Report - 84.46.255.42

Report Overview

Submitted URL
84.46.255.42
IP
84.46.255.42
ASN
#51167 Contabo GmbH
Submitted
2024-05-05 08:59:07
Access
public
Website Title
mailcow UI
Final URL
84.46.255.42/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
84.46.255.42	unknown	unknown	2022-11-29	2024-04-16	6.6 kB	1.7 MB	84.46.255.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed
2024-05-05	medium	84.46.255.42	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	84.46.255.42/	556 B	2023-03-13	2024-05-08
Pretty URL 84.46.255.42/ IP 84.46.255.42 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 14:24:52 Last Seen2024-05-08 17:29:40 Times Seen22 Hash cb7a44585af9bf55eca6bafeff8cf683 7b7eb940c87bee93eb91f50a2544c3f499e7880f 36df420a1509ed034001f03ea8089a3a832ec96784ce27d1e6942704c3c612fc Loading...

	84.46.255.42/cache/e595c6fb15432764e19ab4fd52f7c67eca5bfbf4.js	924 kB	2024-04-03	2024-05-08
Pretty URL 84.46.255.42/cache/e595c6fb15432764e19ab4fd52f7c67eca5bfbf4.js IP 84.46.255.42 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-03 12:28:16 Last Seen2024-05-08 17:29:40 Times Seen9 Hash 9f9e9c22237b70e3ba2da9ba73adbfc5 d2fecd683435d034832dd98402e40acd05899ae3 2381139ba2eb74be91394d53cf9999f7c2639362c853b428f99b00557edc67a6 Loading...

	84.46.255.42/	13 kB	2024-05-05	2024-05-05
Pretty URL 84.46.255.42/ IP 84.46.255.42 ASN #51167 Contabo GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-05 10:59:08 Last Seen2024-05-05 10:59:08 Times Seen1 Hash 4208800e5427a380ea8b109ccdb4ca77 d4d160505d27713e951fb0792b3d3c74d1ce58e1 0924a1c88178902d85a02cdf452b441c7c2599e2b4d5767e45a0ca9508b6870c Loading...

HTTP Transactions (15)

URL IP Response Size

84.46.255.42/

84.46.255.42

7.0 kB

URL User Request GET
84.46.255.42/
IP
84.46.255.42:0
ASN
#51167 Contabo GmbH

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1688), with CRLF, LF line terminators
Size
7.0 kB (7048 bytes)
Hash
6716926d50427c814ab1e3094ac89ed8
4577e356cc7a1958a3d087bae47e1c799d57384c
ad7b195b601b5e6a7239902db111a11d523fcdf54c1cb309867a417e26a77fed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=15768000;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin
Content-Encoding: gzip

84.46.255.42/cache/e9d7abaa5bdece3e1bd297a0acd7d21041e36c05.css

84.46.255.42

200 OK

176 kB

URL GET HTTP/1.1
84.46.255.42/cache/e9d7abaa5bdece3e1bd297a0acd7d21041e36c05.css
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
Unicode text, UTF-8 text, with very long lines (65170)
Size
176 kB (176048 bytes)
Hash
e36568ff4970a064ab7a57a1c0930cf0
ca7c618e746ff15d70527ccc78ba45f4679f0b5b
56ab678aa3390991067a1f4fa6ed3cfb0ea36ac8c17ac7d7f0794724481ddc17

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/e9d7abaa5bdece3e1bd297a0acd7d21041e36c05.css HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:41 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Mon, 05 May 2025 08:58:41 GMT
Pragma: cache
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=15768000;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin
Content-Encoding: gzip

84.46.255.42/img/cow_mailcow.svg

84.46.255.42

200 OK

5.2 kB

URL GET HTTP/1.1
84.46.255.42/img/cow_mailcow.svg
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
SVG Scalable Vector Graphics image
Size
5.2 kB (5247 bytes)
Hash
789d7247bcf7cb1dd8c41b70858393a2
d7c19a6abd1ae64f9a9fa3a28fdab75e6faf6c3d
86a8eab3a89e2fa7c65a068a93ed9b94536d58d77d8a931665d101f94bd70786

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/cow_mailcow.svg HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:41 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 10 Apr 2024 09:45:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"66165fbc-38d8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Content-Encoding: gzip

84.46.255.42/cache/e595c6fb15432764e19ab4fd52f7c67eca5bfbf4.js

84.46.255.42

200 OK

262 kB

URL GET HTTP/1.1
84.46.255.42/cache/e595c6fb15432764e19ab4fd52f7c67eca5bfbf4.js
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
262 kB (261772 bytes)
Hash
9f9e9c22237b70e3ba2da9ba73adbfc5
d2fecd683435d034832dd98402e40acd05899ae3
2381139ba2eb74be91394d53cf9999f7c2639362c853b428f99b00557edc67a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cache/e595c6fb15432764e19ab4fd52f7c67eca5bfbf4.js HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:41 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Mon, 05 May 2025 08:58:41 GMT
Pragma: cache
Cache-Control: max-age=31536000
Strict-Transport-Security: max-age=15768000;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin
Content-Encoding: gzip

84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-regular.woff2

84.46.255.42

200 OK

157 kB

URL GET HTTP/1.1
84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-regular.woff2
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
Web Open Font Format (Version 2), TrueType, length 156884, version 1.0
Size
157 kB (156884 bytes)
Hash
562c99547de538ff0ba6e31082d63f54
854b89b02edcc2358b34c0bd92847cadab9afaac
16bb3d8fb5c371c9e4fa6b5f313c0a5e2edd911c0ce6d0f9c3cee01e9560a2b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/noto-sans-v12-latin_greek_cyrillic-regular.woff2 HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:41 GMT
Content-Type: font/woff2
Content-Length: 156884
Last-Modified: Wed, 10 Apr 2024 09:45:32 GMT
Connection: keep-alive
ETag: "66165fbc-264d4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes

84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-700.woff2

84.46.255.42

200 OK

155 kB

URL GET HTTP/1.1
84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-700.woff2
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
Web Open Font Format (Version 2), TrueType, length 155152, version 1.0
Size
155 kB (155152 bytes)
Hash
c66bedf0712ec4954b9a63d8924c4b9e
6340eceeeb07f4234e0618df488e16062c68f65d
6a2f4003a98a3d8b367702823291c5e43078623288deff831d9d83c8f2db9b16

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/noto-sans-v12-latin_greek_cyrillic-700.woff2 HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:41 GMT
Content-Type: font/woff2
Content-Length: 155152
Last-Modified: Wed, 10 Apr 2024 09:45:32 GMT
Connection: keep-alive
ETag: "66165fbc-25e10"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes

84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-italic.woff2

84.46.255.42

200 OK

119 kB

URL GET HTTP/1.1
84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-italic.woff2
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
Web Open Font Format (Version 2), TrueType, length 119256, version 1.0
Size
119 kB (119256 bytes)
Hash
b3bf407526d73f71794361c5fb48290f
9473aff269af1a8912f6e4cfeeb3b20a84b83b21
a954c0a79c10d3b1bc92da8061a74c4bf99ade39a5f0b385de63e14e569a23db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/noto-sans-v12-latin_greek_cyrillic-italic.woff2 HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:42 GMT
Content-Type: font/woff2
Content-Length: 119256
Last-Modified: Wed, 10 Apr 2024 09:45:32 GMT
Connection: keep-alive
ETag: "66165fbc-1d1d8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes

84.46.255.42/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3

84.46.255.42

200 OK

102 kB

URL GET HTTP/1.1
84.46.255.42/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
Web Open Font Format (Version 2), TrueType, length 102536, version 1.0
Size
102 kB (102536 bytes)
Hash
1ed478a6b265d4b4f5c26bb063203588
1ca5e8c7d2fb8e9d60ad1a1feb2a46e98c248a3d
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3 HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:41 GMT
Content-Type: font/woff2
Content-Length: 102536
Last-Modified: Wed, 10 Apr 2024 09:45:32 GMT
Connection: keep-alive
ETag: "66165fbc-19088"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes

84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-700italic.woff2

84.46.255.42

200 OK

125 kB

URL GET HTTP/1.1
84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-700italic.woff2
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
Web Open Font Format (Version 2), TrueType, length 125244, version 1.0
Size
125 kB (125244 bytes)
Hash
dc1e0f60d0747904166eb7e3a6b516f3
3013731bd1a4e86083809168666082013810ecbb
0bc6089e574f4e86713e5c4911a09ed7766cdf6b6a23991a7d024ea3df16754d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/noto-sans-v12-latin_greek_cyrillic-700italic.woff2 HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:42 GMT
Content-Type: font/woff2
Content-Length: 125244
Last-Modified: Wed, 10 Apr 2024 09:45:32 GMT
Connection: keep-alive
ETag: "66165fbc-1e93c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes

84.46.255.42/api/v1/get/passwordpolicy/html

84.46.255.42

200 OK

20 B

URL GET HTTP/1.1
84.46.255.42/api/v1/get/passwordpolicy/html
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/v1/get/passwordpolicy/html HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://84.46.255.42/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:42 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: mail.adaletmail.com
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTION, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, X-Api-Key, Origin
Strict-Transport-Security: max-age=15768000;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin
Content-Encoding: gzip

84.46.255.42/favicon.png

84.46.255.42

200 OK

15 kB

URL GET HTTP/1.1
84.46.255.42/favicon.png
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
15 kB (15428 bytes)
Hash
e8abcc13e91dd6b7202be82d96e62463
398391e47cbd5969fec2a2ca990e4e350a3b45de
f07a34e9fb1ca9b35a3403ca35852910f097e95b2119d4ae2f5049259d866fcc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.png HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:42 GMT
Content-Type: image/png
Content-Length: 15428
Last-Modified: Wed, 10 Apr 2024 09:45:32 GMT
Connection: keep-alive
ETag: "66165fbc-3c44"
Strict-Transport-Security: max-age=15768000;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Robots-Tag: none
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin
Accept-Ranges: bytes

84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-700.woff2

84.46.255.42

200 OK

155 kB

URL GET HTTP/1.1
84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-700.woff2
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
Web Open Font Format (Version 2), TrueType, length 155152, version 1.0
Size
155 kB (155152 bytes)
Hash
c66bedf0712ec4954b9a63d8924c4b9e
6340eceeeb07f4234e0618df488e16062c68f65d
6a2f4003a98a3d8b367702823291c5e43078623288deff831d9d83c8f2db9b16

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/noto-sans-v12-latin_greek_cyrillic-700.woff2 HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:42 GMT
Content-Type: font/woff2
Content-Length: 155152
Last-Modified: Wed, 10 Apr 2024 09:45:32 GMT
Connection: keep-alive
ETag: "66165fbc-25e10"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes

84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-regular.woff2

84.46.255.42

200 OK

157 kB

URL GET HTTP/1.1
84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-regular.woff2
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
Web Open Font Format (Version 2), TrueType, length 156884, version 1.0
Size
157 kB (156884 bytes)
Hash
562c99547de538ff0ba6e31082d63f54
854b89b02edcc2358b34c0bd92847cadab9afaac
16bb3d8fb5c371c9e4fa6b5f313c0a5e2edd911c0ce6d0f9c3cee01e9560a2b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/noto-sans-v12-latin_greek_cyrillic-regular.woff2 HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:42 GMT
Content-Type: font/woff2
Content-Length: 156884
Last-Modified: Wed, 10 Apr 2024 09:45:32 GMT
Connection: keep-alive
ETag: "66165fbc-264d4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes

84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-italic.woff2

84.46.255.42

200 OK

119 kB

URL GET HTTP/1.1
84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-italic.woff2
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
Web Open Font Format (Version 2), TrueType, length 119256, version 1.0
Size
119 kB (119256 bytes)
Hash
b3bf407526d73f71794361c5fb48290f
9473aff269af1a8912f6e4cfeeb3b20a84b83b21
a954c0a79c10d3b1bc92da8061a74c4bf99ade39a5f0b385de63e14e569a23db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/noto-sans-v12-latin_greek_cyrillic-italic.woff2 HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:42 GMT
Content-Type: font/woff2
Content-Length: 119256
Last-Modified: Wed, 10 Apr 2024 09:45:32 GMT
Connection: keep-alive
ETag: "66165fbc-1d1d8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes

84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-700italic.woff2

84.46.255.42

200 OK

125 kB

URL GET HTTP/1.1
84.46.255.42/fonts/noto-sans-v12-latin_greek_cyrillic-700italic.woff2
IP
84.46.255.42:80
ASN
#51167 Contabo GmbH

Requested by
http://84.46.255.42/

File type
Web Open Font Format (Version 2), TrueType, length 125244, version 1.0
Size
125 kB (125244 bytes)
Hash
dc1e0f60d0747904166eb7e3a6b516f3
3013731bd1a4e86083809168666082013810ecbb
0bc6089e574f4e86713e5c4911a09ed7766cdf6b6a23991a7d024ea3df16754d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/noto-sans-v12-latin_greek_cyrillic-700italic.woff2 HTTP/1.1
Host: 84.46.255.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://84.46.255.42/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ba7fa0a129a5f5b9ea93487cb9b460be
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 May 2024 08:58:42 GMT
Content-Type: font/woff2
Content-Length: 125244
Last-Modified: Wed, 10 Apr 2024 09:45:32 GMT
Connection: keep-alive
ETag: "66165fbc-1e93c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL User Request GET

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size