Report - webmail.amanetnonstopdrumultaberei.ro/

Report Overview

Submitted URL
webmail.amanetnonstopdrumultaberei.ro/
IP
89.40.19.92
ASN
#5606 GTS Telecom SRL
Submitted
2022-11-17 23:42:09
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
48

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	59 kB	34.120.237.76
webmail.amanetnonstopdrumultaberei.ro	unknown	2021-04-05T12:40:07Z	2022-11-18T00:41:58Z	7.6 kB	114 kB	89.40.19.92
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.149.219.22
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.comodoca.com	1696	2012-05-21T09:01:17Z	2023-03-10T14:02:39Z	341 B	1.0 kB	104.18.32.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed
2022-11-17	medium	amanetnonstopdrumultaberei.ro	Sinkholed

JavaScript (2)

	URL	Size	First Seen	Last Seen
	webmail.amanetnonstopdrumultaberei.ro/	19 kB	2023-03-11	2023-03-11
Pretty URL webmail.amanetnonstopdrumultaberei.ro/ IP 89.40.19.92 ASN #5606 GTS Telecom SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:40:18 Last Seen2023-03-11 13:40:18 Times Seen1 Hash d99d98090f61d7c18ab1b7b58becc484 8dd5aedeb6e325af0f2864232978ff0c6d643b8b 051d7b4c1c1c7b5c006f8e02660778f7fccdc286b52bb68f04b9c5ba93ee43b8 Loading...

	webmail.amanetnonstopdrumultaberei.ro/	84 B	2023-03-07	2024-04-18
Pretty URL webmail.amanetnonstopdrumultaberei.ro/ IP 89.40.19.92 ASN #5606 GTS Telecom SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-18 12:54:36 Times Seen1350 Hash f88baf75b8e07dd7ec741e96546bc4f7 a74b22312f7ce6ea751190a32f188b305f2e71e3 1e5f5c8697f7a5934a4e88d298805feb7272c5ae7b1a357b44ec0b5289b60a50 Loading...

HTTP Transactions (32)

URL IP Response Size

webmail.amanetnonstopdrumultaberei.ro/

89.40.19.92

301 Moved Permanently

162 B

URL HTTP/1.1
webmail.amanetnonstopdrumultaberei.ro/
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 17 Nov 2022 23:41:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://webmail.amanetnonstopdrumultaberei.ro/
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Surrogate-Control: public, max-age=300
Cache-Control: public, max-age=300

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d27590a1d3cbe1e9632b8ae92aaae3f4
202b34e8a0c3b88c8826fd56c6227b34f2cd6f46
6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7189
Expires: Fri, 18 Nov 2022 01:41:47 GMT
Date: Thu, 17 Nov 2022 23:41:58 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
be1be806b5dca7facbb45a6c3db44652
7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4
1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5530
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:41:59 GMT
Last-Modified: Thu, 17 Nov 2022 22:09:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 17 Nov 2022 22:44:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3422
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3a38b6dd8a4cc335c026aebf2ed348b6
8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8
8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2972
Expires: Fri, 18 Nov 2022 00:31:31 GMT
Date: Thu, 17 Nov 2022 23:41:59 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: vI1VBsY3hBEZJZxCWhjbuTO8xkWxwG69QEkFBmj0m5CK3ge/zW9am7uBQVIOkBUTr1msEVFzthk=
x-amz-request-id: 9GFY0Q0DKEEC7FH6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 17 Nov 2022 22:52:39 GMT
age: 2960
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:41:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.comodoca.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.comodoca.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
c87a67438c76a2477c10859df75103fc
30202de9d04bfb0f176a44d6a2beda29ca54e345
5039264f5ba06eac3bc85a308497afce983d9ae670b9b89da8377bb77051842c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:41:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 05:46:29 GMT
Expires: Tue, 22 Nov 2022 05:46:28 GMT
Etag: "30202de9d04bfb0f176a44d6a2beda29ca54e345"
Cache-Control: max-age=366868,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc51fcc9210b55-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 17 Nov 2022 23:25:01 GMT
cache-control: public,max-age=3600
age: 1018
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c10055ce87434f700ff8b20e3be1f919
477b3c9f1da0c464282bb54572737e76b6e346da
4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5279
Cache-Control: max-age=125575
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:41:59 GMT
Etag: "6375f9af-1d7"
Expires: Sat, 19 Nov 2022 10:34:54 GMT
Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/webmail-logo.svg

89.40.19.92

200 OK

3.4 kB

URL HTTP/2
webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/webmail-logo.svg
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type
data
Size
3.4 kB (3390 bytes)
Hash
5cfa6c62434d24f5a292a2cc40d7fe46
a34587f09d4941c0818ea7fadf0971a2508631e5
c478fd43918041d2a68b18e1207f811ce621d80a727c34441beb2ebe08a76ae2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/webmail-logo.svg HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/svg+xml
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
content-encoding: gzip
X-Firefox-Spdy: h2

webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-username.png

89.40.19.92

200 OK

320 B

URL HTTP/2
webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-username.png
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
320 B (320 bytes)
Hash
07ff84f8c855e5fe9d510ff5c9a4b1e4
11c262053e2b9be57d1dba7cb3d916ef041a0e50
05ce0f813e6236158fa1d115faba62cd2041aab1878cac0960a0f45575cece1e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-username.png HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/png
content-length: 320
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2

webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-password.png

89.40.19.92

200 OK

450 B

URL HTTP/2
webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-password.png
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
450 B (450 bytes)
Hash
7ac1cefcb7eab93c6d6981ecde6c1635
1523f8cb80ab19108549d0b7db31a58b71c05d39
a02998df88a6efb0baa526796b2b682ce9fdd6471ceb19170b326320f22f7053

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-password.png HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/png
content-length: 450
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2

webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css

89.40.19.92

200 OK

54 kB

URL HTTP/2
webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type
data
Size
54 kB (53605 bytes)
Hash
a4172dee8cc02ef6ba6c3af267f7c755
8e90fa3fdc40d4e022835580b116f6c4184c64ee
7802663271289f275d6a56cd1270bf8a751ef34b77507adf672e25377c669e5c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: text/css
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Wed, 08 Sep 2021 01:49:37 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
content-encoding: gzip
X-Firefox-Spdy: h2

webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff

89.40.19.92

200 OK

23 kB

URL HTTP/2
webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type
Web Open Font Format, TrueType, length 22908, version 1.0\012- data
Size
23 kB (22908 bytes)
Hash
697574b47bcfdd2c45e3e63c7380dd67
4590722b795938e0b6ff1b99701d1abe37aeabef
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: application/font-woff
content-length: 22908
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Tue, 23 Mar 2021 16:37:21 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2

webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff

89.40.19.92

200 OK

22 kB

URL HTTP/2
webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type
Web Open Font Format, TrueType, length 22432, version 1.0\012- data
Size
22 kB (22432 bytes)
Hash
2e90d5152ce92858b62ba053c7b9d2cb
8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: application/font-woff
content-length: 22432
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Tue, 23 Mar 2021 16:37:21 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2

webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-success.png

89.40.19.92

200 OK

962 B

URL HTTP/2
webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-success.png
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
962 B (962 bytes)
Hash
0a0ec2a6468d4d1aa3fc2baa70271ac8
a31fb01790aca8dc1976450e4234cb6ccc328956
cafbe3036533fe094931f5745f8cb9962a34409522e93d63ac8427acb9a02c79

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-success.png HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/png
content-length: 962
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2

webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-info.png

89.40.19.92

200 OK

976 B

URL HTTP/2
webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-info.png
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
976 B (976 bytes)
Hash
14146cf832470d9beca95a708a1d6f8d
d4b506f92876baea69409f3a78c4718757a53b33
95f8a142dd96c310afeb75329ef504f162ab3102a81fc07f20b268361990f526

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-info.png HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/png
content-length: 976
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2

webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/warning.png

89.40.19.92

200 OK

1.1 kB

URL HTTP/2
webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/warning.png
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type
PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1060 bytes)
Hash
a64b8c7407bf94cc4448cb210bb882e7
a526cf52b2c5b6c2d0409b886de4aa968000fcd8
7ecb82019606d891c5197d2f8ba24ec323d9b10a089facc82d089ff1ec3d399b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/warning.png HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/png
content-length: 1060
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.149.219.22

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.219.22:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7JbaUw9ib6BqbbK3PPqqxQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ED8+oPqQDZzpJ4qYiPjqOVoVAYc=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5719
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:42:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5719
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:42:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5719
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:42:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5719
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:42:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4310 bytes)
Hash
292dc2edef978e128f70b96ee4b2b3e2
1530f860e2b54b7b382f59654db63eaed59c5f95
f74b08f1bdd35ea7ebb6e2887fc6c02abc76f9e276cd30d1d7d6475e667b5624

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4310
x-amzn-requestid: 6452483a-f96e-4f27-a18e-55e9206e7be6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-78FiToAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-4e366d3612f39c5c421e864e;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0biXrpW2TGcLKgAOqLdsgFkZ5lKewM0VFGeNTTrmHX7QEcuNzuwnvQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:14:32 GMT
age: 5249
etag: "1530f860e2b54b7b382f59654db63eaed59c5f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8155 bytes)
Hash
676b1603008690786aa36dc3113b7581
cbdc425467a5d41aba5e8e5c54354b4f03cd194a
7e5e7bf695ff31df6c97e502a44f4fa9197c6579b0c7a7c590457ea067d1cf1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8155
x-amzn-requestid: 5650af50-eb93-47d9-8322-8a2e263e12ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7vFU5IAMFYGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7e-759bbd5b5a22e07c1c181c0a;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VikBDm5_Bqbs0gLFkhbT6H3i6t57bnC0Xq-gkiJBILQ8Ynw_7RqWNA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:43 GMT
etag: "cbdc425467a5d41aba5e8e5c54354b4f03cd194a"
content-type: image/jpeg
age: 6378
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8884 bytes)
Hash
14649d486602810c1b218b96b27b2cc4
96c6cbfe31e7247c64dfa8c3759967627f8c6286
80f5d7573fd2bf4e6a6038ebf1335d159ad37c391ee539918455963d6ee88654

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8884
x-amzn-requestid: 3739b8f5-bb0c-4798-a931-e955dd6df81d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MiGFxoAMFlxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa50-74c24a2f737634b655a5b47c;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d_bLYyZzi1phYwQ2e5uvUmzO0GuvNu9Ubi2PQ0ChilQJegKr3uUiRw==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:53 GMT
etag: "96c6cbfe31e7247c64dfa8c3759967627f8c6286"
content-type: image/jpeg
age: 6368
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11667 bytes)
Hash
032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: ae092a0a-1709-4497-9f07-0348a28d2491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqZOIEN7oAMFlaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637408c0-5ac595df302a8f1d3703ad8d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:46:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c_SJMaV3uYSUysTSOFV--jQqDUxw-fBp8cXWWUZw9vUjt0d6PsOpxA==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 02:49:36 GMT
age: 75145
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12065 bytes)
Hash
05289172c1455c4134e496c6f4606efd
ce1bb33256b0754f9acc01e7e9f3e5dc85f89244
a8b4411a0310cc376efe2aec7c0830b8d3b63b8827631b0ff43ec092f1f80f82

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12065
x-amzn-requestid: 45c97153-71c7-4985-a1ad-fc21a509d153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K5FyVIAMFtDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-0f9d22dd544a4580570f3089;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dxT2WJB7m5tUhgBn2PwTIN4Zskzm3X7CW-29hl1nCyNPbKt5j6q5iA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:27 GMT
age: 6394
etag: "ce1bb33256b0754f9acc01e7e9f3e5dc85f89244"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7631 bytes)
Hash
b2b393e36ee2c9649d90db136aa49542
e88c5832ff0c49bab181d948c3a510d88343bb6f
8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:40 GMT
age: 6561
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

webmail.amanetnonstopdrumultaberei.ro/

89.40.19.92

200 OK

0 B

URL HTTP/2
webmail.amanetnonstopdrumultaberei.ro/
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: text/html; charset="utf-8"
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, private, max-age=300, no-cache, no-store, must-revalidate, private, public, max-age=300
set-cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; HttpOnly; path=/; port=443; secure
roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
roundcube_sessauth=expired; HttpOnly; domain=webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
horde_secret_key=expired; HttpOnly; domain=.webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/horde; port=443; secure
PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
imp_key=expired; HttpOnly; domain=webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443
horde_secret_key=expired; HttpOnly; domain=.webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443
roundcube_cookies=enabled; HttpOnly; expires=Fri, 17-Nov-2023 23:42:00 GMT; path=/; port=443; secure
expires: Thu, 17 Nov 2022 23:47:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
content-encoding: gzip
X-Firefox-Spdy: h2

webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css

89.40.19.92

200 OK

0 B

URL HTTP/2
webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css
IP
89.40.19.92:0
ASN
#5606 GTS Telecom SRL

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: text/css
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Tue, 23 Mar 2021 16:37:21 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (32)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type