.25:443
ASN
#16509 AMAZON-02

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1077 bytes)
Hash
98afef26b0752d4e1c796cd7e224d300
26e39cc4862b2955012e3912d1749392969f80e0
56339793ef6148fdf17378abccd5ac5b1714e3eb639a272919e3c34272d5da41

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: demandtechreports.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Cookie: ASP.NET_SessionId=aisl5sugpc3n2qd3x5qlv3zt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 23:49:20 GMT
content-type: image/png
content-length: 1077
last-modified: Mon, 04 Feb 2019 16:12:19 GMT
accept-ranges: bytes
etag: "57dda267a4bcd41:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

GET demandtechreports.benchurl.com/images/apple-icon-touch.png

52.35.250.25

200 OK

4.0 kB

URL GET HTTP/2
demandtechreports.benchurl.com/images/apple-icon-touch.png
IP
52.35.250.25:443
ASN
#16509 AMAZON-02

Requested by
https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Certificate
IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Size
4.0 kB (3973 bytes)
Hash
8af45137d382b5063c8768af7526cf62
7cbff95a75254816d988a6867eb18b3af8b3f7f5
e51cd97d39afb1437022f77609690597d7c593c8e90517a296f85f6055b44e2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/apple-icon-touch.png HTTP/1.1
Host: demandtechreports.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://demandtechreports.benchurl.com/c/su?e=174DEBD&c=E2D1B&t=0&l=E05C70C0&email=laWvLF9EFCOhJ7bnWY9TbKTdT9TQc6ag
Cookie: ASP.NET_SessionId=aisl5sugpc3n2qd3x5qlv3zt
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 06 Dec 2023 23:49:20 GMT
content-type: image/png
content-length: 3973
last-modified: Fri, 24 Mar 2017 22:54:46 GMT
accept-ranges: bytes
etag: "497472a2f1a4d21:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP