Report - sgmediamanagement.com/

Report Overview

Submitted URL
sgmediamanagement.com/
IP
141.8.192.126
ASN
#35278 Sprinthost.ru LLC
Submitted
2024-05-09 19:55:04
Access
public
Website Title
sgmediamanagement.com/
Final URL
sgmediamanagement.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ru.rakko.tools	unknown	2019-02-13	2023-02-15	2023-02-15	931 B	25 kB	52.196.58.180
sgmediamanagement.com	unknown	unknown	No data	No data	925 B	1.2 kB	141.8.192.126

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	sgmediamanagement.com	Sinkholed
2024-05-09	medium	sgmediamanagement.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

sgmediamanagement.com/

141.8.192.126

200 OK

572 B

URL User Request GET HTTP/2
sgmediamanagement.com/
IP
141.8.192.126:443
ASN
#35278 Sprinthost.ru LLC

Certificate
IssuerLet's Encrypt
Subjectsgmediamanagement.com
Fingerprint2D:78:8F:3F:2E:A6:31:DD:FF:D0:14:B6:35:DA:E1:C2:62:40:91:B2
ValidityMon, 29 Apr 2024 13:35:40 GMT - Sun, 28 Jul 2024 13:35:39 GMT

File type
HTML document, ASCII text, with very long lines (572), with no line terminators
Size
572 B (572 bytes)
Hash
878c74e2fb7c8df5bb4cc3277d13c110
faaa7be22713227bc5f4d7367c1a0de916b868cf
f995b4281ebf4c8bd0412be9a83265cfdceb28bd670d395f75f0f98d25f60db0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: sgmediamanagement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Thu, 09 May 2024 19:54:35 GMT
content-type: text/html; charset=UTF-8
content-length: 572
X-Firefox-Spdy: h2

sgmediamanagement.com/favicon.ico

141.8.192.126

404 Not Found

286 B

URL GET HTTP/2
sgmediamanagement.com/favicon.ico
IP
141.8.192.126:443
ASN
#35278 Sprinthost.ru LLC

Requested by
https://sgmediamanagement.com/
Certificate
IssuerLet's Encrypt
Subjectsgmediamanagement.com
Fingerprint2D:78:8F:3F:2E:A6:31:DD:FF:D0:14:B6:35:DA:E1:C2:62:40:91:B2
ValidityMon, 29 Apr 2024 13:35:40 GMT - Sun, 28 Jul 2024 13:35:39 GMT

File type
HTML document, ASCII text
Size
286 B (286 bytes)
Hash
25c8587955567f7c358f08422ae415d0
154f284a719d5064d2a861c053f93f034f336403
12c69cc6c499a502dbf8cf8e0c942cacba4ef4949a387c70e779d886886eab4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: sgmediamanagement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sgmediamanagement.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: openresty
date: Thu, 09 May 2024 19:54:35 GMT
content-type: text/html; charset=iso-8859-1
content-length: 286
X-Firefox-Spdy: h2

ru.rakko.tools/tools/129/lib/tinymce/skins/content/default/content.min.css

52.196.58.180

200 OK

6.9 kB

URL GET HTTP/2
ru.rakko.tools/tools/129/lib/tinymce/skins/content/default/content.min.css
IP
52.196.58.180:443
ASN
#16509 AMAZON-02

Requested by
https://sgmediamanagement.com/
Certificate
IssuerLet's Encrypt
Subject*.rakko.tools
Fingerprint2C:9D:98:15:D1:F9:F6:02:C5:55:B3:4B:DF:6F:D8:FD:64:EF:FD:0C
ValidityTue, 30 Apr 2024 14:04:00 GMT - Mon, 29 Jul 2024 14:03:59 GMT

File type
gzip compressed data, from Unix
Size
6.9 kB (6894 bytes)
Hash
e13697d61d2d4794086357e6997984a0
0cb4388edbc2db74b6f290c7dc5bcee1ad59faa4
591a8c518a4c7370d173eff7b187b694980f2ad69ea903142c898b78f16ebbe3

HTTP Headers

GET /tools/129/lib/tinymce/skins/content/default/content.min.css HTTP/1.1
Host: ru.rakko.tools
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sgmediamanagement.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.1
date: Thu, 09 May 2024 19:54:36 GMT
content-type: text/css
last-modified: Thu, 27 Feb 2020 00:31:36 GMT
etag: W/"5e570de8-3c4"
content-encoding: gzip
X-Firefox-Spdy: h2

ru.rakko.tools/tools/129/lib/tinymce/skins/ui/oxide/content.min.css

52.196.58.180

200 OK

18 kB

URL GET HTTP/2
ru.rakko.tools/tools/129/lib/tinymce/skins/ui/oxide/content.min.css
IP
52.196.58.180:443
ASN
#16509 AMAZON-02

Requested by
https://sgmediamanagement.com/
Certificate
IssuerLet's Encrypt
Subject*.rakko.tools
Fingerprint2C:9D:98:15:D1:F9:F6:02:C5:55:B3:4B:DF:6F:D8:FD:64:EF:FD:0C
ValidityTue, 30 Apr 2024 14:04:00 GMT - Mon, 29 Jul 2024 14:03:59 GMT

File type
ASCII text, with very long lines (17632), with CRLF line terminators
Size
18 kB (17890 bytes)
Hash
110b5716d929cbf3d5ca103c3bfc691e
2b1dcc9d4387cafc03789605425215c156b889b2
dd4e0fde98faccd1bb41a320ffc1cccc6446807af97062a9285a2e4fb1623f21

HTTP Headers

GET /tools/129/lib/tinymce/skins/ui/oxide/content.min.css HTTP/1.1
Host: ru.rakko.tools
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sgmediamanagement.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.1
date: Thu, 09 May 2024 19:54:36 GMT
content-type: text/css
last-modified: Thu, 27 Feb 2020 00:31:36 GMT
etag: W/"5e570de8-45e2"
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers