Report - sdfsdffsoe.manretellone.com/

Report Overview

Submitted URL
sdfsdffsoe.manretellone.com/
IP
103.122.164.202
ASN
#132372 GB Network Solutions Sdn. Bhd.
Submitted
2023-05-25 05:25:06
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sdfsdffsoe.manretellone.com	unknown	2022-05-09	2023-05-11	2023-05-24	3.5 kB	276 kB	103.122.164.202
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-24	2.0 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-24	1.7 kB	42 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-24	462 B	7.6 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-25 05:24:49	high	103.122.164.202	Client IP	ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)
2023-05-25 05:24:49	high	103.122.164.202	Client IP	ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-25	medium	sdfsdffsoe.manretellone.com/
2023-05-25	medium	sdfsdffsoe.manretellone.com/design/assets/js/main.js
2023-05-25	medium	sdfsdffsoe.manretellone.com/design/assets/js/skel.min.js
2023-05-25	medium	sdfsdffsoe.manretellone.com/design/assets/js/util.js
2023-05-25	medium	sdfsdffsoe.manretellone.com/design/assets/js/jquery.min.js
2023-05-25	medium	sdfsdffsoe.manretellone.com/design/assets/fonts/fontawesome-webfont.woff2?v=4.6.3

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	sdfsdffsoe.manretellone.com/design/assets/js/jquery.min.js	96 kB	2023-03-07	2024-04-25
Pretty URL sdfsdffsoe.manretellone.com/design/assets/js/jquery.min.js IP 103.122.164.202 ASN #132372 GB Network Solutions Sdn. Bhd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-04-25 06:07:25 Times Seen10382 Hash 895323ed2f7258af4fae2c738c8aea49 276c87ff3e1e3155679c318938e74e5c1b76d809 ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8 Loading...

	sdfsdffsoe.manretellone.com/design/assets/js/skel.min.js	9.1 kB	2023-03-07	2024-04-24
Pretty URL sdfsdffsoe.manretellone.com/design/assets/js/skel.min.js IP 103.122.164.202 ASN #132372 GB Network Solutions Sdn. Bhd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:23 Last Seen2024-04-24 06:22:36 Times Seen392 Hash df4f8930f3747bbadcdeb7dfe326ed73 475a99682e46ad061915a11a9adb3fad82258d3c afa9ae8eec6cb530d00256d71c700f9f0d72d298bd50f3af7f4450aa9aed2c98 Loading...

	sdfsdffsoe.manretellone.com/design/assets/js/util.js	12 kB	2023-03-07	2024-03-03
Pretty URL sdfsdffsoe.manretellone.com/design/assets/js/util.js IP 103.122.164.202 ASN #132372 GB Network Solutions Sdn. Bhd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:23 Last Seen2024-03-03 16:53:00 Times Seen574 Hash 31f3e8b0cbedca627878a2b6d868bc14 3ece9010adc07dd3dc27ced0e22e7ac8bcd16e14 b5424d77c6e517893b9adc5a6cf11428e58461ad9768ad056d918ff1d295c5f6 Loading...

	sdfsdffsoe.manretellone.com/design/assets/js/main.js	1.4 kB	2023-03-07	2024-03-03
Pretty URL sdfsdffsoe.manretellone.com/design/assets/js/main.js IP 103.122.164.202 ASN #132372 GB Network Solutions Sdn. Bhd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:23 Last Seen2024-03-03 16:53:00 Times Seen55 Hash db270d5c79270c678f0d61a61a564cf4 2a777f76f40dff6adaa3310ee4e717773eb337f4 dcf9f77b21059d0daf67c5ed5d1a5ddb15ab149c221b3f1c42b091029f8cdf9f Loading...

HTTP Transactions (19)

URL IP Response Size

sdfsdffsoe.manretellone.com/

103.122.164.202

200 OK

2.0 kB

URL User Request GET HTTP/1.1
sdfsdffsoe.manretellone.com/
IP
103.122.164.202:80
ASN
#132372 GB Network Solutions Sdn. Bhd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
2.0 kB (1961 bytes)
Hash
3a9239f4ce4d7e3d3c5809353145d824
942bd44429e74f16f92b21a93573a4fc3438615b
c237753328e29896e8daa795bb668f2fcc5e8c99e46a60f31d27d60efd9d5bcd

Detections

Analyzer	Verdict	Alert
fortinet	Spam

HTTP Headers

GET / HTTP/1.1
Host: sdfsdffsoe.manretellone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 May 2023 05:24:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Content-Length: 1961
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

sdfsdffsoe.manretellone.com/design/assets/js/main.js

103.122.164.202

200 OK

1.4 kB

URL GET HTTP/1.1
sdfsdffsoe.manretellone.com/design/assets/js/main.js
IP
103.122.164.202:80
ASN
#132372 GB Network Solutions Sdn. Bhd.

Requested by
http://sdfsdffsoe.manretellone.com/

File type
HTML document, ASCII text
Size
1.4 kB (1406 bytes)
Hash
db270d5c79270c678f0d61a61a564cf4
2a777f76f40dff6adaa3310ee4e717773eb337f4
dcf9f77b21059d0daf67c5ed5d1a5ddb15ab149c221b3f1c42b091029f8cdf9f

Detections

Analyzer	Verdict	Alert
fortinet	Spam

HTTP Headers

GET /design/assets/js/main.js HTTP/1.1
Host: sdfsdffsoe.manretellone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sdfsdffsoe.manretellone.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 May 2023 05:24:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 22 Dec 2020 16:25:10 GMT
ETag: "57e-5b71004bf28c6"
Accept-Ranges: bytes
Content-Length: 1406
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

sdfsdffsoe.manretellone.com/design/assets/js/skel.min.js

103.122.164.202

200 OK

9.1 kB

URL GET HTTP/1.1
sdfsdffsoe.manretellone.com/design/assets/js/skel.min.js
IP
103.122.164.202:80
ASN
#132372 GB Network Solutions Sdn. Bhd.

Requested by
http://sdfsdffsoe.manretellone.com/

File type
ASCII text, with very long lines (9033)
Size
9.1 kB (9084 bytes)
Hash
df4f8930f3747bbadcdeb7dfe326ed73
475a99682e46ad061915a11a9adb3fad82258d3c
afa9ae8eec6cb530d00256d71c700f9f0d72d298bd50f3af7f4450aa9aed2c98

Detections

Analyzer	Verdict	Alert
fortinet	Spam

HTTP Headers

GET /design/assets/js/skel.min.js HTTP/1.1
Host: sdfsdffsoe.manretellone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sdfsdffsoe.manretellone.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 May 2023 05:24:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 22 Dec 2020 16:25:09 GMT
ETag: "237c-5b71004ac86f4"
Accept-Ranges: bytes
Content-Length: 9084
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

sdfsdffsoe.manretellone.com/design/assets/js/util.js

103.122.164.202

200 OK

12 kB

URL GET HTTP/1.1
sdfsdffsoe.manretellone.com/design/assets/js/util.js
IP
103.122.164.202:80
ASN
#132372 GB Network Solutions Sdn. Bhd.

Requested by
http://sdfsdffsoe.manretellone.com/

File type
ASCII text
Size
12 kB (11847 bytes)
Hash
31f3e8b0cbedca627878a2b6d868bc14
3ece9010adc07dd3dc27ced0e22e7ac8bcd16e14
b5424d77c6e517893b9adc5a6cf11428e58461ad9768ad056d918ff1d295c5f6

Detections

Analyzer	Verdict	Alert
fortinet	Spam

HTTP Headers

GET /design/assets/js/util.js HTTP/1.1
Host: sdfsdffsoe.manretellone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sdfsdffsoe.manretellone.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 May 2023 05:24:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 22 Dec 2020 16:25:09 GMT
ETag: "2e47-5b71004b2b8fd"
Accept-Ranges: bytes
Content-Length: 11847
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

sdfsdffsoe.manretellone.com/design/assets/css/main.css

103.122.164.202

200 OK

50 kB

URL GET HTTP/1.1
sdfsdffsoe.manretellone.com/design/assets/css/main.css
IP
103.122.164.202:80
ASN
#132372 GB Network Solutions Sdn. Bhd.

Requested by
http://sdfsdffsoe.manretellone.com/

File type
Unicode text, UTF-8 text, with very long lines (493)
Size
50 kB (50519 bytes)
Hash
b7a629a888785fe79100c67dc5299a10
511bc5bb685372455a8b294523b8a0e5f866cdcb
ec90e49632c33ff1a5d9b2542ccc5cb889b9643ff47011459cb113239abf227c

HTTP Headers

GET /design/assets/css/main.css HTTP/1.1
Host: sdfsdffsoe.manretellone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sdfsdffsoe.manretellone.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 May 2023 05:24:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 22 Dec 2020 16:25:08 GMT
ETag: "c557-5b710049a0463"
Accept-Ranges: bytes
Content-Length: 50519
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02441e71b96dfcb212dc26c6742966fa
893af98d5499b9838549a364494517859f99e38e
2cffe2846eca0320d66174334f55ba35bd299aff59b40c730f7f4b179d542c7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 05:24:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02441e71b96dfcb212dc26c6742966fa
893af98d5499b9838549a364494517859f99e38e
2cffe2846eca0320d66174334f55ba35bd299aff59b40c730f7f4b179d542c7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 05:24:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sdfsdffsoe.manretellone.com/design/assets/js/jquery.min.js

103.122.164.202

200 OK

96 kB

URL GET HTTP/1.1
sdfsdffsoe.manretellone.com/design/assets/js/jquery.min.js
IP
103.122.164.202:80
ASN
#132372 GB Network Solutions Sdn. Bhd.

Requested by
http://sdfsdffsoe.manretellone.com/

File type
ASCII text, with very long lines (32038)
Size
96 kB (95957 bytes)
Hash
895323ed2f7258af4fae2c738c8aea49
276c87ff3e1e3155679c318938e74e5c1b76d809
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Detections

Analyzer	Verdict	Alert
fortinet	Spam

HTTP Headers

GET /design/assets/js/jquery.min.js HTTP/1.1
Host: sdfsdffsoe.manretellone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sdfsdffsoe.manretellone.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 May 2023 05:24:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 22 Dec 2020 16:25:10 GMT
ETag: "176d5-5b71004b8fe8d"
Accept-Ranges: bytes
Content-Length: 95957
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

sdfsdffsoe.manretellone.com/design/assets/css/font-awesome.min.css

103.122.164.202

200 OK

30 kB

URL GET HTTP/1.1
sdfsdffsoe.manretellone.com/design/assets/css/font-awesome.min.css
IP
103.122.164.202:80
ASN
#132372 GB Network Solutions Sdn. Bhd.

Requested by
http://sdfsdffsoe.manretellone.com/

File type
ASCII text, with very long lines (30240)
Size
30 kB (30403 bytes)
Hash
7e3f3c12c932a397bafadb7dfda07ebb
a3ee202873390015bbebdce1d4a150c8208043c5
b952b7cf4dd78b5a73326ac7eaf18b9e9ffd06cadff2a54fbe5eaba7c8a42d30

HTTP Headers

GET /design/assets/css/font-awesome.min.css HTTP/1.1
Host: sdfsdffsoe.manretellone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sdfsdffsoe.manretellone.com/design/assets/css/main.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 May 2023 05:24:50 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 22 Dec 2020 16:25:08 GMT
ETag: "76c3-5b71004a0366c"
Accept-Ranges: bytes
Content-Length: 30403
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
abec0b27117032d4b87c029a25e2ce98
4c80c24717da4be72fd100343c5e92c1724ccd74
bc6bffd934c5172ab19ec9a41808b5543016f109670947e16c7ba285a295f606

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 05:24:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
abec0b27117032d4b87c029a25e2ce98
4c80c24717da4be72fd100343c5e92c1724ccd74
bc6bffd934c5172ab19ec9a41808b5543016f109670947e16c7ba285a295f606

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 05:24:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

216.58.207.227

200 OK

13 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://sdfsdffsoe.manretellone.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Size
13 kB (12956 bytes)
Hash
1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sdfsdffsoe.manretellone.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:50:09 GMT
expires: Sun, 19 May 2024 07:50:09 GMT
cache-control: public, max-age=31536000
age: 423282
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
abec0b27117032d4b87c029a25e2ce98
4c80c24717da4be72fd100343c5e92c1724ccd74
bc6bffd934c5172ab19ec9a41808b5543016f109670947e16c7ba285a295f606

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 05:24:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

216.58.207.227

200 OK

13 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://sdfsdffsoe.manretellone.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Size
13 kB (13052 bytes)
Hash
7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sdfsdffsoe.manretellone.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 May 2023 00:16:39 GMT
expires: Thu, 23 May 2024 00:16:39 GMT
cache-control: public, max-age=31536000
age: 104892
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

216.58.207.227

200 OK

13 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://sdfsdffsoe.manretellone.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Size
13 kB (13036 bytes)
Hash
0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

HTTP Headers

GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://sdfsdffsoe.manretellone.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 17:39:39 GMT
expires: Sun, 19 May 2024 17:39:39 GMT
cache-control: public, max-age=31536000
age: 387912
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
abec0b27117032d4b87c029a25e2ce98
4c80c24717da4be72fd100343c5e92c1724ccd74
bc6bffd934c5172ab19ec9a41808b5543016f109670947e16c7ba285a295f606

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 05:24:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sdfsdffsoe.manretellone.com/design/assets/fonts/fontawesome-webfont.woff2?v=4.6.3

103.122.164.202

200 OK

72 kB

URL GET HTTP/1.1
sdfsdffsoe.manretellone.com/design/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
IP
103.122.164.202:80
ASN
#132372 GB Network Solutions Sdn. Bhd.

Requested by
http://sdfsdffsoe.manretellone.com/

File type
Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Size
72 kB (71896 bytes)
Hash
e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Detections

Analyzer	Verdict	Alert
fortinet	Spam

HTTP Headers

GET /design/assets/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: sdfsdffsoe.manretellone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://sdfsdffsoe.manretellone.com/design/assets/css/font-awesome.min.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 25 May 2023 05:24:51 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 22 Dec 2020 16:25:06 GMT
ETag: "118d8-5b71004876292"
Accept-Ranges: bytes
Content-Length: 71896
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

sdfsdffsoe.manretellone.com/favicon.ico

103.122.164.202

404 Not Found

0 B

URL GET HTTP/1.0
sdfsdffsoe.manretellone.com/favicon.ico
IP
103.122.164.202:80
ASN
#132372 GB Network Solutions Sdn. Bhd.

Requested by
http://sdfsdffsoe.manretellone.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sdfsdffsoe.manretellone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://sdfsdffsoe.manretellone.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.0 404 Not Found
Date: Thu, 25 May 2023 05:24:51 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600

142.250.74.106

200 OK

7.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://sdfsdffsoe.manretellone.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (7118), with no line terminators
Size
7.0 kB (6950 bytes)
Hash
de995c6d0ef37aefb01b7bfae1532959
15e495627124ede44bd297e2ae604556e57a1cea
63bbf3940e862f18cc296edc328a93b839e5c5f3d423e9a904cff3b19f24e85c

HTTP Headers

GET /css?family=Source+Sans+Pro:300,400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://sdfsdffsoe.manretellone.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 May 2023 05:24:50 GMT
date: Thu, 25 May 2023 05:24:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections