Report - links.crossfitchallenge.net/a/1671/edit_profile/1853/1286378/dc3cc3206d85b9c197d1475fac65305493a6764c

Report Overview

Visited public
2023-12-01 20:47:52
Tags
Submit Tags
URL
links.crossfitchallenge.net/a/1671/edit_profile/1853/1286378/dc3cc3206d85b9c197d1475fac65305493a6764c
Finishing URL
links.crossfitchallenge.net/a/1671/edit_profile/1853/1286378/dc3cc3206d85b9c197d1475fac65305493a6764c
IP / ASN
35.238.129.105
#15169 GOOGLE
Title
Maropost - Manage Preferences

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
links.crossfitchallenge.net	unknown	2022-12-12	2023-04-27 19:51:23	2023-11-08 05:48:03	1.8 kB	4.3 kB	35.238.129.105
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-01 08:02:13	449 B	1.6 kB	142.250.74.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-01	medium	crossfitchallenge.net	Sinkholed
2023-12-01	medium	crossfitchallenge.net	Sinkholed
2023-12-01	medium	crossfitchallenge.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (4)

URL IP Response Size

GET links.crossfitchallenge.net/a/1671/edit_profile/1853/1286378/dc3cc3206d85b9c197d1475fac65305493a6764c

35.238.129.105

200 OK

1.1 kB

URL User Request GET HTTP/1.1
links.crossfitchallenge.net/a/1671/edit_profile/1853/1286378/dc3cc3206d85b9c197d1475fac65305493a6764c
IP
35.238.129.105:443
ASN
#15169 GOOGLE

Certificate
IssuerLet's Encrypt
Subjectlinks.crossfitchallenge.net
FingerprintDD:7F:0E:0B:E6:E6:16:E3:D5:33:7D:BA:E2:E7:69:F6:DE:ED:CD:E4
ValidityFri, 27 Oct 2023 08:20:22 GMT - Thu, 25 Jan 2024 08:20:21 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (426)
Size
1.1 kB (1072 bytes)
Hash
3561aed6e66f5a9616a74161e6cf5015
c1fd7bfc47ca1b802ae811160c50c4c23496f5d1
b116ac8a1857ce730b53ebd95f89591f8b5fea2a788f798272ced180e5f7ca95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /a/1671/edit_profile/1853/1286378/dc3cc3206d85b9c197d1475fac65305493a6764c HTTP/1.1
Host: links.crossfitchallenge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
transfer-encoding: chunked
status: 200 OK
cache-control: max-age=0, private, must-revalidate
vary: Accept-Encoding, Origin
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 26f97663-2ed6-4b6b-96e3-3730c92c60cf
x-download-options: noopen
etag: W/"b116ac8a1857ce730b53ebd95f89591f"
x-runtime: 0.036310
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 20:47:35 GMT
set-cookie: _session_id=4fd59634c4e2405327860d664b051bb1; path=/; expires=Sat, 02 Dec 2023 08:47:35 GMT; HttpOnly
x-powered-by: Phusion Passenger 5.3.7
server: nginx/1.22.1 + Phusion Passenger(R) 6.0.18
content-encoding: gzip

GET links.crossfitchallenge.net/assets/unsubscribe-6a4e942850f19891e7424f85bb0329a17b4022d03ddb8907945119670e58e461.css

35.238.129.105

200 OK

806 B

URL GET HTTP/1.1
links.crossfitchallenge.net/assets/unsubscribe-6a4e942850f19891e7424f85bb0329a17b4022d03ddb8907945119670e58e461.css
IP
35.238.129.105:443
ASN
#15169 GOOGLE

Requested by
https://links.crossfitchallenge.net/a/1671/edit_profile/1853/1286378/dc3cc3206d85b9c197d1475fac65305493a6764c
Certificate
IssuerLet's Encrypt
Subjectlinks.crossfitchallenge.net
FingerprintDD:7F:0E:0B:E6:E6:16:E3:D5:33:7D:BA:E2:E7:69:F6:DE:ED:CD:E4
ValidityFri, 27 Oct 2023 08:20:22 GMT - Thu, 25 Jan 2024 08:20:21 GMT

File type
ASCII text
Size
806 B (806 bytes)
Hash
16c7f086f9b4eca9b31c1e310cd39e15
d4eafc578b719d751a34fa80f888319a3d4d22e4
6a4e942850f19891e7424f85bb0329a17b4022d03ddb8907945119670e58e461

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/unsubscribe-6a4e942850f19891e7424f85bb0329a17b4022d03ddb8907945119670e58e461.css HTTP/1.1
Host: links.crossfitchallenge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://links.crossfitchallenge.net/a/1671/edit_profile/1853/1286378/dc3cc3206d85b9c197d1475fac65305493a6764c
DNT: 1
Connection: keep-alive
Cookie: _session_id=4fd59634c4e2405327860d664b051bb1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx/1.22.1
date: Fri, 01 Dec 2023 20:47:36 GMT
content-type: text/css
last-modified: Sat, 26 Aug 2023 17:13:42 GMT
transfer-encoding: chunked
vary: Accept-Encoding
expires: Sat, 30 Nov 2024 20:47:36 GMT
cache-control: max-age=31536000, public
content-encoding: gzip

GET fonts.googleapis.com/css?family=Telex

142.250.74.138

200 OK

815 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Telex
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://links.crossfitchallenge.net/a/1671/edit_profile/1853/1286378/dc3cc3206d85b9c197d1475fac65305493a6764c
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
815 B (815 bytes)
Hash
a25d0a18fafb0cb71590d4d6d7fc5ae8
98411769b0d455fbd94a8ac30999ad10008931d4
4ce4e14e55feb9c703a0238e943c26d5983c003184ecf7055d71ea916ecbcf53

HTTP Headers

GET /css?family=Telex HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://links.crossfitchallenge.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 01 Dec 2023 20:47:36 GMT
date: Fri, 01 Dec 2023 20:47:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET links.crossfitchallenge.net/favicon.ico

35.238.129.105

200 OK

1.2 kB

URL GET HTTP/1.1
links.crossfitchallenge.net/favicon.ico
IP
35.238.129.105:443
ASN
#15169 GOOGLE

Requested by
https://links.crossfitchallenge.net/a/1671/edit_profile/1853/1286378/dc3cc3206d85b9c197d1475fac65305493a6764c
Certificate
IssuerLet's Encrypt
Subjectlinks.crossfitchallenge.net
FingerprintDD:7F:0E:0B:E6:E6:16:E3:D5:33:7D:BA:E2:E7:69:F6:DE:ED:CD:E4
ValidityFri, 27 Oct 2023 08:20:22 GMT - Thu, 25 Jan 2024 08:20:21 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
074290f8f4110325f3b2186bccb8df2f
f5d6ddae314f9b8fd8acdecca14317b5caeb722a
59b13fdf97e1a6e9ac3db3e30f64f0e49084719e6443f756b63716d44afa385c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: links.crossfitchallenge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://links.crossfitchallenge.net/a/1671/edit_profile/1853/1286378/dc3cc3206d85b9c197d1475fac65305493a6764c
DNT: 1
Connection: keep-alive
Cookie: _session_id=4fd59634c4e2405327860d664b051bb1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx/1.22.1
date: Fri, 01 Dec 2023 20:47:36 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Sat, 26 Aug 2023 17:19:08 GMT
etag: "64ea340c-47e"
accept-ranges: bytes

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (4)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers