Report - casamuralla.com/

Report Overview

Visited public
2023-11-28 11:31:53
Tags
URL
casamuralla.com/
Finishing URL
casamuralla.com/
IP / ASN
45.15.156.191
#39493 CJSC Kolomna-Sviaz TV
Title
Book Top Dubai Attraction Tickets & Tours 2023

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
use.typekit.net	494	2010-08-02	2012-07-05 03:42:39	2023-11-28 05:10:24	3.1 kB	355 kB	23.36.76.122
casamuralla.com	unknown	unknown	No data	No data	9.9 kB	1.6 MB	45.15.156.191
cdn-imgix.headout.com	775172	1996-11-04	2018-09-19 08:51:56	2023-11-18 16:03:59	2.9 kB	349 kB	143.204.55.18

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed
2023-11-28	medium	casamuralla.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	casamuralla.com/assets/js/jquery.js	ScriptElement	90 kB	2023-03-10	2025-05-09
Pretty URL casamuralla.com/assets/js/jquery.js IP 45.15.156.191 ASN #39493 CJSC Kolomna-Sviaz TV Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 04:24 Last Seen2025-05-09 02:40 Times Seen9205 Hash cf2fbbf84281d9ecbffb4993203d543b 832a6a4e86daf38b1975d705c5de5d9e5f5844bc a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575 Loading...

	casamuralla.com/assets/js/script.js	ScriptElement	5.6 kB	2023-11-28	2024-10-17
Pretty URL casamuralla.com/assets/js/script.js IP 45.15.156.191 ASN #39493 CJSC Kolomna-Sviaz TV Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 12:31 Last Seen2024-10-17 18:23 Times Seen7 Hash 8ee7777b1d9d839ac2255340500a4976 21d7c200b254cb56b98c48caacf5a9fa909ff912 c3e5eb33322df017f11d38b39b5323012ea0179c8976bd020718af845dc4058c Loading...

HTTP Transactions (29)

URL IP Response Size

use.typekit.net/af/165087/00000000000000007735adc0/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n5&v=3

23.36.76.122

200 OK

79 kB

URL GET HTTP/2
use.typekit.net/af/165087/00000000000000007735adc0/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n5&v=3
IP
23.36.76.122:443
ASN
#20940 Akamai International B.V.

Requested by
https://casamuralla.com/
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 78732, version 1.0\012- data
Size
79 kB (78732 bytes)
Hash
11badf1281b26a8b3897c582c2f2a415
1bbc66f3ca8b797278c22c3c9f391f7999f4b774
b8f4176bf1053d8a2ac130fa22b88ccde2727463f18154fe3b0f7533198c5c1e

HTTP Headers

GET /af/165087/00000000000000007735adc0/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casamuralla.com/
Origin: https://casamuralla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 78732
etag: "611065317ea5f987454d82c7218539cb72619020"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 28 Nov 2023 11:31:34 GMT
X-Firefox-Spdy: h2

casamuralla.com/assets/img/Dubai-tickets-black.svg

45.15.156.191

200 OK

20 kB

URL GET HTTP/2
casamuralla.com/assets/img/Dubai-tickets-black.svg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5055)
Size
20 kB (20256 bytes)
Hash
67efe31aac3d7a9c3ff55485489c99cf
ca8af82faa8133aae83acf9df1f747bbf5de19c7
53ab9cb44cd6309d25b82b1fcfcb0d7b7b1008cdca5fd202d5b57bd046248abe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/Dubai-tickets-black.svg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: image/svg+xml
content-length: 20256
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-4f20"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

use.typekit.net/af/e40556/00000000000000007735adbc/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n3&v=3

23.36.76.122

200 OK

72 kB

URL GET HTTP/2
use.typekit.net/af/e40556/00000000000000007735adbc/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n3&v=3
IP
23.36.76.122:443
ASN
#20940 Akamai International B.V.

Requested by
https://casamuralla.com/
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 71772, version 1.0\012- data
Size
72 kB (71772 bytes)
Hash
b4f5d7d0eae681d83a57c3c546989f52
e2f79b301cf189abf5386eaba63f81a789519d96
486db7dc3d7c1f112c3c9c2603b69a1897ed5b8f73ab25f843cc95f56f5b6c48

HTTP Headers

GET /af/e40556/00000000000000007735adbc/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casamuralla.com/
Origin: https://casamuralla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 71772
etag: "d427ab59be58674fcb3a4ea40279ac2ae1df466c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 28 Nov 2023 11:31:34 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/06aac1/00000000000000007735adbe/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i3&v=3

23.36.76.122

200 OK

68 kB

URL GET HTTP/2
use.typekit.net/af/06aac1/00000000000000007735adbe/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i3&v=3
IP
23.36.76.122:443
ASN
#20940 Akamai International B.V.

Requested by
https://casamuralla.com/
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 68216, version 1.0\012- data
Size
68 kB (68216 bytes)
Hash
e1b478014e90ccc1eff6c5015bc008c9
8443faa93f0c5db11e5c60c22a2dfaf955952595
b03c8fecee971b8eed2df1db8fc5d68d4f91a3a577387da3796038c08d0291e6

HTTP Headers

GET /af/06aac1/00000000000000007735adbe/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=i3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casamuralla.com/
Origin: https://casamuralla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 68216
etag: "9fec209a945aee463ba3119eb5a817c859f68ebc"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 28 Nov 2023 11:31:34 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/a7393c/00000000000000007735adc2/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3

23.36.76.122

200 OK

63 kB

URL GET HTTP/2
use.typekit.net/af/a7393c/00000000000000007735adc2/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3
IP
23.36.76.122:443
ASN
#20940 Akamai International B.V.

Requested by
https://casamuralla.com/
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 62864, version 1.0\012- data
Size
63 kB (62864 bytes)
Hash
c5557c55c1cba7ddd95fe57856c020d8
b0f8f0ccca3df7488b578182132d9710520c4a65
0c91e58e9a893c7fb5ba250a82abb62a950e2ede60cae67ba67b98e0a9cb50bb

HTTP Headers

GET /af/a7393c/00000000000000007735adc2/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casamuralla.com/
Origin: https://casamuralla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 62864
etag: "71dc5125f2038854dc9da29c31f05cf45926f3e6"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 28 Nov 2023 11:31:34 GMT
X-Firefox-Spdy: h2

use.typekit.net/af/7c9acc/00000000000000007735adc8/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n5&v=3

23.36.76.122

200 OK

71 kB

URL GET HTTP/2
use.typekit.net/af/7c9acc/00000000000000007735adc8/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n5&v=3
IP
23.36.76.122:443
ASN
#20940 Akamai International B.V.

Requested by
https://casamuralla.com/
Certificate
IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), CFF, length 71388, version 1.0\012- data
Size
71 kB (71388 bytes)
Hash
f0a0986a54a9cfc0e566d7ae240e8bc6
eab3a57ca27036f966fc2ebdd7e852edd6d1f851
480d7fe06bb60ee659e83650eb2719bb948cba6164de248eb908a73ad01c9e36

HTTP Headers

GET /af/7c9acc/00000000000000007735adc8/30/l?primer=f592e0a4b9356877842506ce344308576437e4f677d7c9b78ca2162e6cad991a&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casamuralla.com/
Origin: https://casamuralla.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 71388
etag: "690d98d158a1f52a534ebfc1f63bc9bf9f578cb0"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 28 Nov 2023 11:31:34 GMT
X-Firefox-Spdy: h2

cdn-imgix.headout.com/tour/6683/TOUR-IMAGE/8bdde775-1ed8-4a94-993f-7e0541ab4e40-4238-dubai-legoland-waterpark-02.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces

143.204.55.18

200 OK

77 kB

URL GET HTTP/2
cdn-imgix.headout.com/tour/6683/TOUR-IMAGE/8bdde775-1ed8-4a94-993f-7e0541ab4e40-4238-dubai-legoland-waterpark-02.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces
IP
143.204.55.18:443
ASN
#16509 AMAZON-02

Requested by
https://casamuralla.com/
Certificate
IssuerAmazon
Subject*.headout.com
Fingerprint63:C7:70:E7:A2:5C:48:39:61:8B:4A:74:B8:28:24:EF:19:A9:78:85
ValidityWed, 19 Jul 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT

File type
ISO Media, AVIF Image\012- data
Size
77 kB (77247 bytes)
Hash
b81dd26e7d283785ffaa06fc3a006a21
d67ff9d966a4ff75c35b8b791f7a227ccfb4ea36
ec55c03bcb38991f7f46eada8e265ec01d719a5a2bdac51ee3cfc30303449464

HTTP Headers

GET /tour/6683/TOUR-IMAGE/8bdde775-1ed8-4a94-993f-7e0541ab4e40-4238-dubai-legoland-waterpark-02.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces HTTP/1.1
Host: cdn-imgix.headout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/avif
content-length: 77247
last-modified: Sat, 04 Nov 2023 22:06:07 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: a9abdbae701e3986e6481f10e20faf2f2ba76f7e
x-imgix-render-farm: 01.140328
date: Tue, 28 Nov 2023 11:31:34 GMT
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10047-SJC, cache-fra-eddf8230054-FRA
vary: Accept
x-cache: Miss from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AJEFvJHs8p0_rJRffAWVjQWJp8kFhfmLWtTysv19j1af9ScRzY7PMA==
age: 2035526
X-Firefox-Spdy: h2

casamuralla.com/

45.15.156.191

200 OK

84 kB

URL User Request GET HTTP/2
casamuralla.com/
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
gzip compressed data, from Unix\012- data
Size
84 kB (84430 bytes)
Hash
6845b970c1d67fd2ffb7854be2ee6ddf
65fda01a856013e0d89df977e7d2492d47063ecc
4feb81cc40e9c7d973e67310ae543ba028786c72cbb5f9d3fe82d808e5501495

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-imgix.headout.com/tour/19364/TOUR-IMAGE/a0f87f7e-434d-4c3c-9584-f7ee351d5f64-10432-dubai-img-worlds-of-adventure---uae-resident-offer-01.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces

143.204.55.18

200 OK

86 kB

URL GET HTTP/2
cdn-imgix.headout.com/tour/19364/TOUR-IMAGE/a0f87f7e-434d-4c3c-9584-f7ee351d5f64-10432-dubai-img-worlds-of-adventure---uae-resident-offer-01.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces
IP
143.204.55.18:443
ASN
#16509 AMAZON-02

Requested by
https://casamuralla.com/
Certificate
IssuerAmazon
Subject*.headout.com
Fingerprint63:C7:70:E7:A2:5C:48:39:61:8B:4A:74:B8:28:24:EF:19:A9:78:85
ValidityWed, 19 Jul 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT

File type
ISO Media, AVIF Image\012- data
Size
86 kB (86221 bytes)
Hash
68946ee2e54c14ebdfb83e02f5111981
10d0b578a603cbd2ae6751a7c1f244dd61b64544
1779dcf9539d2fb96037aa17ee21fbd6677c6a2fab8ec1841a52ecc833480fa7

HTTP Headers

GET /tour/19364/TOUR-IMAGE/a0f87f7e-434d-4c3c-9584-f7ee351d5f64-10432-dubai-img-worlds-of-adventure---uae-resident-offer-01.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces HTTP/1.1
Host: cdn-imgix.headout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/avif
content-length: 86221
last-modified: Tue, 07 Nov 2023 16:24:05 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: d1fabc7337d1ecb51674588fa2a2326bb45bb260
x-imgix-render-farm: 01.140328
date: Tue, 28 Nov 2023 11:31:34 GMT
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10053-SJC, cache-fra-etou8220059-FRA
vary: Accept
x-cache: Miss from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 06Lgnb59a4dYdLC5mrKN811m6v21Bd_ynNh5astutI3BuHJ8EcDeiA==
age: 1796849
X-Firefox-Spdy: h2

casamuralla.com/assets/img/dubai-topgolf.jpg

45.15.156.191

200 OK

59 kB

URL GET HTTP/2
casamuralla.com/assets/img/dubai-topgolf.jpg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 577x360, components 3\012- data
Size
59 kB (58826 bytes)
Hash
3e57cbf541b346f026cf48524b80a99f
b20b9ebb8227a374e3065635184ea935d8290480
5efbefcb772b847e4ca774fab523b5aa7bdbc5f8dac2730a59e77830efef4816

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/dubai-topgolf.jpg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: image/jpeg
content-length: 58826
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-e5ca"
expires: Thu, 28 Dec 2023 11:31:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/img/dubai-frame.jpg

45.15.156.191

200 OK

53 kB

URL GET HTTP/2
casamuralla.com/assets/img/dubai-frame.jpg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 358x356, components 3\012- data
Size
53 kB (53316 bytes)
Hash
4490acdeddf0e0016507fe59cf424534
ba3aa63bfcc5ecd7cfbc3cba844048914898046b
c00b98fc33e33f3bf2cbb966cc26761c6cd4f81272c9bf19e6705036ec2552dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/dubai-frame.jpg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: image/jpeg
content-length: 53316
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-d044"
expires: Thu, 28 Dec 2023 11:31:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/img/Visit-Ain-Dubai-Bluewaters-Island.jpg

45.15.156.191

200 OK

74 kB

URL GET HTTP/2
casamuralla.com/assets/img/Visit-Ain-Dubai-Bluewaters-Island.jpg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 576x360, components 3\012- data
Size
74 kB (74315 bytes)
Hash
1eb39fb54ed8831d0662b1ccb35da01c
918d48d4e92b433901c63b1803fa675a2c2b1af8
ab26297c9ab26ff50c9ce4ed59ef4c6a9cc9fd9816c519e5c032668bc8853e97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/Visit-Ain-Dubai-Bluewaters-Island.jpg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: image/jpeg
content-length: 74315
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-1224b"
expires: Thu, 28 Dec 2023 11:31:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/img/dubai-the-palm-tower.jpg

45.15.156.191

200 OK

86 kB

URL GET HTTP/2
casamuralla.com/assets/img/dubai-the-palm-tower.jpg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 577x360, components 3\012- data
Size
86 kB (85450 bytes)
Hash
825353fe9c29799cfe35225359cb2b6b
3889fc9816208e29b9e16370ed8faa5b6a1603f3
2eec6fc9c7d5b4a0b7af02a121165c946bf0f9ffc53516fc235b0e0fce9c2c36

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/dubai-the-palm-tower.jpg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: image/jpeg
content-length: 85450
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-14dca"
expires: Thu, 28 Dec 2023 11:31:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/img/dubai-infinity-des-lumi-res-by-infinityart.jpg

45.15.156.191

200 OK

93 kB

URL GET HTTP/2
casamuralla.com/assets/img/dubai-infinity-des-lumi-res-by-infinityart.jpg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 577x360, components 3\012- data
Size
93 kB (93308 bytes)
Hash
c4bf231e75bd95b5ed6b42c9ed9da606
a8be8ffeeee9153db1220a017bdacaccc6f17e5d
67d900dd60f9cd78f6eedd1d8373d4a03bf8c5b9c0d899e9673799b93ebdea10

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/dubai-infinity-des-lumi-res-by-infinityart.jpg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: image/jpeg
content-length: 93308
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-16c7c"
expires: Thu, 28 Dec 2023 11:31:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/img/The+Arch.jpg

45.15.156.191

200 OK

70 kB

URL GET HTTP/2
casamuralla.com/assets/img/The+Arch.jpg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Size
70 kB (70097 bytes)
Hash
7373fd8c823f12bbe9746b96c4b03d9f
aae649be804a69d78b5cb63cb38d6ec2fe89d849
01aa89e4338a1bb9d60e91806557693e248366447345961d05223f59cd92b908

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/The+Arch.jpg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: image/jpeg
content-length: 70097
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-111d1"
expires: Thu, 28 Dec 2023 11:31:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/img/dubai-xline.jpg

45.15.156.191

200 OK

76 kB

URL GET HTTP/2
casamuralla.com/assets/img/dubai-xline.jpg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 577x360, components 3\012- data
Size
76 kB (75992 bytes)
Hash
968adc9a3b11b60dde715aea9dd01bff
cd82991f31ac9544171469717ee09d9e1b2d095c
3cbc3949ed8ac5d7af396da306e1b850a245431fbb420492807ed0a552613fc4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/dubai-xline.jpg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: image/jpeg
content-length: 75992
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-128d8"
expires: Thu, 28 Dec 2023 11:31:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/img/desert+safari.jpg

45.15.156.191

200 OK

108 kB

URL GET HTTP/2
casamuralla.com/assets/img/desert+safari.jpg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 814x458, components 3\012- data
Size
108 kB (107874 bytes)
Hash
f8860e8e05a2df4c28e82d305059a0d8
b33588b262ab7afa8bd3a9e15a2599571d34e963
4d9253f0cd65549f3a45d067daa2f6461a5fd00930dedf4bbbe056e020d1b62f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/desert+safari.jpg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: image/jpeg
content-length: 107874
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-1a562"
expires: Thu, 28 Dec 2023 11:31:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/img/diving-dubai.jpg

45.15.156.191

200 OK

200 kB

URL GET HTTP/2
casamuralla.com/assets/img/diving-dubai.jpg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1200x750, components 3\012- data
Size
200 kB (200195 bytes)
Hash
558901714f4a0f31d1793a6d1a31baf9
d34638583a1bb893fe627539cf5ee7d197b0fa99
fe491f02816a5f343bb33d084ace59e64a9e574464073c0220c71ba232f2ff13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/diving-dubai.jpg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: image/jpeg
content-length: 200195
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-30e03"
expires: Thu, 28 Dec 2023 11:31:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/img/Dubai+Miracle+Garden.jpg

45.15.156.191

200 OK

162 kB

URL GET HTTP/2
casamuralla.com/assets/img/Dubai+Miracle+Garden.jpg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 572x354, components 3\012- data
Size
162 kB (161800 bytes)
Hash
b66b1caf0f79d29805f03793ceadf7fb
0e15d308b88befb114bb6726090991f9e673659c
b322422dff22cddd8b2062161c80d7fd32ca212fa4483aecf99b357012c4c1c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/Dubai+Miracle+Garden.jpg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: image/jpeg
content-length: 161800
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-27808"
expires: Thu, 28 Dec 2023 11:31:34 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn-imgix.headout.com/microbrands-content-image/image/ce2192861f33bab2076623406623c5cf-%20Aquopolis%20Costa%20Droda.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces

143.204.55.18

200 OK

28 kB

URL GET HTTP/2
cdn-imgix.headout.com/microbrands-content-image/image/ce2192861f33bab2076623406623c5cf-%20Aquopolis%20Costa%20Droda.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces
IP
143.204.55.18:443
ASN
#16509 AMAZON-02

Requested by
https://casamuralla.com/
Certificate
IssuerAmazon
Subject*.headout.com
Fingerprint63:C7:70:E7:A2:5C:48:39:61:8B:4A:74:B8:28:24:EF:19:A9:78:85
ValidityWed, 19 Jul 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT

File type
ISO Media, AVIF Image\012- data
Size
28 kB (27760 bytes)
Hash
ab3f9468e695ab5a83387603a6a0fe11
49569210825192f46cda9b14343faf5ddb3fe0a1
3706e95faa8878c13f3d85393dad3a039902686e7c2e649f18bb6780b5f39fdb

HTTP Headers

GET /microbrands-content-image/image/ce2192861f33bab2076623406623c5cf-%20Aquopolis%20Costa%20Droda.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces HTTP/1.1
Host: cdn-imgix.headout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/avif
content-length: 27760
last-modified: Mon, 13 Nov 2023 03:01:22 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: f9b1cf8c86072bfe653d52ae33ce1cc24b66c6b5
x-imgix-render-farm: 01.140328
date: Tue, 28 Nov 2023 11:31:34 GMT
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc1000097-SJC, cache-fra-eddf8230134-FRA
vary: Accept
x-cache: Miss from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: p7Q70xS1PgZjN8HwGt_13KtuUcBdcEYOrjthhOXgyVJ1u7jBS-6OOQ==
age: 1326612
X-Firefox-Spdy: h2

cdn-imgix.headout.com/tour/6680/TOUR-IMAGE/9ca450d1-a7ba-4363-b8d5-651fd7b08c08-4235-dubai-legoland-dubai-03.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces

143.204.55.18

200 OK

84 kB

URL GET HTTP/2
cdn-imgix.headout.com/tour/6680/TOUR-IMAGE/9ca450d1-a7ba-4363-b8d5-651fd7b08c08-4235-dubai-legoland-dubai-03.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces
IP
143.204.55.18:443
ASN
#16509 AMAZON-02

Requested by
https://casamuralla.com/
Certificate
IssuerAmazon
Subject*.headout.com
Fingerprint63:C7:70:E7:A2:5C:48:39:61:8B:4A:74:B8:28:24:EF:19:A9:78:85
ValidityWed, 19 Jul 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT

File type
ISO Media, AVIF Image\012- data
Size
84 kB (83979 bytes)
Hash
036bedff489fef5736b338b2ab407f66
6dfef32a7b3d9bd4d5b8eb105c50f652b1122488
d05fcd1ec2ac5ab9e0937b44cdbe6d227cae4421e98a5033249239f34997e7f7

HTTP Headers

GET /tour/6680/TOUR-IMAGE/9ca450d1-a7ba-4363-b8d5-651fd7b08c08-4235-dubai-legoland-dubai-03.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces HTTP/1.1
Host: cdn-imgix.headout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/avif
content-length: 83979
last-modified: Tue, 07 Nov 2023 15:42:38 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 1fc3bc36dc022e499a7a3ed0a6a335581a5415a6
x-imgix-render-farm: 01.140328
date: Tue, 28 Nov 2023 11:31:34 GMT
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc1000095-SJC, cache-fra-eddf8230072-FRA
vary: Accept
x-cache: Miss from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9Ynb6nRhxjAOA4z_8kICBxaiGLgYQH6IHbfYOsmPcI7t9_AZ1PBXiQ==
age: 1799337
X-Firefox-Spdy: h2

casamuralla.com/assets/img/banner.webp

45.15.156.191

200 OK

134 kB

URL GET HTTP/2
casamuralla.com/assets/img/banner.webp
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
134 kB (134278 bytes)
Hash
da223acf7de804898236d9b6e7a56e11
035eb76ff1ac3c1f95d8f756fc190c9251c1c77a
41b5c7d7540d9f39b1d5941ced5c4d1ce0488865bf2e125d789a95b95ba53359

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/banner.webp HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/assets/css/main.css
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:35 GMT
content-type: image/webp
content-length: 134278
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-20c86"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/video/header.mp4

45.15.156.191

206 Partial Content

119 kB

URL GET HTTP/2
casamuralla.com/assets/video/header.mp4
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
119 kB (118936 bytes)
Hash
775b980638552eb698dbf534b0c3fd99
c419fff4deebbfd048dc1d02d6bbe58bd04e6273
5fe9a9172bdef490671580e9d6c5d806d9da9b22403e52bfaad37baf57ac79f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/video/header.mp4 HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
server: nginx
date: Tue, 28 Nov 2023 11:31:35 GMT
content-type: video/mp4
content-length: 118936
last-modified: Fri, 10 Nov 2023 13:25:25 GMT
etag: "654e2f45-1d098"
strict-transport-security: max-age=31536000
content-range: bytes 0-118935/118936
X-Firefox-Spdy: h2

casamuralla.com/assets/img/world-dubai-trick-art--selfie--museum-03.jpg

45.15.156.191

200 OK

90 kB

URL GET HTTP/2
casamuralla.com/assets/img/world-dubai-trick-art--selfie--museum-03.jpg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 577x360, components 3\012- data
Size
90 kB (89983 bytes)
Hash
df099339e5df44da84d01cae46392fdf
9cd59a33e937077eb3c62fead02ef5308ed161e9
bea4fbf247f7b1f23b3fb29cd8877a182689792dc9fde64383559d4d7e1e9474

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/world-dubai-trick-art--selfie--museum-03.jpg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:35 GMT
content-type: image/jpeg
content-length: 89983
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-15f7f"
expires: Thu, 28 Dec 2023 11:31:35 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/img/Dubai-tickets-favicon.svg

45.15.156.191

200 OK

4.5 kB

URL GET HTTP/2
casamuralla.com/assets/img/Dubai-tickets-favicon.svg
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (423)
Size
4.5 kB (4497 bytes)
Hash
7c82158f0a343f407ee136f3168f0adf
3a460484547eed2aba1e701f82a93767b1da568e
a7787dc8ce23e2c29306cf2a0f8099e9ce96b5595f75e0a2179070ebe5882f57

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/img/Dubai-tickets-favicon.svg HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:35 GMT
content-type: image/svg+xml
content-length: 4497
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
etag: "654e2f44-1191"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

casamuralla.com/assets/js/script.js

45.15.156.191

200 OK

5.6 kB

URL GET HTTP/2
casamuralla.com/assets/js/script.js
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
ASCII text, with very long lines (5853), with no line terminators
Size
5.6 kB (5575 bytes)
Hash
0831519a26429cac5ea13aa36032f3bf
310fd3fa45ed8f95220e45e9e2ec2a5d73fbaf2a
b8bafd61a5fc3ec66a2c39e699b1ca775bc0f0bb741ca6c2dc2df95c302945e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/script.js HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: application/javascript
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
vary: Accept-Encoding
etag: W/"654e2f44-15c7"
expires: Tue, 28 Nov 2023 23:31:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

cdn-imgix.headout.com/media/images/c665c2ad978c420c1e98c16b7d2d25a3-Museum%20of%20the%20Future.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces

143.204.55.18

200 OK

70 kB

URL GET HTTP/2
cdn-imgix.headout.com/media/images/c665c2ad978c420c1e98c16b7d2d25a3-Museum%20of%20the%20Future.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces
IP
143.204.55.18:443
ASN
#16509 AMAZON-02

Requested by
https://casamuralla.com/
Certificate
IssuerAmazon
Subject*.headout.com
Fingerprint63:C7:70:E7:A2:5C:48:39:61:8B:4A:74:B8:28:24:EF:19:A9:78:85
ValidityWed, 19 Jul 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT

File type
ISO Media, AVIF Image\012- data
Size
70 kB (69907 bytes)
Hash
e761f864103bfc10e071b0a85f21cdeb
9fed9f86c80daf5780080bb3808c87cf191a51b6
90c5511462e05f53b46607881083a7bc2e0f54c8b3beacb4eb120e4dcf694b39

HTTP Headers

GET /media/images/c665c2ad978c420c1e98c16b7d2d25a3-Museum%20of%20the%20Future.jpg?auto=format&w=720&h=360&q=90&ar=16%3A10&crop=faces HTTP/1.1
Host: cdn-imgix.headout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/avif
content-length: 69907
last-modified: Wed, 08 Nov 2023 12:21:48 GMT
cache-control: public, max-age=31536000
server: imgix
x-imgix-id: 630993f034c674820eddf419c3a01f2834bcf4ec
x-imgix-render-farm: 01.140328
date: Tue, 28 Nov 2023 11:31:34 GMT
accept-ranges: bytes
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10036-SJC, cache-fra-etou8220066-FRA
vary: Accept
x-cache: Miss from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5ESkde0f3I7HBykGN4HsAZQ9TYYLUAwgat6VO2HUpyraqwIxy7C-vA==
age: 1724986
X-Firefox-Spdy: h2

casamuralla.com/assets/css/main.css

45.15.156.191

200 OK

89 kB

URL GET HTTP/2
casamuralla.com/assets/css/main.css
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type

Size
89 kB (89158 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/css/main.css HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: text/css
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
vary: Accept-Encoding
etag: W/"654e2f44-15c46"
expires: Tue, 28 Nov 2023 23:31:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

casamuralla.com/assets/js/jquery.js

45.15.156.191

200 OK

90 kB

URL GET HTTP/2
casamuralla.com/assets/js/jquery.js
IP
45.15.156.191:443
ASN
#39493 CJSC Kolomna-Sviaz TV

Requested by
https://casamuralla.com/
Certificate
IssuerLet's Encrypt
Subjectwww.casamuralla.com
Fingerprint3A:1B:47:FF:45:D7:7C:69:98:B6:EF:8D:CF:AB:82:1B:DB:25:F5:A4
ValiditySat, 11 Nov 2023 09:32:13 GMT - Fri, 09 Feb 2024 09:32:12 GMT

File type
ASCII text, with very long lines (65447)
Size
90 kB (89947 bytes)
Hash
cf2fbbf84281d9ecbffb4993203d543b
832a6a4e86daf38b1975d705c5de5d9e5f5844bc
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/js/jquery.js HTTP/1.1
Host: casamuralla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casamuralla.com/
Cookie: PHPSESSID=KO1rPPqHnOFkb%2CkpboJhQDRDyJfOUS5V
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 28 Nov 2023 11:31:34 GMT
content-type: application/javascript
last-modified: Fri, 10 Nov 2023 13:25:24 GMT
vary: Accept-Encoding
etag: W/"654e2f44-15f5b"
expires: Tue, 28 Nov 2023 23:31:34 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (29)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type